The number of overseas websites trading in hacking tools, including software for launching distributed denial of service (DDoS) attacks and making remote-control viruses, is on the rise, authorities say.
Last September, the Tokyo Metropolitan Police Department identified a 16-year-old teen in Kumamoto as the nation’s first DDoS attacker. The high school student told police he found cyberattacks fun.
The MPD handed the teenager over to prosecutors for allegedly taking down the server of an online gaming firm in Tokyo by disrupting it with a DDoS attack, flooding it with data sent from some 1,160 Network Time Protocol servers at home and abroad. The teen said he was frustrated because the company froze his gaming account.
To launch the attack, the teen used a website that disguises cyberattacks as server stress tests. The cyberattack cost just $8 but knocked the gaming firm offline for about nine hours.
Last month, Tokyo police arrested a 29-year-old man in Matsuyama, Ehime Prefecture, for using a virus to remotely control other people’s computers so he could steal the identification code of an online bank account.
The man bought virus-making software from an overseas website for $25 and is suspected of infecting the PC of a Tokyo woman through an email attachment. The website was offering the software as a legitimate work tool for operating computers from elsewhere.
A senior MPD official said overseas sites are difficult to combat because they are out of their jurisdiction, though those in Japan using such sites can be brought to justice.
Some sites hire out illegal programs that can be used to target those who do their banking online, charging between $150 (about ¥18,000) and $1,250 for six months, according to Internet security firm Symantec. The company believes the trade in such tools will continue to rise.