Authorities shuttered one of the largest cyberattack organizations in the world yesterday, making arrests in four countries and seizing assets and infrastructure in three others, the Associated Press reported. Europol, a joint European police agency, said it shut down webstresser.org, calling it the largest source of distributed-denial-of-service (DDoS) attacks. The organization had more than 136,000 registered users and was said to have tallied some 4 million attacks on governments, police, banks and the gaming industry.
“It used to be that in order to launch a DDoS attack, one had to be pretty well-versed in internet technology,” Europol said in a statement. “That is no longer the case.” For as little as 15 euros a month with webstresser, a subscriber could launch a crippling DDoS attack.
The owner of webstresser, a 19-year old Croatian citizen, was arrested in his home country yesterday, as were administrators in Canada, Serbia and the U.K., the AP reported. Infrastructure was seized in three more countries: Germany, the Netherlands and the U.S. Additional actions were taken against the service’s top users across eight countries, the police stated, not specifying what the measures were.
A DDoS attack launched by an organization like webstresser.org allows attackers to remotely control connected devices, directing a large amount of traffic at a website or an online platform. This traffic either slows the target website to the point of being effectively unusable or knocks it offline altogether by eating up the website’s bandwidth, overwhelming its server or consuming other essential resources, according to Europol.
Research from Kaspersky Lab found that each enterprise-level DDoS attack costs $2 million on average in addition to hard-to-quantify costs to reputation, PYMNTS reported in February.