German law enforcement announced a flaw in a criminal service called dstat(.)cc that allowed other threat actors to easily mount distributed denial-of-service (DDoS) attacks.
“The platform has made such DDoS attacks accessible to a wide range of users, even those without deep technical skills of their own,” notes the Federal Criminal Police Office (aka Bundeskriminalamt or BKA). said.
“In the context of police investigations, the use of stressor services to carry out DDoS attacks has recently become increasingly known.”
The BKA described dstat(.)cc as a platform that offers recommendations and assessments of stress services for conducting DDoS attacks on websites of interest and suspending their response.
According to an alert published by Radware, dstat(.)cc offered botnet owners an opportunity to assess the capacity and capabilities of their DDoS attack services.
“Robot herders use DStat sites to evaluate and demonstrate the power of their botnet, loader or script against a variety of vulnerable and protected targets,” the company said in a statement. said.
Dstat(.)cc, based on information gathered from demonstration attacks, provides reviews and contact information for download services, allowing potential subscribers to compare and find the best service for their malicious intent.”
Two suspects, aged 19 and 28, from Darmstadt and the Rhine-Lahn area were arrested in tandem. They are also accused of creating a criminal infrastructure for drug trafficking on a particularly large scale.
Specifically, they allegedly advertised and sold designer drugs and liquids made from synthetic cannabinoids on an online platform called “Flight RCS” that was available on Clearnet.
The takedown of dstat(.)cc is part of an ongoing coordinated law enforcement operation called PowerOFF, which has led to the shutdown of several DDoS-for-hire sites such as digitalstress(.)su and Anonymous Sudan in recent months.
