Global law enforcement agencies took down the popular DDoS attack-for-hire website, Webstresser.org, and arrested the alleged administrators of the si
Global law enforcement agencies took down the popular DDoS attack-for-hire website, Webstresser.org, and arrested the alleged administrators of the site.
Webstresser was the largest and most widely used service to buy distributed denial-of-service (DDoS) attacks, according to Europol, which supported the takedown efforts. Law enforcement from the United States, the United Kingdom’s National Crime Agency (NCA) and the Dutch National Police worked together on the investigation called “Operation Power Off,” which shut down the DDoS-for-hire service and arrested the administrators.
The alleged administrators for the DDoS-for-hire service, according to Europol, were located in the United Kingdom, Croatia, Canada and Serbia. Law enforcement also took “further measures” against the frequent users of Webstresser in the Netherlands, Italy, Spain, Croatia, the UK, Australia, Canada and Hong Kong, though there are no details about what those further measures entailed. There were reportedly 136,000 registered users and 4 million attacks from the site until this month.
The servers that hosted Webstresser.org were in Germany, the U.S. and the Netherlands.
Webstresser enabled people or groups with little to no technical skills to launch point-and-click DDoS attacks. Webstresser was just one booter or stresser service, which are services that can launch DDoS attacks against any website for a fee.
“Cybercriminals across the world have used webstresser.org, which could be rented for as little as $14.99, to launch in excess of 4 million so-called distributed denial of service attacks, in which high volumes of internet traffic are launched at target computers to disable them,” the UK’s NCA said in a statement. “Individuals with little or no technical knowledge could rent the webstresser service to launch crippling DDOS attacks across the world.”
The attacks purchased from DDoS-for-hire sites can cause massive disruption and cost the targets significant amounts of money. The NCA cited an incident in which someone “used the Webstresser service to target seven of the UK’s biggest banks in attacks in November 2017. They were forced to reduce operations or shut down entire systems, incurring costs in the hundreds of thousands to get services back up and running.”
Law enforcement officials have not identified the individuals arrested in connection with the DDoS-for-hire site takedown. Cybersecurity journalist and independent investigator Brian Krebs, however, was able to identify the alleged administrator of Webstresser as a 19-year-old man from Serbia.
DDoS-for-hire services have long caused trouble for enterprises. In 2010, researchers at cybersecurity vendor Damballa discovered a massive botnet based in China that was using infected systems to provide DDoS services for hire. The FBI released an advisory last year stating these booter services are punishable by arrest and criminal charges under the Computer Fraud and Abuse Act.