Slashdot Mirror

← Back to Stories (view on slashdot.org)

Europol Shuts Down World's Largest DDoS-for-Hire Service (bleepingcomputer.com)

Posted by msmash on from the end-of-road dept.

In what is being seen as a major hit against cybercriminals, Europol, an international police operation, has taken down the world's biggest provider of potentially crippling Distributed Denial of Service attacks. From a report: Europol officials have shut down WebStresser, a website where users could register and launch DDoS attacks after paying for a monthly plan, with prices starting as low as $18.25. The website, considered the largest DDoS-for-hire service online, had over 136,000 users at the time it was shut down. Europol said it had been responsible for over 4 million DDoS attacks in recent years. Visitors to the web site will now see a notice stating that the site has been seized in conjunction with "Operation Power Off," which is the name of the multi-country operation that took down the site.

6 of 46 comments (clear)

  1. The users should be prosecuted too by sjbe · · Score: 4, Insightful

    Europol officials have shut down WebStresser, a website where users could register and launch DDoS attacks after paying for a monthly plan, with prices starting as low as $18.25.

    So someone who signs up for a service like this really is saying they intend to cause harm. While logistically difficult to prosecute everyone, it would seem logical that every user of this service should find themselves in some legal hot water. I cannot think of a single lawful reason why someone would need to use a service like this. And if there isn't a law against using a service like this there darn well should be. Obviously the providers of this "service" should be put in jail but I would argue the users of the service are really no less culpable.

    1. Re:The users should be prosecuted too by 110010001000 · · Score: 3, Insightful

      You might use a service like this to stress test your website. Maybe that is why they called it WebStresser.

    2. Re:The users should be prosecuted too by lbmouse · · Score: 3, Insightful

      There are legitimate reason for stress testing. The problem with this company is that they didn't confirm that the addresses tested belonged to their customers. They knew what they were doing and thought they could skirt the law.

    3. Re:The users should be prosecuted too by RandomFactor · · Score: 2

      I can see no legitimate rationale for not performing validation on a destination to prove control/ownership.

      For example with with various online services it is common to require a cryptographically signed DNS entry to prove domain ownership.

      If stress testing an 'IP' you should be able to require a specific website response at http://ip/testingapproved.html or other similar method before starting.

      --
      --- Mercutio was right.
  2. Congradulations by cwsumner · · Score: 2

    Congradulations to Europol all of the people who worked to take this website down! The fight is not over, but at least we got in a "good hit".

  3. Re:Haha by Highdude702 · · Score: 2

    I'm an electrician and computer nerd have been both for 15+ years and have been a computer nerd far longer. I make nowhere hear 6 figures, yet I understand electronics and computers a lot better than most of the users I see on slashdot.