Yesterday we spoke with Esma from Instant-Stresser.to. Attackers use a booter to gain a competitive advantage or simply to annoy somebody.
Attackers use web stressers also known as booters to gain a competitive advantage or simply to annoy somebody. Instant-Stresser.com is just one of many services being offered on the Internet. The current attacks on Blizzard, Lieferando, Pizza.de or the Bavarian learning platform Mebis are just a few examples of the many things DDoS attacks can do. Such attacks can cause enormous financial damages.
A chat with Instant-Stresser.com
We recently had a detailed conversation with Esma, the operator of this obviously illegal service. We spoke about almost all aspects of his service.
How did you come up with the idea of setting up Instant-Stresser.com?
Esma, the admin of Instant-Stresser.com: Oh, that is simple. I was here in 2013 and had a look at the scene, but there was no good web stresser. Many of them closed after a short while and scammed (= cheated) the people.
So I wanted to open something stable for the people. I never wanted make profit or what. I just wanted open a stable platform with no downtime and no exit scam. And with a real 24/7 support. So it all began in 2018 with my own project.
That sounds like coming from the mouth of a marketing specialist. The support is realized by using the messenger Telegram?
Esma: At instant-stresser.com we have a Livechat (24/7), Telegram (almost 24/7, too) and support tickets with habitually replies in less then two hours.
Many Chinese customers attack Online Casinos, gambling websites and such stuff.
What do you think, why do people use your service? Are that mostly kids dossing other gamers? Or are that competitors in business? Or what are their reasons?
Esma: We have many customers from China, who use it for competitors business. In order to knock out other peoples gambling websites, game apps and so on. We have many kids too, who use the free plan. And some customers use it for testing their infrastructure in order to set up a good protection against such attacks.
Esma: Mostly for poor people as not everyone has the budget. It’s also for educational purposes. Some people are curious. They obviously won’t pay unless they can see what’s the effect, how it works etc. And it’s also a sort of preview for interested people. As said, it’s a business, where many scammers are around. So people are worried to buy.
How or where do you advertise for Instant-Stresser.com? I saw you’re searching for YouTubers to make videos about the services of your website.
Esma: Yes, at the moment we’re looking for Youtubers in order to create videos, because this helps a lot to grow up the SEO rank, so our website would be more visible. But in the past, mostly I didn’t make any publicity, just booked a few banners now and then. I’m new to the publicity market. Now we try to advertise a bit to become more well known.
Instant-Stresser.com: In the past I’ve always been running the project on my own.
How do you protect yourself against a bust? How many people are involved into your project?
Esma: I’ve always been running my project solo. In January I have hired a support manager and a developer for the layer7 attacks.
First we use a bulletproof domain name. We also use DDoS-GUARD as a reverse proxy and another reverse proxy using Tor, which is connected to another „Offshore backend“. We change the backend each month. Payments are made in Bitcoin. Soon we will add Ethereum (ETH) and Monero (XMR). We also have a deal with a private bank to accept credit cards. They pay us back in Bitcoin.
But the Bitcoin (BTC) is not really anonymous. Is it safe enough for your customers? Or do they use a BTC Mixer?
Esma: It’s like all payment in BTC goes to a wallet to another bank in the USA. They don’t have any informations about me. They have send me a credit card. By the way: I’m using three post boxes around the world to a fake the name on the credit card. So they don’t know from where I am or what ever. In that case for me the money is very safe. It’s hard to explain the whole system…
People have too much money: Our bot net is always fully booked.
No problem. Speaking about the technical details of Instant-Stresser.com: How many servers do you have? Can people bypass the protection of Cloudflare or Blazing Fast with your service? Do you also offer a bot net to attack websites? If not, why not?
Esma of Instant-Stresser.com: We own more than 70 dedicated servers. We will add 50 more.
People can bypass all protections of layer7 type. We update every day our methods. Cloudflare, Blazing Fast, with captcha, stackpath. They’re too many to mention them all. We upgrade our methods on demand.
So how comes you don’t use a bot net?
Esma: We also have a bot net, but only on custom demand and it’s always busy. It’s a bot net with 800G TCP raw traffic. So the price is 5k per week for only one person. But we don’t promote the bot net, because it’s always rented and we can only accept one customer at the same time. The period is always weekly. And seriously spoken, we have too many people who are able to pay it. So it’s always unavailable. Probably, only time will tell us if this will ever change…
Instant-Stresser.com: The IoT is *not* the future of stressing websites.
5.000 EUR for one week? I see. Do you think the IoT (Internet of Things) is the next big step for DDoS attacks instead a bot net with absorbed PCs, laptops and smartphones? Intelligent refrigerators, toasters, toys and other smart devices being taken over from hackers in order to use them for a real massive attack.
Esma: I don’t think so. Developers always work hard to fix vulnerabilies.
Do they? I’m not sure. I think it’s the other way around. But speaking about ethics: Do you have a good feeling offering such a service?
Esma: What do you mean? You want to know what I’m thinking about my own service?
Yes, people could abuse it in order to cause real HUGE damages.
Esma: I guess it’s used at 90% in order to cause huge damages…
In case we would offer our service only for legal purposes, nobody would purchase it.
Esma: But in principle, this is purely a matter for our customers. If we make it only for a legal use, no one will have customers, you know.
No illegal purpose, no customers, I see. Btw.: What can I do to protect my own website effectively against strong attacks? The free plan from Cloudflare won’t help me, that’s for sure.
Okay. And how expensive is that for me?
Esma: DDoS-GUARD is for free. Speaking of INCAPSULA, I really don’t know the prices, sorry.
Almost the last question: Do you have an outcome with your project? And what will you do in ten years. Will you still run your business then?
Esma: Let me put it this way: I have my income. Besides, it’s really not a good idea to talk about money too much.
Of course employees from EUROPOL etc. could read our interview the sooner or later. And what are you doing in ten years from now on?
Esma: In the year 2030? That’s not easy to say. I have other projects that interest me very much. Only time will tell …
Okay Esma, thanks a lot for your replies!
Recently they have changed their domain from Tonga to .com.
You could also be interested into our English interview with the administrator of Free-boot.to: „When digital stones fly“.
Über Lars Sobiraj