Beitragsbild von Michal Czyz, danke! (Unsplash Lizenz) interview: When the Internet becomes a weapon

Yesterday we spoke with Esma from Attackers use a booter to gain a competitive advantage or simply to annoy somebody.

Attackers use web stressers also known as booters to gain a competitive advantage or simply to annoy somebody. is just one of many services being offered on the Internet. The current attacks on Blizzard, Lieferando, or the Bavarian learning platform Mebis are just a few examples of the many things DDoS attacks can do. Such attacks can cause enormous financial damages.

A chat with

We recently had a detailed conversation with Esma, the operator of this obviously illegal service. We spoke about almost all aspects of his service.

How did you come up with the idea of setting up

Esma, the admin of Oh, that is simple. I was here in 2013 and had a look at the scene, but there was no good web stresser. Many of them closed after a short while and scammed (= cheated) the people.

So I wanted to open something stable for the people. I never wanted make profit or what. I just wanted open a stable platform with no downtime and no exit scam. And with a real 24/7 support. So it all began in 2018 with my own project.

That sounds like coming from the mouth of a marketing specialist. The support is realized by using the messenger Telegram?

Esma: At we have a Livechat (24/7), Telegram (almost 24/7, too) and support tickets with habitually replies in less then two hours. logo

Many Chinese customers attack Online Casinos, gambling websites and such stuff.

What do you think, why do people use your service? Are that mostly kids dossing other gamers? Or are that competitors in business? Or what are their reasons?

Esma: We have many customers from China, who use it for competitors business. In order to knock out other peoples gambling websites, game apps and so on. We have many kids too, who use the free plan. And some customers use it for testing their infrastructure in order to set up a good protection against such attacks.

stresser forums logoThat’s a good heading: Why do you offer a free plan?

Esma: Mostly for poor people as not everyone has the budget. It’s also for educational purposes. Some people are curious. They obviously won’t pay unless they can see what’s the effect, how it works etc. And it’s also a sort of preview for interested people. As said, it’s a business, where many scammers are around. So people are worried to buy.

How or where do you advertise for I saw you’re searching for YouTubers to make videos about the services of your website.

Esma: Yes, at the moment we’re looking for Youtubers in order to create videos, because this helps a lot to grow up the SEO rank, so our website would be more visible. But in the past, mostly I didn’t make any publicity, just booked a few banners now and then. I’m new to the publicity market. Now we try to advertise a bit to become more well known. In the past I’ve always been running the project on my own.

Webstresser - alles ist offline
Afterwards people check if the site is available anywhere.

How do you protect yourself against a bust? How many people are involved into your project?

Esma: I’ve always been running my project solo. In January I have hired a support manager and a developer for the layer7 attacks.

First we use a bulletproof domain name. We also use DDoS-GUARD as a reverse proxy and another reverse proxy using Tor, which is connected to another „Offshore backend“. We change the backend each month. Payments are made in Bitcoin. Soon we will add Ethereum (ETH) and Monero (XMR). We also have a deal with a private bank to accept credit cards. They pay us back in Bitcoin.

But the Bitcoin (BTC) is not really anonymous. Is it safe enough for your customers? Or do they use a BTC Mixer?

Esma: It’s like all payment in BTC goes to a wallet to another bank in the USA. They don’t have any informations about me. They have send me a credit card. By the way: I’m using three post boxes around the world to a fake the name on the credit card. So they don’t know from where I am or what ever. In that case for me the money is very safe. It’s hard to explain the whole system…

People have too much money: Our bot net is always fully booked.

No problem. Speaking about the technical details of How many servers do you have? Can people bypass the protection of Cloudflare or Blazing Fast with your service? Do you also offer a bot net to attack websites? If not, why not?

Esma of We own more than 70 dedicated servers. We will add 50 more. cloudflare fehlermeldung
mission accomplished

People can bypass all protections of layer7 type. We update every day our methods. Cloudflare, Blazing Fast, with captcha, stackpath. They’re too many to mention them all. We upgrade our methods on demand.

So how comes you don’t use a bot net?

Esma: We also have a bot net, but only on custom demand and it’s always busy. It’s a bot net with 800G TCP raw traffic. So the price is 5k per week for only one person. But we don’t promote the bot net, because it’s always rented and we can only accept one customer at the same time. The period is always weekly. And seriously spoken, we have too many people who are able to pay it. So it’s always unavailable. Probably, only time will tell us if this will ever change… The IoT is *not* the future of stressing websites.

5.000 EUR for one week? I see. Do you think the IoT (Internet of Things) is the next big step for DDoS attacks instead a bot net with absorbed PCs, laptops and smartphones? Intelligent refrigerators, toasters, toys and other smart devices being taken over from hackers in order to use them for a real massive attack.

Esma: I don’t think so. Developers always work hard to fix vulnerabilies.

stresser forums

Do they? I’m not sure. I think it’s the other way around. But speaking about ethics: Do you have a good feeling offering such a service?

Esma: What do you mean? You want to know what I’m thinking about my own service?

Yes, people could abuse it in order to cause real HUGE damages.

Esma: I guess it’s used at 90% in order to cause huge damages…

Esma: But in principle, this is purely a matter for our customers. If we make it only for a legal use, no one will have customers, you know. @ Telegram


No illegal purpose, no customers, I see. Btw.: What can I do to protect my own website effectively against strong attacks? The free plan from Cloudflare won’t help me, that’s for sure.

Esma of I would recommend DDoS-GUARD or INCAPSULA instead.

Okay. And how expensive is that for me?

Esma: DDoS-GUARD is for free. Speaking of INCAPSULA, I really don’t know the prices, sorry.

Almost the last question: Do you have an outcome with your project? And what will you do in ten years. Will you still run your business then?

Esma: Let me put it this way: I have my income. Besides, it’s really not a good idea to talk about money too much.

Of course employees from EUROPOL etc. could read our interview the sooner or later. And what are you doing in ten years from now on?

Esma: In the year 2030? That’s not easy to say. I have other projects that interest me very much. Only time will tell …

Okay Esma, thanks a lot for your replies! @ youtube
Commercial: A YT-video about

Recently they have changed their domain from Tonga to .com.

You could also be interested into our English interview with the administrator of „When digital stones fly“.

(*) Alle mit einem Stern gekennzeichneten Links sind Affiliate-Links. Wenn Du über diese Links Produkte oder Abonnements kaufst, erhält eine kleine Provision. Dir entstehen keine zusätzlichen Kosten. Wenn Du die Redaktion anderweitig finanziell unterstützen möchtest, schau doch mal auf unserer Spendenseite oder in unserem Online-Shop vorbei.

Lars Sobiraj


Lars Sobiraj fing im Jahr 2000 an, als Quereinsteiger für verschiedene Computerzeitschriften tätig zu sein. 2006 kamen neben noch zahlreiche andere Online-Magazine dazu. Er ist der Gründer von Außerdem brachte Ghandy, wie er sich in der Szene nennt, seit 2014 an verschiedenen Hochschulen und Fortbildungseinrichtungen den Teilnehmern bei, wie das Internet funktioniert.