German Police Raid DDoS-Friendly Host 'FlyHosting' (krebsonsecurity.com) 5
An anonymous reader quotes a report from KrebsOnSecurity: Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure. A statement released today by the German Federal Criminal Police Office says they served eight search warrants on March 30, and identified five individuals aged 16-24 suspected of operating "an internet service" since mid-2021. The German authorities did not name the suspects or the Internet service in question.
"Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called 'DDoS attacks', i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems," the statement reads. The German authorities said that as a result of the DDoS attacks facilitated by the defendants, the websites of various companies as well as those of the Hesse police have been overloaded in several cases since mid-2021, "so that they could only be operated to a limited extent or no longer at times." The statement says police seized mobile phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.
"Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called 'DDoS attacks', i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems," the statement reads. The German authorities said that as a result of the DDoS attacks facilitated by the defendants, the websites of various companies as well as those of the Hesse police have been overloaded in several cases since mid-2021, "so that they could only be operated to a limited extent or no longer at times." The statement says police seized mobile phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.
Correct link (Score:4, Informative)
20 years sounds about right (Score:2, Troll)
20 years for intentionally hosting malware, ddos attacks, and all the other negative value purely evil shit that destroys businesses, kills jobs, ruins services for normal people and costs billions every year feels about right.
Jfc, they advertised themselves as a place for criminals? Damn...... That's bold!
Filtering (Score:2)
Re: (Score:2)
Like a lot of other web sites, the one I run has a contact form so people can send us messages. I use a well-known but incredibly effective simple honeypot for the bots, and then, when they trigger the trap, their IP gets automatically banned. If that IP attempts another connection they get a really, really slow 403 response.
Doesn't help with DDoS, but it cuts down the spam bots almost entirely (like 99.99%), and the human inquiries still get through.
Re: (Score:1)
Yeah, for a contact form that is absolutely a good idea. I am doing sensor IoT type stuff, so it's a little different - my goal is to keep latency down. Keeping Chinese packets out helps.