- Europol Operation PowerOFF disrupts DDoS‑for‑hire services across 21 countries
- Four arrests, 53 domains seized, 25 search warrants executed
- Police found 3 million criminal accounts; 75,000 warning emails sent to deter customers
Four people have been arrested during Operation PowerOFF, a new Europol campaign aimed at disrupting Distributed Denial of Service (DDoS) service providers.
Europol announced that together with 21 national law enforcement agencies, it launched Operation PowerOFF which, besides the four arrests, also led to the takedown of 53 domains and the issuing of 25 search warrants.
“Leading up to the action week, a series of operational sprints took place gathering experts from national authorities across the globe to carry out actions against high-value target users of DDoS-for-hire platforms and raise awareness about the illegality of these activities,” Europol said.
Warning the users
During these “sprints”, the police allegedly disrupted illegal booter services, dismantling the technical infrastructure that supports DDoS services - servers, databases, and other technical components.
“By seizing these infrastructures, authorities were able to hinder these criminal operations and prevent further damage to victims,” Europol added.
On the confiscated hardware, the police found information on three million criminal user accounts, which led to a series of coordinated actions across the globe.
In the next stage of the campaign, Europol is warning DDoS-for-hire customers to stop what they’re doing or face the consequences. It apparently said 75,000 warning emails, and placed ads on search engines to target people searching for DDoS-for-hire tools on Google.
More than 100 URLs advertising DDoS-for-hire services were removed from search engine results, and warning messages were sent on blockchains criminals use to make illegal payments.
To launch a distributed denial of service attack, a cybercriminal must have access to hundreds of thousands of internet-connected devices. Those offering these services usually first compromise poorly protected hardware, such as home routers, smart TVs, DVRs, and different smart home appliances, with malware.
This malware gives them the necessary access, which they later streamline by creating a simple dashboard. Then, they rent access to the dashboard, effectively facilitating cybercrime.
