Pierluigi Paganini December 12, 2024

Operation PowerOFF took down 27 DDoS stresser services globally, disrupting illegal platforms used for launching cyberattacks.

A global law enforcement operation codenamed Operation PowerOFF disrupted 27 of the most popular platforms (including zdstresser.net, orbitalstress.net, and starkstresser.net) to launch Distributed Denial-of-Service (DDoS) attacks.

“Law enforcement agencies worldwide have disrupted a holiday tradition for cybercriminals: launching Distributed Denial-of-Service (DDoS) attacks to take websites offline. As part of an ongoing international crackdown known as PowerOFF, authorities have seized 27 of the most popular platforms used to carry out these attacks.” reads the press release published by Europol.

Law enforcement from the following states participated in the operation: Australia, Brazil, Canada, Finland, France, Germany, Japan, Latvia, the Netherlands, Poland, Portugal, Sweden, Romania, the United Kingdom, and the United States.

Booter and stresser services are platforms that enable Distributed Denial-of-Service (DDoS) attacks by overwhelming targets with traffic. Marketed as network “stress testing” tools, they are often misused for malicious purposes. Law enforcement globally targets these services to combat cybercrime. 

The holiday season sees a spike in Distributed Denial-of-Service (DDoS) attacks, causing financial loss and operational disruption. Motivations include economic sabotage, financial gain, and ideology, often driven by groups like Killnet or Anonymous Sudan targeting various victims.

Europol coordinated the operation that involved law enforcement agencies from 15 countries. The authorities also arrested three administrators of these platforms in France and Germany.

The law enforcement bodies identified over 300 users.

PowerOFF   is a strong signal to cybercriminals,” said cyber specialist of the Central Netherlands police Iris Koster. “Criminals who make money by shutting down the ICT of others are simply punishable and they will notice that. The police are taking tough action against cybercrime, in whatever form. In the Netherlands, several suspects are now being prosecuted and we are taking users out of anonymity. The police are also present on the web.”

According to the press release published by Dutch Police, they identified around 200 suspects from data linked to “booter websites,” prosecuting four men aged 22–26 for conducting thousands of DDoS attacks. A 26-year-old suspect alone executed 4,169 attacks, with others responsible for hundreds. Authorities have taken down a frequently used DDoS-for-hire site and plan further arrests.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Operation PowerOFF)