2 min read

User of the world's biggest DDoS-for-hire website? Police say they're coming after you


January 28, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
User of the world's biggest DDoS-for-hire website? Police say they're coming after you

When police shut down the notorious website webstresser.org last year and arrested its administrators, a clear message was sent to the site’s 151,000 users: you’re next.

Until its takedown, webstresser.org was believed to the world’s biggest marketplace for the hiring of distributed denial-of-service (DDoS) attacks.

For as little as 15 euros a month, Webstresser’s customers could pay for DDoS attacks to be launched against websites – swamping them with traffic, and knocking them offline.

The site made it possible for individuals with little or no knowledge to launch crippling DDoS attacks. In all, it’s said that cybercriminals used Webstresser to launch over four million attacks, including major DDoS attacks targeting gambling sites, gaming sites, police forces, and top banks.

Thankfully, international law enforcement’s “Operation Power Off” put an end to Webstresser’s activities in April 2018, arresting the site’s administrators and commandeering its infrastructure.

That action by police didn’t just see the website replaced with a seizure notice, but also the confiscation of a treasure trove of information about the site’s 151,000 registered users.

Today Europol announced that police forces around the world are actively tracking down the site’s users.

In the UK, for instance, a number of Webstressers users have recently been visited by police, and over 60 personal electronic devices have been seized for analysis. There are also said to be live operations against other DDoS criminals – with over 250 users of webstresser.org and other booter services soon facing action.

In the Netherlands meanwhile, an initiative known as “Hack_Right” has been launched which aims to tackle the problem of young first-time offenders who naively engage in cybercrime without recognising the seriousness of what they were doing.

The initiative, which is aimed at young offenders between the ages of 12 and 23, attempts to change the perpetrators’ behaviour, help them avoid a criminal record, and perhaps turn them towards a career as an ethical hacker instead.

One Dutch user of webstresser.org has already gone through the “Hack_Right” process.

If you have hacking skills and you use those skills to do harm, there’s a chance that you will be caught and that could have repercussions for the rest of your life.

Don’t direct your computer knowledge towards committing crime. Instead, use your skills to do something positive – develop a cool app, write a helpful code library, publish some research, create a popular website, help mitigate against security threats.

You may not be lucky enough to be offered a place on a “Hack_Right” course. You may end up going to prison. If you’re clever enough to commit a cybercrime, you should be clever enough to recognise that what you are doing could result in your losing your liberty, and causing unnecessary distress and heartbreak to your friends and family.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like