Global Police Crack Down on Webstresser Customers

Written by

Europol has detailed how law enforcers across the globe are tracking down customers of notorious DDoS-as-a-service site webstresser.org.

The site was taken down in April 2018 as part of Operation Power OFF, but that gave police a trove of information on its 151,000 registered users. It’s claimed the marketplace helped customers launch over four million attacks for as little as €15 a month.

Countries taking action against DDoS are: Belgium, Croatia, Denmark, Estonia, France, Germany, Greece, Hungary, Ireland, Lithuania, Portugal, Romania, Slovenia, Sweden, Australia, Colombia, Serbia, Switzerland, Norway and the US.

The UK’s National Crime Agency is leading the way, having seized 60 devices in raids and readying action against 250 users of the site, Europol claimed.

In the Netherlands, the authorities are taking a more progressive approach, offering first-time offenders the opportunity to take part in a "Hack_Right" project to prevent them getting into more serious crime.

Elsewhere, the FBI last December disrupted other DDoS-for-hire sites including Downthem and Quantum Stresser, whilst Romanian police have identified the administrators of two smaller DDoS sites, seizing evidence including info on their customers.

Darren Anstee, CTO for security at Netscout, argued that it’s all too easy for malcontents to launch DDoS attacks via stressor and booter services like webstresser, and welcomed the concerted police action.

“This is exactly the kind of action that is needed, as it will dissuade others from simply ‘clicking the button’ to launch an attack — with no consideration of the consequence of that attack,” he added. 

“It should be noted however that this will only dissuade some from using these kinds of services, criminal behavior will persist, and DDoS attacks will continue. Every organization needs to take responsibility for ensuring the availability of their online services is adequately protected.”

Businesses should invest in the right people, process and technology to mitigate the DDoS threat, he added.

What’s hot on Infosecurity Magazine?