Europol announces takedown of major DDoS-for-hire network

News
By published

Operation PowerOFF disrupts DDoS networks

DDoS attack
(Image credit: FrameStockFootages / Shutterstock)
  • Europol's Operation PowerOFF has taken down DoS networks
  • The global operation involved law enforcement from 15 countries
  • PowerOFF operation led to the arrest of three site admins, and identification of 300 DDoS site users

Europol has taken down 27 ‘booster’ and ‘stressor’ networks used to conduct distributed denial-of-service (DDoS) attacks in a global operation involving 15 countries.

The operation, code named PowerOFF, targeted botnet-for-hire websites including orbitalstress.net, zdstresser.net, and starkstresser.net.

Three arrests were made against stressor site administrators, with over 300 site users identified by law enforcement.

Article continues below

DDoS sites taken down

PowerOFF’s main mission was to disrupt the “holiday tradition for cybercriminals” of targeting websites in the run up to Christmas, which can cause, “severe financial loss, reputational damage and operational chaos for their victims.”

“These platforms enabled cybercriminals and hacktivists to flood targets with illegal traffic, rendering websites and other web-based services inaccessible,” the Europol statement said.

A statement from the Dutch Politie said four suspects between the age of 22 and 26 are being prosecuted for their involvement in hundreds of DDoS attacks.

Europol and other law enforcement agencies have stepped up their efforts to tackle DDoS networks, with the UK’s National Crime Agency (NCA), the Police Service of Northern Ireland (PSNI), and the Federal Bureau of Investigation (FBI) taking down the Digitalstress booster site - widely recognized as the world's largest DDoS site pre-takedown.

Europol also disrupted hundreds of servers used to distribute a cracked version of the Cobalt Strike pentesting software earlier this year in a combined operation involving law enforcement from Australia, Canada, Germany, the Netherlands, Poland, the UK, US, Bulgaria, Estonia, Finland, Lithuania, Japan, and South Korea that targeted 690 IP addresses across 27 countries.

CloudStrike additionally released data showing it recently disrupted the world’s biggest DDoS attack in September 2024, which was recorded peaking at 3.8Tbps.

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.