
The internet can rest a little easier. On 24 April, the world’s biggest hacks-for-hire website was shut down and its administrators arrested in a Dutch-led operation involving more than a dozen international law enforcement agencies, including, Europol and the UK National Crime Agency.
The site, webstresser.org, was an online marketplace that hired out sophisticated distributed denial-of-service (DDoS) tools for as little as $18.99 a month. A DDoS attack is a popular technique used to stop websites from working by swamping them with traffic, often sent from large botnets of hacked devices, forcing the websites offline.
“It’s like 20 people trying to get through a revolving door,” says Alan Woodward of the University of Surrey, UK. “It seizes up eventually.”
Advertisement
Before the rise of sites like webstresser.org, would-be DDoS hackers needed some technical expertise and plenty of computing infrastructure to launch an attack. But by hiring out these services, such marketplaces reduce the barrier to entry, allowing people with little know-how to launch attacks of their own.
Webstresser.org had 136,000 registered users, many based in the United States. More than four million attacks were launched using the site, including attacks on seven of the UK’s largest banks in November 2017. “They were one of the most significant players in the crime-as-a-service market,” says Woodward.
Such attacks are a constant worry for businesses. The largest DDoS attack in history occurred in February, when online code repository Github was taken offline under a barrage of data requests at a rate of 1.35 terabits per second.
A by Corero Network Security discovered that around seven in 10 firms are bombarded with 20-50 attacks every month. DDoS attacks are the most commonly reported incursions against critical infrastructure in the EU, according to Europol.
The international consortium managed to shut down webstresser.org using a combination of high-tech sleuthing and good old gumshoe work. The UK National Crime Agency tipped off the Dutch National High Tech Crime Unit that the site was based in the Netherlands.
It tried to evade authorities by moving its operation to Germany but a secret investigation into how the marketplace was run revealed that its alleged administrators were based in Scotland, Croatia, Canada and Serbia.
“Criminals are very good at collaborating,” Steven Wilson, Head of Europol’s European Cybercrime Centre, said in a statement. “We need to collaborate as good as them with our international partners to turn the table on these criminals and shut down their malicious cyberattacks.”