Europol is Now After Those Who Bought DDoS Services

• Europol targets 250 people who hired webstresser.org to launch DDoS attacks.
• The prosecutions have started in the Netherlands and the UK, while more will follow soon.
• No leniency will be shown to any of the customers of these services, no matter the scale of the ordered attacks.

In 2018, Europol and the FBI seized the operation of the largest DDoS (Distributed Denial of Service) service providers in Europe and the USA, including webstresser.org, downthem.org, netstress.org, and defcon.pro. Now that those are down, Europol is turning its attention to those who bought services from them, no matter the size of the ordered attack. As a Europol spokesperson told the press: “Size does not matter — all levels of users are under the radar of law enforcement, be it a gamer booting out the competition out of a game, or a high-level hacker carrying out DDoS attacks against commercial targets for financial gain.”

Europol IT specialists have already analyzed the data that they acquired from the webstresser.org shut down and servers seizure, and according to their claims, there are about 250 people from various European countries and the US that will soon face prosecution for what they have done. Already, several people in the UK and the Netherlands have already been called for submission of their plea. While the platforms that offered the DDoS for hire services are directly liable, the people who financially supported this action are practically the abettors. That said, Europol is not willing to take them out of the equation or let it go.

Webstresser.org was one of the most prolific DDoS attack services, launching a total of 4 million attacks, so our guess is that those 250 are just the first wave of those who will be called by the Police. The cost of launching an attack through webstresser.org was about $15, so literally, anyone could have pointed a DDoS onset against anyone else.

DDoS attacks are still one of the most significant menaces for the internet in general, as they can cause extreme problems to the operation of companies, institutions, and even whole countries. This is why there is no tolerance with these cases, as a clear message needs to be communicated towards all ways. While big-fish DDoS for hire services are now knocked out, smaller providers of similar services are still offering their arsenal to those who are willing to pay for it, so the responsibility to shut those down has passed to the hosting countries. Right now, 17 European countries are actively pursuing DDoS service providers, and share data about their users with the Europol.

As we have recently covered, DDoS attack groups are evolving their methods, targeting ISPs with the small-sized widespread overload that keeps them hidden and dangerous. This makes the authorities extra aggressive against a threat that is constantly developing into a canny weapon against any online entity.

What would you say is a fair penalty for DDoS for hire service customers? Let us know of your opinion in the comments section below, and feel free to share this story through our Facebook and Twitter.