"FBI Asks Businesses to Report DDoS Attacks"

I'm not usually one to throw conspiracies around, but just read through this and think it is really suspicious that this has been announced by the FBI, with the ongoing attacks on the marketplaces.

In theory, if a Law Enforcement agency is behind the attacks (highly likely) and a hosting provider were to report any outages to their servers (this would depend on the host), due to high traffic, potential DDOS attack... then wouldn't this then allow them to find markets? Of course they'd need to be US based which is unlikely and I don't know the technicalities with incoming Tor traffic in terms of what the host would be able to actually identify, but could anything even similar to this be a potential tactic they are pursuing? Or am I just grasping at straws here?

edit: wow I'm not very active anymore, but happened to login on my cake day

https://www.deepdotweb.com/2017/11/05/fbi-asks-businesses-report-ddos-attacks/

Article text below

In an October public service announcement, the FBI explained "DDoS-for-hire" services and requested that victims of DDoS attacks file a complaint with the FBI's Internet Crime Complaint Center (IC3). They explained that malicious actors sell DDoS-for-hire services (aka booters) on criminal marketplaces with effectively one goal: preventing access to a "U.S. company or government website."

In an earlier press release, the FBI warned that hackers could hijack Internet of Things (IoT) devices and use them for launching attacks against third parties. The FBI used the Mirai botnet as an example of the damage caused by IoT takeovers. While the IoT announcement covered other botnet related activities, it focused mainly on DDoS attacks. And also to give a shout-out to the Mirai botnet for launching DDoS attacks from unsecured IoT devices (or just IoT devices in general - their security is truly abhorrent).

The FBI's DDoS warning also listed the Mirai botnet as the source of one of the largest DDoS attacks in history. Namely the 1Tbps attack against DynDNS that rendered sites like Twitter, PayPal, and Spotify inaccessible to the public. One of the most capable operators of the Mirai botnet used the name BestBuy, among others. Some know him for hacking Deutsche Telekom. Germany and the UK are currently playing a game of "pass the suspect" with each other, charging BestBuy with various cyber crimes he had allegedly committed.

In addition to warning the public if DDoS attacks in general, the FBI also explained the threat behind booters or stressers. (The threat is effectively the same.) Thanks to the availability of these DDoS-for-hire services on the darknet, the FBI wrote, criminals find them far more convenient than creating their own botnet.

IC3's press release contained a warning that creating a botnet or using their own infrastructure for the purpose of attacking a service or network "may result in criminal charges." They added that the same stands for the use of booters or stressers established by someone else. Both are punishable under the Computer Fraud and Abuse Act and could result in prison time

"The FBI requests DDoS victims contact their local FBI field office and/or file a complaint with the Internet Crime Complaint Center (IC3), regardless of dollar loss or timing of incident." The FBI also wanted as much information about the attack that a target or victim could offer. Including, but not limited to, IP addresses associated with the attack, traffic protocol used, and damages caused downtime.

Illegal darknet marketplace operators are unlikely to receive compensation for downtime caused by the DDoS attacks that brought down effectively every relevant market.


Comments


[17 Points] wombat2combat:

I do not think the motive behind that is to gather intelligence about dnms but rather fighting the ddos kids running stressers and disrupting a bunch of websites and the feds being able to boost their cybercrimez numberz to get more funding [e.g. counting every small attack and then whining for more funding because the situation is so bad]. that it also helps with dnms will probably be a side-effect at most [if it even does help].

by the way: happy cake day.


[3 Points] LibertyPattern:

then wouldn't this then allow them to find markets?

I think this is the reason.


[3 Points] Wellconnectedpimp:

I doubt the feds are behind the attacks. They want to bust people. Whoever is behind the attacks probably just wants coins.


[2 Points] throwdisawayfoo:

This is not related. They're seemingly looking for volumetric type of DDOSes and that type of DDOS attack is not generally used against tor.


[1 Points] Shameless42088:

Good theory. Sounds like you could be on to something..


[1 Points] None:

[deleted]


[1 Points] 4-MAR:

I think they're talking about Russian and Eastern Europeans offering DDOS services on carding and hacking forums. They are the only places I've seen botnet services for sale aside from darknet markets. The offers are cheaper and better on the carding and hacking forums though.