As part of an ongoing international crackdown known as Operation PowerOFF, international law enforcement has seized over two dozen platforms used to carry out Distributed Denial-of-Service (DDoS) attacks.
These “booter” (aka “stresser”) sites were used by both cybercriminals and hacktivists to overwhelm target websites and web-based services with traffic and render them inaccesible.
Operation PowerOFF: Taking down DDoS platforms, arresting admins
Coordinated by Europol and involving law enforcement agencies from Australia, the US, the UK, Brazil, Japan, and several European countries, the multi-year Operation PowerOFF targeted persons engaged in enabling and perpetrating DDoS attacks:
- 27 booter/stresser websites have been taken down (including zdstresser.net, orbitalstress.net, and starkstresser.net
- 3 administrators have been arrested in France and Germany
- Over 300 users of the platforms have been identified for planned operational activities.
The Dutch police says that they were able to discover the identity of approximately 200 suspects and that at least four of them are now being prosecuted.
“They are four men aged between 22 and 26 and from Rijen, Voorhout, Lelystad and Barneveld. The 26-year-old man from Barneveld is suspected of carrying out no fewer than 4,169 DDos attacks. The other three suspects are believed to have carried out hundreds of attacks. The police expect to summon more suspects for interrogation in the near future and do not rule out further arrests,” they said.
Simultaneously, the US Department of Justice has announced indictments against two defendants suspected of running booter services.
Deterrence-focused actions
“In conjunction with the website seizures, Homeland Security Investigations, the United Kingdom’s National Crime Agency, and the Netherlands Police have launched an advertising campaign using targeted placement ads in search engines, which are triggered by keywords associated with DDoS activities. The purpose of the ads is to deter potential cyber criminals searching for DDoS services in the United States and around the globe, as well as to educate the public on the illegality of DDoS activities,” the DoJ said.
Europol said that other methods – knock-and-talks, warning letters and emails will be used to reach users of those illegal services.
“We know that Booter services are an attractive entry-level cyber crime, and users can go on to even more serious offending. Therefore, tackling this threat doesn’t just involve arresting offenders, it includes steering people away from straying into cyber crime and helping them make the right cyber choices,” commented Frank Tutty, from UK NCA’s National Cyber Crime Unit.