Police Around the World Target Users of ‘DDoS’ Service
Last year’s takedown of a cyberattack-for-hire marketplace was a vital moment in the global crackdown on cybercrime, according to Europol, as information about the site’s over 150,000 users has provided impetus for a number of criminal investigations around the world.
The dismantled website, webstresser.org, is believed to have been the world’s largest forum for buying Distributed Denial of Service (DDoS) tools, a type of cyberattack that aims to crash a website by overwhelming its server and rendering its resources unavailable.
“The damage they can do to victims can be considerable,” Europol said in a statement, “crippling businesses financially and depriving people of essential services offered by banks, government institutions and police forces.”
Analogous to a traffic jam, DDoS attacks flood the targeted server with an unsustainable amount of traffic, thus blocking people from reaching the intended online location. DDoS-for-hire services, or stressers, lease access to networks of malware infected computers that provide the onslaught of fake traffic.
According to Europol, this significantly lowers the barrier of entry into cybercrime: “for a small nominal fee, any low-skilled individual can launch DDoS attacks with the click of a button, knocking offline whole websites and networks by barraging them with traffic.”
Before webstresser’s dismantlement in April 2018, police say the site helped launch over four million DDoS attacks, for as little as €15 (US$ 17) a month.
Now, however, law enforcement agencies from 15 countries are working to track down its former subscribers in a coordinated campaign.
In the United Kingdom, the National Crime Agency (NCA) said officers have seized over 60 personal computers, tablets and phones since November 2018 as part of the operation, and a further 400 individuals from the site’s customer list are under investigation.
“Although users think that they can hide behind usernames and cryptocurrency, these do not provide anonymity,” said Jim Stokley of the NCA cyber crime unit. “We have already identified further suspects linked to the site, and we will continue to take action.”