Police Takes Down Six DDoS-for-Hire Services, Arrests Administrators

In a significant blow to the global community, Polish authorities have detained four suspects linked to six Distributed Denial-of-Service (DDoS)-for-hire platforms. These services, which were allegedly used to facilitate thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022, have been taken down in a coordinated law enforcement action involving authorities from Germany, the Netherlands, Poland, and the United States.

The six DDoS services, named Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut, were marketed as legitimate testing tools on the dark web and hacking forums. However, they were primarily used to disrupt online services, servers, and websites by flooding them with traffic in distributed denial-of-service (DDoS) attacks, causing outages for real users.

"In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide," said Europol in a statement. "The suspects are believed to be behind six separate stresser/booter services that enabled paying customers to flood websites and servers with malicious traffic — knocking them offline for as little as EUR 10."

These DDoS-for-hire services, also known as stressers or booters, provided customers easy-to-use interfaces that required no technical skills besides paying for a subscription or a one-time fee, entering the target's IP address, and choosing the type and duration of the DDOS attack. The platforms were designed to be user-friendly, making it accessible to anyone who wanted to launch a DDoS attack without requiring extensive technical knowledge.

Data seized by the Netherlands police from these booter websites was shared with international partners and led to the arrest of four administrators associated with the DDoS platforms in Poland. The United States seized nine domains as part of this coordinated crackdown on DDoS services, while German law enforcement assisted the investigation by identifying a suspect and sharing intelligence on others involved.

Dutch investigators have also created their own fake booter sites to warn those seeking DDoS-for-hire services that what they're doing is illegal and highlight that such activities are monitored and may lead to prosecution. These takedowns and arrests are part of an ongoing and long-running joint operation known as Operation PowerOFF, which started in December 2018 with the seizure of 15 websites linked to DDoS-as-a-service platforms.

Previously, this operation led to the seizure of the Dstat.cc DDoS review platform, the takedown of the DigitalStress DDoS-for-hire service in the UK, and the arrest of two booter service operators in Poland. Other joint actions include seizing 13 domains and another 48 domains hosting booter platforms in two separate enforcement waves.

Global Impact

The six DDoS services taken down by authorities worldwide have targeted various sectors, including education, government, business, and gaming. The attacks caused significant disruptions to online services, servers, and websites, resulting in outages for real users.

As a result of these takedowns, the global community can now expect fewer DDoS-for-hire services being used to launch malicious attacks. This coordinated law enforcement action demonstrates the ongoing commitment to combating cybercrime and protecting online security.

About Operation PowerOFF

Operation PowerOFF is a joint operation that began in December 2018, with the goal of disrupting DDoS-as-a-service platforms. The operation has led to several significant takedowns, including the seizure of 15 websites linked to DDoS-as-a-service platforms and the arrest of multiple individuals involved in the distribution of malware.

The success of Operation PowerOFF highlights the importance of international cooperation in combating cybercrime. By working together, law enforcement agencies can effectively disrupt malicious activities and protect online security worldwide.