53 DDoS Domains Taken Down by Law Enforcement

Law enforcement agencies in 21 countries this week participated in a coordinated operation targeting distributed denial-of-service (DDoS) attack services and their users, Europol announced.

DDoS-for-hire, or booter services, allow miscreants of all types, ranging from people with minimal technological background to proficient threat actors, to disrupt web and telecommunications services for financial gain, ideological purposes, or other motivations.

Part of Operation PowerOff, the new law enforcement operation led to the takedown of 53 domains associated with DDoS-for-hire services and the arrest of four individuals.

Additionally, 75 000 warning emails and letters were sent to the identified users of these services, and 25 search warrants were executed. 

The action, Europol explains, was the result of several operational sprints that gathered experts from national authorities to disrupt the illegal booter services and their infrastructure.

“Booter services allow users to launch DDoS attacks against targeted websites, servers, or networks. Their infrastructure is made up of servers, databases, and other technical components that make DDoS-for-hire activities possible,” Europol notes.

The sprints resulted in the seizure of infrastructure to prevent further damage. They also led to the exposure of over 3 million criminal user accounts.

According to Europol, authorities in Australia, Austria, Belgium, Brazil, Bulgaria, Denmark, Estonia, Finland, Germany, Japan, Latvia, Lithuania, Luxembourg, the Netherlands, Norway, Poland, Portugal, Sweden, Thailand, the UK, and the US participated in the operation.

Following the takedown, Operation PowerOff will transition to a prevention phase, involving the removal of 100 URLs promoting booter services from search engines, the placement of ads targeting individuals searching for DDoS-for-hire services, and the placement of warnings on blockchains used by cybercriminals.

Operation PowerOff has been ongoing for nearly a decade and has resulted in the disruption of dozens of DDoS-for-hire services, including prominent ones such as Webstresser, DigitalStress, Stresser.tech, and many others.

Related: Evasive Masjesu DDoS Botnet Targets IoT Devices

Related: Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Related: US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking

Related: Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet