Industry News

Website down! DDoS-for-hire site Webstresser shut by crime agencies

International law enforcement agencies have forced offline a website believed to be the world’s biggest marketplace for hiring distributed denial-of-service (DDoS) attacks. offered anyone the ability to purchase a DDoS attack, capable of making websites and services inaccessible to internet users, for less than $20.

As a Europol press release explains, Webstresser’s alleged administrators – located in the United Kingdom, Croatia, Canada, and Serbia – have been arrested, and “further measures” taken against some of the site’s top users.

Meanwhile, the site itself has been shut down, its infrastructure seized, and its homepage replaced with a message from the many police forces who worked on the investigation dubbed “Operation Power Off”:


The domain name has been seized by the United States Department of Defense, Defense Criminal Investigative Service, Cyber Field Office in accordance with a warrant issued by the United States District Court for the Eastern District of Virginia. This domain name has been seized in conjunction with Operation Power OFF

Operation Power OFF is a coordinated effort by law enforcement agencies from The Netherlands, United Kingdom, Serbia, Croatia, Spain, Italy, Germany, Australia, Hong Kong, Canada and the United States of America, in cooperation with Europol.

The operation is aimed at the takedown of the illegal DDoS-for-hire-service

Before the Webstresser website received its unexpected new lick of paint, it certainly presented itself with more professional polish than the typical website beloved by the computer underground – seducing potential customers with a “dedicated professional support team” available 24×7, photos of its staff, and promises of “complete privacy.”

The site even had a social media presence, with its own Facebook page (still up and running at the time of writing) having over 8000 fans.

According to Europol, had over 136,000 registered users, and is thought to have launched over four million attacks with victims including gambling sites, gaming sites, banks, police forces, and government institutions.

The shutdown of does not shut down the entire DDoS-for-hire industry. There are other places that those interested in launching DDoS attacks for revenge or financial reward can still go to if they wish, and maybe others will ramp up their efforts with the demise of Webstresser.

But what the demise of Webstresser does is send a major warning shot of others operating in these dangerous waters. The authorities are after you, they will do what they can to put you out of business, and perhaps put you behind bars too.

And, right now, the authorities will be examining the electronic evidence to see what they might be able to learn about those 136,000 registered users too…

About the author


Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

1 Comment

Click here to post a comment