Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure.
A statement released today by the German Federal Criminal Police Office says they served eight search warrants on March 30, and identified five individuals aged 16-24 suspected of operating “an internet service” since mid-2021. The German authorities did not name the suspects or the Internet service in question.
“Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called ‘DDoS attacks’, i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems,” the statement reads.
News of a raid on FlyHosting first surfaced Thursday in a Telegram chat channel that is frequented by people interested or involved in the DDoS-for-hire industry, where a user by the name Dstatcc broke the news to Fly Hosting customers:
“So Flyhosting made a ‘migration’ with it[s] systems to new rooms of the police ;),” the warning read. “Police says: They support ddos attacks, C&C/C2 and stresser a bit too much. We expect the police will take a deeper look into the files, payment logs and IP’s. If you had a server from them and they could find ‘bad things’ connected with you (payed with private paypal) you may ask a lawyer.”
The German authorities said that as a result of the DDoS attacks facilitated by the defendants, the websites of various companies as well as those of the Hesse police have been overloaded in several cases since mid-2021, “so that they could only be operated to a limited extent or no longer at times.”
The statement says police seized mobile phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.
KrebsOnSecurity has asked the German police for more information about the target of their raids. This post will be updated in the event they respond.
The apparent raids on FlyHosting come amid a broader law enforcement crackdown on DDoS-for-hire services internationally. The U.K.’s National Crime Agency announced last week that it’s been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.
In mid-December 2022, the U.S. Department of Justice (DOJ) announced “Operation Power Off,” which seized four-dozen DDoS-for-hire domains responsible for more than 30 million DDoS attacks, and charged six U.S. men with computer crimes related to their alleged ownership of popular DDoS-for-hire services.
More Stories
Moldovan Behind E-Root Marketplace Gets US Federal Prison Term
Sandu Boris Diaconu was involved in conspiracy to commit access device and computer fraud Read More
FCC Agrees to Cyber Trust Mark for IoT Products
The voluntary FCC program will allow smart device manufacturers to demonstrate to consumers that their product has met robust cybersecurity...
Over 50,000 Vulnerabilities Discovered in DoD Systems Through Bug Bounty Program
Seven years into its ethical hacking program, the Pentagon received its 50,000th vulnerability report on March 15 Read More
Three New Critical Vulnerabilities Uncovered in Argo
The flaws, identified by KTrust, enable attackers to bypass rate limits and brute force protection mechanisms Read More
Fujitsu hack raises questions, after firm confirms customer data breach
Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its...
Microsoft: 87% of UK Organizations Vulnerable to Costly Cyber-Attacks
A Microsoft report found that 87% of UK organizations are either vulnerable or at high-risk of cyber-attacks, and urged investment...