Uncovering the Payment Infrastructure of a DDoS-for-Hire Services
- Topics cybersecurity ddos cryptocurrency Compliance Investigations
The US Department of Justice and Europol are collaborating on a mission to imped the growth of and ultimately stop DDoS booter services. These cyber attacks for hire enable low-skilled individuals to launch attacks that overwhelm websites or networks, rendering them to become unavailable for a potentially devastating period of time. The operation is succeeding with 48 domains associated with these types of services worldwide being closed down.
DDoS attacks have become a major problem in the online world. Hackers have used these attacks to disrupt and disable websites and networks. While there are many DDoS-for-hire services available on the dark web, a recent analysis by Clain has shed light on the payment infrastructure used by these services.
According to our analysis, only a few DDoS-for-hire services, such as CyberVM and StressThem.to, use their own payment infrastructure. The majority of these services, however, rely on established companies like AdvCash, Coinbase, CoinPayments, and GoCoin to process their payments.
One interesting finding from our analysis is the prevalence of Shoppy, a payment service provider well known and popular with shady vendors, darknet marketplaces, and many of the DDoS-for-hire services, to process payments for these criminal acts.
The use of established payments infrastructure by such services highlights the importance of crypto-currency compliance. It is crucial that the compliance departments at these companies implement strong fraud detection models and prevention measures to ensure that they are not being used by malicious actors.
To help companies prevent crypto illicit activity, Clain offers a Compliance Risk Management product that features real-time monitoring, a no-code custom rules engine, and in-depth risk assessment. By utilizing these tools, companies can better protect themselves from crypto-related illicit activity.