An international law enforcement operation resulted in the closure of 53 domains and four arrests in connection with a commercial distributed denial of service (DDoS) operation used by more than 75,000 cybercriminals.
An ongoing effort dubbed “Operation PowerOFF” has disrupted access to the DDoS rental service, taken down the technical infrastructure supporting the service, and gained access to a database containing more than 3 million criminal user accounts. Authorities have also sent warning emails and letters to identified criminal users, and 25 search warrants have also been issued.
Twenty-one countries took part in the action: Australia, Austria, Belgium, Brazil, Bulgaria, Denmark, Estonia, Finland, Germany, Japan, Latvia, Lithuania, Luxembourg, the Netherlands, Poland, Portugal, Sweden, Thailand, the United Kingdom, and the United States.
“The Booter service allows users to launch DDoS attacks against targeted websites, servers and networks,” Europol said in a statement. “Their infrastructure consists of servers, databases, and other technical components that enable rental DDoS activities. By seizing this infrastructure, authorities were able to disrupt these criminal activities and prevent further harm to victims.”
The agency describes DDoS-for-hire as one of the most prevalent and easily accessible trends in cybercrime. This allows individuals with little or no technical knowledge to carry out malicious attacks at scale and cause significant damage to businesses.
Europol also noted that DDoS activities can originate from well-resourced and skilled attackers, who may utilize such services to customize or optimize their illegal activities. DDoS attacks often tend to target a variety of web-based services, and the motivations behind them can vary widely.
They range from simple curiosity or financial gain through extortion to hacktivism for ideological reasons or sabotaging a competitor’s service. Some operators of these services have been found to disguise their services as stress testing tools to hide their true motives and evade law enforcement scrutiny.
This development marks the latest step taken by authorities to dismantle criminal DDoS rental infrastructure around the world as part of PowerOFF. In August 2025, the U.S. government announced the closure of a DDoS botnet called RapperBot that had been used to conduct large-scale destructive attacks targeting victims in more than 80 countries since at least 2021.
Source link
