Europol announces takedown of major DDoS-for-hire network

News
By
published

Operation PowerOFF disrupts DDoS networks

DDoS attack
(Image credit: FrameStockFootages / Shutterstock)
  • Europol's Operation PowerOFF has taken down DoS networks
  • The global operation involved law enforcement from 15 countries
  • PowerOFF operation led to the arrest of three site admins, and identification of 300 DDoS site users

Europol has taken down 27 ‘booster’ and ‘stressor’ networks used to conduct distributed denial-of-service (DDoS) attacks in a global operation involving 15 countries.

The operation, code named PowerOFF, targeted botnet-for-hire websites including orbitalstress.net, zdstresser.net, and starkstresser.net.

Three arrests were made against stressor site administrators, with over 300 site users identified by law enforcement.

DDoS sites taken down

PowerOFF’s main mission was to disrupt the “holiday tradition for cybercriminals” of targeting websites in the run up to Christmas, which can cause, “severe financial loss, reputational damage and operational chaos for their victims.”

“These platforms enabled cybercriminals and hacktivists to flood targets with illegal traffic, rendering websites and other web-based services inaccessible,” the Europol statement said.

A statement from the Dutch Politie said four suspects between the age of 22 and 26 are being prosecuted for their involvement in hundreds of DDoS attacks.

Europol and other law enforcement agencies have stepped up their efforts to tackle DDoS networks, with the UK’s National Crime Agency (NCA), the Police Service of Northern Ireland (PSNI), and the Federal Bureau of Investigation (FBI) taking down the Digitalstress booster site - widely recognized as the world's largest DDoS site pre-takedown.

Europol also disrupted hundreds of servers used to distribute a cracked version of the Cobalt Strike pentesting software earlier this year in a combined operation involving law enforcement from Australia, Canada, Germany, the Netherlands, Poland, the UK, US, Bulgaria, Estonia, Finland, Lithuania, Japan, and South Korea that targeted 690 IP addresses across 27 countries.

CloudStrike additionally released data showing it recently disrupted the world’s biggest DDoS attack in September 2024, which was recorded peaking at 3.8Tbps.

You might also like

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.