stresser
{{Short description|Services providing denial-of-service attacks}}
{{confuse|Stressor}}
Stresser (or booter) services provide denial-of-service attack as a service, usually as a criminal enterprise.{{Cite web |title=The FBI and International Law Enforcement Partners Intensify Efforts to Combat Illegal DDoS Attacks |url=https://www.fbi.gov/contact-us/field-offices/anchorage/fbi-intensify-efforts-to-combat-illegal-ddos-attacks |access-date=2023-05-11 |website=Federal Bureau of Investigation |language=en-us}}
They have simple front ends, and accept payment over the web. Marketed and promoted as stress-testing tools, they can be used to perform unauthorized denial-of-service attacks, and allow technically unsophisticated attackers access to sophisticated attack tools.{{Cite web|url=http://krebsonsecurity.com/2015/08/stress-testing-the-booter-services-financially/|title=Stress-Testing the Booter Services, Financially|last=Krebs|first=Brian|date=August 15, 2015|website=Krebs on Security|access-date=2016-09-09}} Usually powered by a botnet, the traffic produced by a consumer stresser can range anywhere from 5-50 Gbit/s, which can, in most cases, deny the average home user internet access.{{Cite journal|last1=Mubarakali|first1=Azath|last2=Srinivasan|first2=Karthik|last3=Mukhalid|first3=Reham|last4=Jaganathan|first4=Subash C. B.|last5=Marina|first5=Ninoslav|date=2020-01-26|title=Security challenges in internet of things: Distributed denial of service attack detection using support vector machine-based expert systems|url=https://onlinelibrary.wiley.com/doi/10.1111/coin.12293|journal=Computational Intelligence|language=en|volume=36|issue=4|pages=1580–1592|doi=10.1111/coin.12293|s2cid=214114645|issn=0824-7935|url-access=subscription}}
Targets of booter/stresser services include network gaming services. Motivations for the use of stresser services include revenge, extortion, and simple mischief.
Law enforcement activity
The use or provision of booter/stresser services for unauthorized DDoS attacks is illegal in both the United States and the United Kingdom under the Computer Fraud and Abuse Act and Computer Misuse Act 1990 respectively.{{Cite web |last= |title=DDoS attacks are illegal |url=https://nationalcrimeagency.gov.uk/what-we-do/crime-threats/cyber-crime?catid=2&id=243&view=article |access-date=2023-05-11 |website=nationalcrimeagency.gov.uk |language=en-GB}}
In 2023 it was revealed that a cross-industry organization called "Big Pipes" with representatives from major Internet companies had been working with law enforcement to find and shut down illegal booter/stresser services for the previous five years.{{Cite magazine |last=Greenberg |first=Andy |title=The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services |language=en-US |magazine=Wired |url=https://www.wired.com/story/big-pipes-ddos-for-hire-fbi/ |access-date=2023-05-11 |issn=1059-1028}}
The UK National Crime Agency has set up numerous "honeypot" websites purporting to be booter/stresser services. The details of people registering with these fake services are logged.{{Cite web |title=UK Sets Up Fake Booter Sites To Muddy DDoS Market|website= Krebs on Security |date= 28 March 2023 |url=https://krebsonsecurity.com/2023/03/uk-sets-up-fake-booter-sites-to-muddy-ddos-market/ |access-date=2023-05-12 |language=en-US}}
References
{{reflist}}