Int’l Law Enforcement Shuts Down Major DDoS Cyber Crime Website
The Webstresser cyber crime website, which was the world’s biggest marketplace for selling DDoS (Distributed Denial of Service) attack services, has been shut down. International law enforcement has shut down the website that had sold the DDoS services which were used to target seven leading banks in the UK.
The Webstresser website has been linked to over four million cyber crime incidents that had happened in different places across the world. These include the cyber attacks on some of the biggest banks in the UK.
UK’s National Crime Agency (NCA) and the Dutch National Police, in collaboration with international law enforcement partners, had initiated investigations which eventually led to the closure of the website along with arrests in Croatia, Serbia, Canada and Scotland.
It was an action involving different countries, with authorities in the Netherlands, Canada, Serbia and Croatia, with full support from Europol and Police Scotland, targeting six members of the cyber crime group that worked behind the website. In the meantime, the Dutch Police, with full cooperation of authorities from the US and Germany, seized the servers and shut down the website.
DDoS attacks, which involve using high volumes of internet traffic to target and disable computers, has an immense scope as far as cyber criminals are concerned; even a person with little or zero technical knowledge could, with the help of websites like webstresser.org, launch DDoS attacks and cripple organizations and networks. It’s to be remembered that webstresser.org could be rented for as little as $14.99; no wonder it has been used to launch more than four million distributed denial of service (DDoS) attacks in different parts of the world.
The Guardian reports– “Webstresser.org had 136,000 registered users and could be rented for about £10 to launch distributed denial of service (DDoS) attacks, in which high volumes of internet traffic are launched at target computers to disable them.”
The report, dated 25th April, further says- “Following an investigation led by the UK’s National Crime Agency (NCA) and the Dutch national police, servers were seized at 11.30am on Wednesday in the Netherlands, the US and Germany, effecting a takedown of the website…Suspected members of the group were arrested on Tuesday in Scotland, Canada and Serbia, the NCA said. Croatian police said they had arrested a 19-year old man who faces charges of criminal acts against computer systems. The operation was supported by Europol and Police Scotland, as well as law enforcement in 11 countries.”
The Guardian report also talks about NCA officers raiding a property in Bradford. The report says- “NCA officers also raided a property in Bradford, where the agency believed a suspect linked to the address used the Webstresser service to target seven of the UK’s biggest banks in attacks in November last year. The banks, which have not been named by investigators, were forced to reduce their operations or shut down entire systems, incurring costs in the hundreds of thousands.”
In recent years, cyber criminals resorting to selling cyber crime related services rather than committing the crimes themselves too has become an emerging trend. But law agencies are confident that such cyber crimes can be dealt with in a very effective manner.
Jo Goodall, senior investigating officer at the NCA has been quoted as saying- “The arrests made over the past two days show that the internet does not provide bulletproof anonymity to offenders and we expect to identify further suspects linked to the site in the coming weeks and months as we examine the evidence we have gathered.”
Gert Ras, the head of the national hi-tech crime unit at the Dutch police, says- “By taking down the world’s largest illegal DDoS seller in a worldwide joint law-enforcement operation based on NCA intelligence, we have made an unprecedented impact on DDoS cybercrime. Not only were the administrators of this illegal service arrested, but also users will now face prosecution and civil liability for caused damage…This is a warning to all wannabe DDoS-ers: do not DDoS because, through close law-enforcement collaboration, we will identify you, bring you to court and facilitate that you will be held liable by the victims for the huge damage you cause.”