Search This Blog

Showing posts with label National Crime Agency. Show all posts

NCA Infiltrates Cybercrime Market With Fake DDoS Sites

UK’s National Crime Agency (NCA) has recently conducted a sting operation as a part of Operation Power Off, a collaboration of international law enforcement agencies to shut down DDoS (distributed denial of service) infrastructure. 

In order to sabotage the online black market, the NCA set up a number of fictitious DDoS websites and offered booter or DDoS-for-hire services. It is important to keep in mind that the UK's Computer Misuse Act of 1990 makes DDoS attacks illegal. 

All of these websites were created by the NCA to appear genuine, giving the visitor the idea that they could initiate DDoS attacks using the provided tools and services. 

According to the agency, many a thousand individuals have visited the sites, although, after registering on the site, visitors are instead presented with a splash screen telling them that their data has been captured and law enforcement authorities would contact them instead of receiving the services they had signed up for. 

In the most recent report, the NCA confirms to have identified one of the websites it was operating, with a message that the data of users has been collected and that they “will be contacted by law enforcement.” 

The individuals who are currently in the UK will be contacted by the NCA or police and are warned about engaging in any cybercrime-related activity, whereas, the details of those overseas are being handed out to international law enforcement. 

DDoS Attacks 

In a DDoS attack, compromised computer systems bombard a target (server or website), causing severe financial or reputational damage to the targeted organization. “DDoS-for-hire, or ‘booter’, services allow users to set up accounts and order DDoS attacks in a matter of minutes […] Such attacks have the potential to cause significant harm to businesses and critical national infrastructure, and often prevent people from accessing essential public services,” said the NCA. 

Alan Merrett, member of NCA’s National Cyber Crime Unit says “booter services” are a key enabler of cybercrime. “The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease,” he said. 

He added that traditional site takedowns and arrests are key components of law enforcement’s response to threats while adding, “We have extended our operational capability with this activity, at the same time as undermining trust in the criminal market.” 

The NCA says that it will not reveal how many sites it has or for how long they have been running. Therefore, they have urged individuals looking for these services to stay cautious as they might not know who is operating them. 

UK Police Arrested Online Criminal Marketplace That Advertised Stolen Personal Credentials

UK police has arrested 21 malicious actors across the United Kingdom who were the part of nationwide cyber crackdown targeting customers of Now-defunct online service which was previously giving access to data hacked from other Networks. According to the National Crime Agency, “those 21 people have been arrested across the Nation as part of an operation targeting customers of an online criminal marketplace were using stolen personal credentials to commit further cyber and fraud offences’’. 

All men those have been arrested aged between 18 and 38, out of 21 – 9 people have been detained under Computer Misuse Act offences, another 9 people under for Fraud offences, and remaining 3 under investigation for both the aforementioned. National Crime Agency has also seized £41,000 in bitcoin from the individuals. 

As per the sources, the UK National Crime Agency (NCA), the US Federal Bureau of Investigation (FBI), the Netherlands National Police Corps, the Police Service of Northern Ireland and the German Bundeskriminalamt, were working in unison and it was in January 2019 when they seized the domain of 

Launched in 2017, WeLeakInfo was selling access to hacked information for the past three years. Reportedlu, the hackers behind the online service obtained data from over 10,000 Data breaches and cemented its name as brilliant underground hacking space. 

Furthermore, WeLeakInfo also offered subscription plans allowing users unlimited access to sensitive information. The plans were categorized as following– one day ($2), one week ($7), one month ($25), or three months ($70). Even cheap subscription plan was giving huge access to information, apprentice-type hackers were getting hold of huge cache of data and were using credentials for further criminality, including cyber attacks and fraud offences. 

Following the domain's seizure in January, in connection with running the site, two 22-year-old men, were arrested one from the Northern Ireland and another from the Netherlands.

NCA said, besides customers of WeLeakInfo, certain evidence revealed that other cybercrime tools such as remote access Trojans (RATs) and crypters were also being purchased. 

In the context, Paul Creffield, head of NCA’s National Cyber Crime Unit, said: “Through the identification of UK customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offences. The NCA and UK law enforcement take such offences extremely seriously and they can result in huge financial loss to victims. We were also able to pin point those on the verge of breaking the law and warn them that should they continue, they could face a criminal conviction. Cyber skills are in huge demand and there are great prospects in the tech industry for those who choose to use their skills legally’’.