- A young Georgia man who operated a DDoS mitigation service was actually launching attacks.
- The person was running a DDoS for hire operation on the side and was hijacking internet space.
- The same individual is now linked to an Israeli DDoS for hire service that was dismantled in 2016.
A young man from Georgia, USA, named Tucker Preston, pleaded guilty in a New Jersey court, admitted to having launched DDoS attacks against an unspecified website. The date of the act is defined to be between December 2015 and February 2016, causing damages of at least $5000 to the victim. The company that the 22-year-old co-founded is named “BackConnect Security LLC”, the website of which is now using an invalid certificate, so it is obvious that the company isn’t going through its best times right now.
DDoS for hire services is not something that is tolerated by the law enforcement authorities, but it still remains an active issue. Simply put, these entities accept money from a client to cause flooding of traffic on the servers of another entity that is determined by the customer. This is bringing the resource handling system of the target down to its knees, eventually leading to service unavailability, business disruption, and loss of money. The FBI is known to be chasing these actors, Europol is even going after their clients, but the field remains an active and evolving one.
KrebsOnSecurity had covered the activity of a DDoS-for-hire service that made $600k over a period of two years from launching 150 thousand attacks. The service was called “vDOS”, and it was the most popular of its kind at that time. About a year later, two Israelis were arrested in connection to vDOS and more information about their activity went public. As revealed, a domain that was registered by Tucker Preston had been used by the vDOS admins to create an attacking account. In general, Tucker had the habit of hijacking domains to help launch successful DDoS attacks.
As the United States Justice Department commented about this case, Tucker Preston has just pleaded guilty to an offense that is punishable by a maximum of ten years in prison and a fine of up to $250000. Possibly, the court may decide to impose a fine that would be twice the gross gains from selling DDoS services all these years or twice the loss from the disruptions caused to the targets. Whatever is going to be, the court will decide upon it on May 7, 2020.
As a final comment, I can say that it’s sad to see a young and capable individual getting involved in shady online operations although he had the choice to make money from doing business on the other side of the spectrum. The inevitable arrest and condemnation show why this choice is never a good idea.