Hands in handcuffs
A tudent in the UK was charged with selling malware used in Denial of Service attacks against Netflix and Amazon. George Hodan/PublicDomainPictures.net

An 18-year-old student in the United Kingdom has been charged with supplying malicious software used to carry out a number of Denial of Service attacks against massive online companies.

The British teenager is being charged by the West Midlands Regional Cyber Crime Unit. He was caught after an investigation aided by Israeli police, the FBI and Europol’s European Cybercrime Centre (EC3).

Read: DDoS Attack On Gaming, Gambling Sites In Hong Kong Believed To Be Extortion Attempt

According to the investigation, the 18-year-old was found to be selling malware online that was used to carry out cyberattacks. He also offered purchasers of the malware technical support when needed.

The malware was reportedly used to direct denial of service attacks at tech firms including Netflix and Amazon; telecommunications companies T-Mobile, EE, O2, BT and Vodafone; the BBC, Virgin Media and the National Crime Agency (NCA).

Law enforcement agencies claimed the teen’s software was used in a sizable cyberattack in 2015 that took “millions” of websites offline and even temporarily shut down the online banking systems at UK financial institution National Westminster Bank.

According to a statement from the West Midlands Police, the teen “has been charged with impairing the operation of computers under the Computer Misuse Act, plus encouraging or assisting an offence and money laundering crime proceeds together with an American national.”

Read: DDoS Attacks Increasing In Quantity, Sophistication: Report

It’s not clear exactly what attacks the UK teenager’s malicious software was used for, though an attack on the BBC—one of the targets of his malware—that occurred in 2015 would fit the timeline. That attack was called the “biggest in history” at the time it happened.

Denial of service (DoS) attacks occur when an attacker attempts to make a machine or network unavailable to its users, thereby disrupting those services. The attacks can be short-lived or can be carried out indefinitely with enough resources.

Structure Security
Newsweek is hosting a Structure Security event Sept. 26-27 in San Francisco. Newsweek Media Group

A 2016 report from cloud service provider Akamai found 2015 was—at the time—the year with the highest number of reported DoS attacks. It’s unclear how big of a role the arrested student played in that increase.

DoS attacks have continued to grow since, serving as a popular means of attack for those who want to cause inconvenience to others by taking services offline. In other cases, such attacks have been used to extort sites by knocking their services offline until they agree to pay a fee.

While the 18-year-old supposedly responsible for the crimes would have been just 16 at the time the DoS attacks were carried out, a report from the NCA earlier this year highlighted the increased role young people are taking in online crimes.

According to the report, many kids start out their online criminal careers innocuously—usually starting with simple mods or hacks in video games. The jump from cheating in a game to committing actual crimes can happen naturally enough that the kid doesn’t recognize the gravity of the offense has changed considerably.