DDoS-for-hire services — also called 'booters' or 'stressers' — are commercial platforms that rent DDoS attack capacity on demand. They operate openly, accept credit cards or Bitcoin, and market themselves as 'IP stresser' services for 'testing your own infrastructure' — a legal fiction that fools no one.
How They Work
- Operators rent botnet capacity from criminal infrastructure or build their own from compromised servers.
- Customers select attack type (UDP flood, HTTP flood, etc.), duration, and target.
- Attacks are launched via an API with a web dashboard — no technical skill required.
- Prices range from $10 for a 60-second test flood to $500+ for sustained multi-hour attacks.
The Market Scale
- Europol's 2022 DDoS operation 'PowerOFF' seized 48 booter services.
- Weeks later, new services filled the gap — the market is resilient to takedowns.
- Estimates suggest 5,000+ unique booter customers conduct attacks on any given day.
- Attack price has fallen 90% since 2013 — commoditization is complete.
Implications for Defense
The democratization of DDoS means your threat model must include disgruntled customers, petty competitors, and teenagers with grudges — not just sophisticated criminal organizations. The barrier to attack is trivially low. The barrier to defense must match: always-on, automated, and requiring no human decision to activate.
Legal note
Using a DDoS-for-hire service against any target without explicit authorization is a criminal offense in all major jurisdictions. Convictions under the CFAA (US) and Computer Misuse Act (UK) carry multi-year prison sentences.