Authorities in Germany this week seized Internet servers that powered FlyHosting, a darkish internet providing that catered to cybercriminals working DDoS-for-hire providers, KrebsOnSecurity has realized. FlyHosting first marketed on cybercrime boards in November 2022, saying it was a Germany-based internet hosting agency that was open for enterprise to anybody searching for a dependable place to host malware, botnet controllers, or DDoS-for-hire infrastructure.
A seizure discover left on the FlyHosting domains.
A assertion launched immediately by the German Federal Criminal Police Office says they served eight search warrants on March 30, and recognized 5 people aged 16-24 suspected of working “an internet service” since mid-2021. The German authorities didn’t identify the suspects or the Internet service in query.
“Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called ‘DDoS attacks’, i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems,” the assertion reads.
News of a raid on FlyHosting first surfaced Thursday in a Telegram chat channel that’s frequented by individuals or concerned within the DDoS-for-hire trade, the place a consumer by the identify Dstatcc broke the information to Fly Hosting clients:
“So Flyhosting made a ‘migration’ with it[s] systems to new rooms of the police ;),” the warning learn. “Police says: They support ddos attacks, C&C/C2 and stresser a bit too much. We expect the police will take a deeper look into the files, payment logs and IP’s. If you had a server from them and they could find ‘bad things’ connected with you (payed with private paypal) you may ask a lawyer.”
An advert for FlyHosting posted by the the consumer “bnt” on the now-defunct cybercrime discussion board BreachForums. Image: Ke-la.com.
The German authorities mentioned that because of the DDoS assaults facilitated by the defendants, the web sites of varied firms in addition to these of the Hesse police have been overloaded in a number of instances since mid-2021, “so that they could only be operated to a limited extent or no longer at times.”
The assertion says police seized cell phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.
KrebsOnSecurity has requested the German police for extra details about the goal of their raids. This put up can be up to date within the occasion they reply.
The obvious raids on FlyHosting come amid a broader regulation enforcement crackdown on DDoS-for-hire providers internationally. The U.Ok.’s National Crime Agency introduced final week that it’s been busy organising phony DDoS-for-hire web sites that search to gather data on customers, remind them that launching DDoS assaults is prohibited, and usually enhance the extent of paranoia for individuals trying to rent such providers.
In mid-December 2022, the U.S. Department of Justice (DOJ) introduced “Operation Power Off,” which seized four-dozen DDoS-for-hire domains answerable for greater than 30 million DDoS assaults, and charged six U.S. males with laptop crimes associated to their alleged possession of in style DDoS-for-hire providers.