DDoS-for-hire operation taken down in major police sting

News
By published

Police in Poland, The Netherlands, Germany, and the US ran a coordinated action

DDoS attack
(Image credit: FrameStockFootages / Shutterstock)
  • Europol announced shutting down multiple stresser/booter services in the EU
  • Four people were arrested in Poland
  • Law enforcement in The Netherlands, Germany, the US, and Poland, participated in Operation PowerOFF

Law enforcement has dismantled a major DDoS-for-hire operation, and arrested four individuals suspected of running it.

In a press release, the international police force said the arrests were part of Operation PowerOFF, an ongoing effort targeting the infrastructure behind DDoS-for-hire activity.

Polish authorities arrested four people who are suspected of running multiple stresser/booter services: Cfxapi, Cfxsecurity, neostress, jetstress, quickdown and zapcut.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month

​Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.

Preferred partner (What does this mean?)

View Deal

Chats leaked

These services are thought to have facilitated “widespread attacks on schools, government services, businesses, and gaming platforms” between 2022 and 2025.

They featured a “slick” interface that lowered the barrier for entry: users didn’t need any particular technical knowledge to mount an attack. All they needed to do was know the victim’s IP address, and to have €10 to pay for the attack (the cost would increase depending on the desired length of the attack).

As part of the effort, Dutch authorities were deploying fake booter sites, designed to warn users looking for DDoS-for-hire services. They also seized data from booter websites hosted in data centers in the Netherlands, providing their partners with crucial information needed to make the arrests.

In the US, the police seized nine domains associated with booter services, and in Germany, the police identified one of the suspects. Europol said it provided analytical and operational support throughout the investigation.

The difference between usual DDoS botnets and stresser/booter services is that DDoS botnets are usually run by a single threat actor, which also works on expanding the botnet by deploying backdoors and malware.

Stresser/booter services, on the other hand, are advertised as a white hat solution, offering a “legitimate” service to test the resilience of a network or a website. However, in most cases, these are just cover-ups for obvious illegal activities, which is why law enforcement usually shuts them down.

Via Infosecurity Magazine

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.