News

Police cracks the whip on world's largest DDoS marketplace

A joint operation by law enforcement agencies around the world has shut down webstresser.org, which launched 4 million DDoS attacks and targeted banks, governments and enterprises. 

Police_cracks_the_whip_on_world's_largest_DDoS_marketplace.jpg

The masterminds behind webstresser.org, the world’s largest Distributed Denial of Service (DDoS) marketplace were arrested Tuesday by the Dutch Police and UK's National Crime Agency with the support of Europol and other authorities.

Law enforcement agencies collaborated under an investigation dubbed “Operation Power Off” to take down the website, which sold DDoS attacks for as little as EUR 15 a month.

According to investigators, the website had more than 136,000 registered users and was responsible for launching between four to six million attacks over the past three years.

“The orchestrated attacks targeted critical online services offered by banks, government institutions and police forces, as well as victims in the gaming industry,” Europol stated on Wednesday.  

Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3), said, “We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDoS attacks and other kind of malicious activities online.”

He pointed out how criminals are very good at collaborating and law enforcement agencies need to do the same to turn the table and shut down malicious cyberattacks.

CSO India takes a look at instances where authorities have cracked down on the use of such 'booter services'.

In 2016, Israeli authorities arrested two men accused of running vDOS, a DDoS-for-hire service that launched more than 150,000 DDoS attacks. According to KrebsonSecurity, vDOS was responsible for launching 8.81 years’ worth of attack traffic in just four months between April and July 2016.

Here’s the thing about these DDoS-for-hire services – anybody with access to internet can ‘purchase’ an attack. Most of these websites have adopted a SaaS business model and offer subscriptions.

And it’s not only easy to buy attacks but also to build the product, which basically allows access to DDoS botnets – networks of malware-infected systems. Botnet builder kits are easily available online (with instructions) and an aspiring cybercriminal can use them to launch malware attacks.

It’s not just creators of these services who are on the authorities’ wanted list, but also users, registered and otherwise.  

In December 2016, law enforcement agencies arrested 34 people in 13 countries as part of a crackdown on buyers of DDoS-for-hire services. Interestingly, many of the suspects were under the age of 20.

Typically, buyers of DDoS-for-hire services are online gamers who want to severe their rivals’ internet connection. However, extreme incidents also happen such as the cyber-attack on Dyn, which brought down most of America’s internet in October 2016.