Law enforcement worldwide hunting users of DDoS-for-Hire services

Europol and law enforcement agencies worldwide are investigating DDoS-for-hire services and hunting users that paid them to carry out cyber attacks.

In April 2018, an international operation conducted by the European law enforcement agencies led by the UK’s National Crime Agency (NCA) and the Dutch Police, with the help of Europol, took down the world’s biggest DDoS-for-hire service.

The operation dubbed Power Off allowed to shut down the biggest DDoS-for-hire service  (webstresser.org) and arrest its administrators. According to the investigators, the platform was involved in over 4 million attacks and arrested its administrators.

The police arrested 6 members of the crime group behind the ‘webstresser.org‘ website in Scotland, Croatia, Canada, and Serbia on Tuesday.

The Europol confirmed that Webstresser.org had 136,000 registered users and was used to target online services from banks, government institutions, police forces and the gaming world.webstresser.org.

Now law enforcement agencies are now investigating on customers that paid for the DDoS-for-hire-service service.

Europol has announced that the British NCA is conducting several operations all over the world to identify and arrest Webstresser.org users.

“In the United Kingdom a number of webstresser.org users have recently been visited by the police, who have seized over 60 personal electronic devices from them for analysis as part of Operation Power OFF.” reads the press release published by the Europol. “UK police are also conducting a number of live operations against other DDoS criminals; over 250 users of webstresser.org and other DDoS services will soon face action for the damage they have caused.”

The Europol gained access to the accounts of over 151,000 registered Webstresser users when it dismantled the service, the agency also obtained a huge trove of information about them.

According to the Europol, over 250 users of DDoS-for-hire services <, including Webstresser will soon face potential prosecution.

“To this effect, the FBI seized last December 15 other DDoS-for-hire websites, including the relatively well known Downthem and Quantum Stresser. Similarly, the Romanian police has taken measures against the administrators of 2 smaller-scale DDoS platforms and has seized digital evidence, including information about the users.” continues the press release.

“Size does not matter – all levels of users are under the radar of law enforcement, be it a gamer booting out the competition out of a game, or a high-level hacker carrying out DDoS attacks against commercial targets for financial gain. “

UK police already raided the homes of several webstresser.org users, in Netherlands authorities are working to unmask Dutch users of the service. A Dutch user of webstresser.org has already received this alternative sanction.

Europol revealed that other countries, including the United States, Belgium, Croatia, France, Germany, Greece, Denmark, Romania, Estonia, Hungary, Ireland, Switzerland, Norway, Lithuania, Portugal, Slovenia, Sweden, Australia, Colombia, Serbia, have also joined the fight against DDoS attacks.

“Emboldened by a perceived anonymity, many young IT enthusiasts get involved in this seemingly low-level crime, unaware of the consequences that such online activities can carry. Cybercrime isn’t a victimless crime and it is taken extremely seriously by law enforcement. The side effects a criminal investigation could have on the lives of these teenagers can be serious, going as far as a prison sentence in some countries.” concludes the Europol.

“Skills in coding, gaming, computer programming, cyber security or anything IT-related are in high demand and there are many careers and opportunities available to use these wisely.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – DDoS-for-hire service, hacking)

[adrotate banner=”5″] [adrotate banner=”13″]