1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Europol takes down DDoS provider

Chase Winter
April 25, 2018

An international police probe has taken down a cyberattack provider behind some 4 million attacks. The website had more than 136,000 users who are now the target of ongoing national police actions in Europe and beyond.

Screenshot webstresser.org - shutdown
Image: webstresser.org

An international police operation has delivered a major blow against the world's largest marketplace for Distributed Denial of Service (DDoS) cyberattacks, the European police agency Europol said Wednesday.

A Dutch and British-led investigation with the support of Europol and a dozen law enforcement agencies from around the world led to the arrest of six administrators of webstresser.org in the United Kingdom, Croatia, Canada and Serbia.

Europol said more than 136,000 registered users and 4 million attacks had been measured through the DDoS marketplace. 

Read moreHow our household devices get hacked and join zombie bot networks in DDoS attacks

NATO websites hit by DDoS cyber attacks, Ukraine group claims responsibility

Additional police action was taken against users in the Netherlands, Italy, Spain, Croatia, the United Kingdom, Australia, Canada and Hong Kong. Infrastructure was also seized in the Netherlands, the US and Germany.

Low-cost damage

For as little as 15 ($18) a month, webstresser.org users could rent its stressers and booters to carry out DDoS attacks. In a DDoS attack, the attacker remotely directs a large amount of traffic at a website to either slow it down or take it offline.

A Europol spokesperson told DW that intelligence had been provided to member states, which are expected to carry out further operations against users over the coming weeks and months. The top five countries with active users were the US, United Kingdom, Canada, China and Germany.

"This is a warning to all wannabee DDoS-ers - do not DDoS because through close law enforcement collaboration, we will identify you, bring you to court and facilitate that you will be held liable by the victims for the huge damage you cause," said Gert Ras, the head of the National High Tech Crime Unit with Dutch National Police. 

Over the past two months alone, websites were taken offline for the equivalent of 15.5 years, a Europol spokesperson said.  The average attack lasted 20 minutes and the longest 10 hours.

Big institutions targeted

Among the websites targeted with DDoS attacks were banks, government institutions, police forces and the gaming industry.

DDoS attacks have traditionally been carried out by sophisticated technology users. Europol said that the webstresser.org website allowed people with little or no technical knowledge to carry out devastating DDoS attacks.

"We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDoS attacks and other kind of malicious activities online," said Steven Wilson, Head of Europol's European Cybercrime Centre (EC3).

Every evening at 1830 UTC, DW's editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.