An international law enforcement operation has shut down a website widely thought to be the world’s biggest marketplace for hiring distributed denial-of-service (DDoS) attacks, according to an announcement by the United Kingdom’s National Crime Agency (NCA).
The website, webstresser.org, was taken down on Wednesday, April 25, following an international police operation called “Power Off”. The sting was led by the NCA and Dutch police, with Europol and a dozen global law enforcement agencies also lending a hand.
As part of the bust, authorities in the United Kingdom, Croatia, Canada and Serbia arrested six suspected administrators of the service on Tuesday, April 24.
Europol said that “further measures were taken against the top users of this marketplace in the Netherlands, Italy, Spain, Croatia, the United Kingdom, Australia, Canada and Hong Kong”. Authorities also seized the service’s infrastructure in the Netherlands, the United States, and Germany.
With no fewer than 136,000 registered users and over four million attacks carried out through it, the service was clearly in great demand. DDoS attacks emanating from the site hit critical online services offered by banks, government institutions, police forces, and the gaming industry across the globe.
DDoS attacks typically work by inundating the target with a barrage of artificial traffic, ultimately with an eye to bringing it down and denying access to the service for legitimate users. Victims are out of business for a period of time and incur considerable costs involved in mitigation and other security measures, revenue loss, as well as unquantifiable costs, such as reputational damage.
Webstresser.org was one of a number of services that operate openly on the internet as businesses under the pretence of offering to test the resiliency of a company’s servers.
Such “stresser”, or “booter”, services are part of the proliferation of cybercrime-as-a-service schemes that enable anybody with ill intentions to launch a cyberattack even in the absence of technical chops. Such services usually sell access to DDoS botnets, which are networks of compromised computers that are “sublet” to whomever pays.
"We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDoS attacks and other kind of malicious activities online", head of Europol’s European Cybercrime Centre (EC3) Steven Wilson was quoted as saying.