Taking Down Booters: The Cat-and-Mouse Game www.lightbluetouchpaper.org/2025/09/0…

Booters have been around for years, offering anyone with a few dollars the ability to take offline websites that lack protection from protection services. They are often marketed as harmless “stress-testing” tools, but in practice, they are mostly used for malicious purposes. Law enforcement had made several attempts to take them down in the past […] In addition to seizing websites, authorities also set up deceptive sites and ran influence campaigns on forums and chat channels to deter potential customers.

We measured the impact of this campaign by incorporating a diverse mix of data. The interventions clearly work in the short term. They reduce attacks, cut traffic, and undermine cybercriminals’ confidence. But the market is resilient: domains are replaced within hours, operators adapt quickly, and attack volumes rebound in weeks. Still, even short-lived disruptions have value, especially during periods of higher attack activity, such as school holidays and Christmas. They force operators to waste time and resources, confuse users, and make the entire ecosystem feel less safe.

One of the major takeaways is that this is not a battle with a single victory point. We probably cannot eliminate booters once and for all; instead, we can keep pushing them back, wave after wave. If booters shift from being easy, casual tools for teenagers and gamers to niche services for more committed criminals, that alone would be a win. The fight against DDoS-for-hire is less about landing a knockout punch and more about ensuring the market never feels stable again.