World’s biggest DDoS marketplace taken down, six suspected admins nabbed

For as little as $15 per month, anyone with a criminal bent could rent the services of webstresser.org to take down a targeted site.

An international law enforcement operation has shut down a website widely thought to be the world’s biggest marketplace for hiring distributed denial-of-service (DDoS) attacks, according to an announcement by the United Kingdom’s National Crime Agency (NCA).

The website, webstresser.org, was taken down on Wednesday, April 25, following an international police operation called “Power Off”. The sting was led by the NCA and Dutch police, with Europol and a dozen global law enforcement agencies also lending a hand.

As part of the bust, authorities in the United Kingdom, Croatia, Canada and Serbia arrested six suspected administrators of the service on Tuesday, April 24.

Europol said that “further measures were taken against the top users of this marketplace in the Netherlands, Italy, Spain, Croatia, the United Kingdom, Australia, Canada and Hong Kong”. Authorities also seized the service’s infrastructure in the Netherlands, the United States, and Germany.

Screenshot-2018-4-27-Webstresser-org-This-domain-has-been-seized.png
Webstresser.org post-takedown

With no fewer than 136,000 registered users and over four million attacks carried out through it, the service was clearly in great demand. DDoS attacks emanating from the site hit critical online services offered by banks, government institutions, police forces, and the gaming industry across the globe.

DDoS attacks typically work by inundating the target with a barrage of artificial traffic, ultimately with an eye to bringing it down and denying access to the service for legitimate users. Victims are out of business for a period of time and incur considerable costs involved in mitigation and other security measures, revenue loss, as well as unquantifiable costs, such as reputational damage.

Webstresser.org was one of a number of services that operate openly on the internet as businesses under the pretence of offering to test the resiliency of a company’s servers.

Such “stresser”, or “booter”, services are part of the proliferation of cybercrime-as-a-service schemes that enable anybody with ill intentions to launch a cyberattack even in the absence of technical chops. Such services usually sell access to DDoS botnets, which are networks of compromised computers that are “sublet” to whoever pays.

“We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDoS attacks and other kind of malicious activities online”, head of Europol’s European Cybercrime Centre (EC3) Steven Wilson was quoted as saying.

written by Tomas Foltyn, ESET We Live Security


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s