UK police forces launch nationwide crackdown on Webstresser users
5 February 2019
Police forces across the UK are carrying out a nationwide crackdown on hundreds of UK-based hackers who purchased hacking tools from Dark Web marketplace Webstresser to carry out hundreds of thousands of DDoS attacks on websites.
In April last year, Europol, the Dutch Police and the UK’s National Crime Agency along with a dozen law enforcement agencies from around the world succeeded in taking down Webstresser.org, the world’s biggest Dark Web marketplace that offered Distributed Denial of Service (DDoS) services for hire.
Before it was taken down, Webstresser was considered the world’s biggest marketplace to hire Distributed Denial of Service (DDoS) services and had over 136,000 registered users and 4 million attacks measured by April 2018 and DDoS tools available at the marketplace were used to target critical online services offered by banks, government institutions and police forces, as well as victims in the gaming industry.
Sophisticated DDoS tools were available on Webstresser for hire for as low as EUR 15.00 a month, thereby ensuring that cyber criminals who didn’t have enough funds to launch attacks on their own could also rent malicious stressers and booters to fulfill their motives.
Over 400 Webstresser users in the UK to face action
According to the National Crime Agency, even though Webstresser ceased to function in April last year, UK police forces are still trying to trace and apprehend home-based hackers who purchased hacking tools from the Dark Web marketplace to launch DDoS attacks on hundreds of websites owned by UK organisations.
“Since November 2018, a number of Webstresser.org users in the UK have found themselves the subject of law enforcement activity. Officers from the NCA’s National Cyber Crime Unit, with support from Regional Organised Crime Units (ROCUs) and Police Scotland, have executed eight warrants and seized more than 60 personal computers, tablets and mobile phones. A number of users also received ‘cease and desist’ notices. A further 400 users of the service are now being targeted by the NCA and partners,” it said.
“The action taken shows that although users think that they can hide behind usernames and crypto currency, these do not provide anonymity. We have already identified further suspects linked to the site, and we will continue to take action.
“Our message is clear. This activity should serve as a warning to those considering launching DDoS attacks. The NCA and our law enforcement partners will identify you, find you and hold you liable for the damage you cause,” said Jim Stokley, Deputy Director of the NCA’s National Cyber Crime Unit.
Concerted global action against DDoS hackers
According to Europol, while law enforcement authorities in the UK are doing commendable work in going after over 250 users of Webstresser and other DDoS services, authorities the Netherlands, Belgium, Croatia, Denmark, Estonia, France, Germany, Greece, Hungary, Ireland, Lithuania, Portugal, Romania, Slovenia, Sweden, Australia, Colombia, Serbia, Switzerland, Norway and the United States have also joined the fight against DDoS attacks.
“While some are focusing their actions against the users of webstresser.org specifically, law enforcement agencies around the world have intensified their activities against the users of DDoS booter and stresser services more generally. To this effect, the FBI seized last December 15 other DDoS-for-hire websites, including the relatively well known Downthem and Quantum Stresser.
“Similarly, the Romanian police has taken measures against the administrators of 2 smaller-scale DDoS platforms and has seized digital evidence, including information about the users. Size does not matter – all levels of users are under the radar of law enforcement, be it a gamer booting out the competition out of a game, or a high-level hacker carrying out DDoS attacks against commercial targets for financial gain,” it added.