Cops shut down one of the largest DDoS marketplaces in the world

Four admins were arrested for running, one of the biggest DDoS marketplaces on the internet.
Europol HQ -- Wikicommons

One of the largest distributed denial of service (DDoS) marketplaces has been shut down by European law enforcement., closed by Europol on Wednesday, boasted more than 100,000 users. It offered an array of services that allowed customers to wage attacks on specific targets that crippled internet infrastructure.

DDoS attacks work by forcing a flood of artificial internet traffic to a website until the traffic overloads a target and causes it to crash. The traffic often comes from large networks of computer systems that were compromised prior to the attack.

“We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDoS attacks and other kind of malicious activities online,” Steven Wilson, head of Europol’s European Cybercrime Centre (EC3), said in a statement. “It’s a growing problem, and one we take very seriously.”


The shutdown is important because, according to Europol, helped launch upwards of 4 million DDoS attacks since its inception. Targets of the hacking service have included government institutions, police forces, banks and video game companies.

For about $20 per month, nearly anyone could have used webstresser to launch a DDoS attack. The tool required no technical experience or knowledge to operate and depending on the user’s exact membership plan, they could have access to a customer service channel.

Four alleged administrators of webstresser were arrested earlier this week. Each is believed to have raked in hundreds of thousands of dollars from their scheme.

“International law enforcement will not tolerate these illegal services and will continue to pursue its admins and users,” Jaap van Oss, Dutch chairman of the Joint Cybercrime Action Taskforce, said in a statement. “This joint operation is yet another successful example of the ongoing international effort against these destructive cyberattacks.”

The suspects were located around the globe, in the U.K., Canada, Croatia and Serbia. Servers that supported the website’s functions were seized in Germany and the U.S. The international nature of the case required the cooperation of various domestic law enforcement agencies.


For example, the investigation was led by the Dutch National High Tech Crime Unit in partnership with the UK National Crime Agency.

Europol coordinated the cybercrime fighting effort, which originally began in October 2017.

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts