IP stressers, booter services, or booters for short, are web-based applications that allow hackers to launch distributed denial of service (DDoS) attacks by leveraging an army of unwitting computers and internet-connected devices. These applications provide user-friendly interfaces through which hackers target a website or internet resource and “stress test” it by flooding it with more internet traffic than it handle, overwhelming its servers to take it offline. Booter services achieve this by employing DDoS attack methods such as:
- UDP floods – Where high traffic of User Datagram Protocol (UDP) packets are sent to overwhelm bandwidth
- SYN floods – Where TCP connection requests overwhelm resources to open connections
- ICMP floods – Using high-traffic Internet Control Message Protocol (ICMP) pings
- Layer 7 – Overwhelming application servers and endpoints with high-traffic
These are launched using large globally distributed botnets of anonymous devices infected with malware and controlled by hackers. A single booter interface allows easy targeting of victims at the click of a button. Booters may charge a fee for customers to use their toolkits and have become underground cybercrime services generating billions in revenue.
Emerging trends and issues
What Is an stresser? The ability of novice cybercriminals to launch serious DDoS attacks has led to an explosion in the availability of IP stressers and booters. Symantec documented a rise of over 115% between 2017 and 2018. According to recent FBI reports, there are now over 100 booters in operation worldwide charging subscribers $20 to $200 per month. Several issues have emerged around these tools:
- Easy access – Booters require little technical knowledge to operate through user-friendly apps, making them accessible to script kiddies with malicious intent like harassment, stalking, and vandalism.
- Underground marketplaces – Cybercriminals operate secret dark web marketplaces to sell access to booters in exchange for cryptocurrencies to hide transactions and participants in attacks.
- Vulnerable devices – Botnets utilize cyber insecurity in IoT devices like CCTV cameras, routers, and even smart video doorbells to propagate networks of vulnerable devices for attacks. This poses major critical infrastructure and consumer risks.
- Whack-a-mole mitigation – While law enforcement takedowns of booters have increased, new services as quickly emerging in an endless game of whack-a-mole as money is easily made from monthly subscription services and difficult to track.
- Evolving attack vectors – Booter capabilities are shifting from network-based DDoS attacks to more dangerous web-application-based attacks focused directly on disrupting operations and data integrity making protection harder.
As booters have become more accessible and harder to mitigate, many organizations are struggling to defend networks against IP stresser attacks launched even by unsophisticated hackers in a growing wave of distributed cyber threats.
Positive emerging technology trends
However, while the rise of user-friendly stresser tools has created problems around cybercrime, the principles behind IP stresser technology highlight how it could also be used for more ethical and positive purposes in the hands. Some more optimistic technology trends that are emerging include:
- Legitimate stress testing – Developers creating public-facing web apps and services could benefit from stress testing tools to identify performance issues under heavy loads to improve reliability and scalability.
- DDoS protection innovation – As cybercriminals evolve, so too are protective measures by cybersecurity firms to detect emerging attack patterns and offer mantel solutions to customers against common booter attacks.
- Cyber ranges and simulations – Controlled test platforms known as cyber ranges, which create contained online environments, are adopted to simulate booter-style attacks to train cybersecurity teams and test protections.
While cybercriminals will likely continue to leverage booters for years, their emergence has jumpstarted a range of innovations and standards to counter the threats they have introduced from all fronts long into the future.
