A major international law enforcement campaign has hit the DDoS-for-hire ecosystem, warning more than 75,000 suspected users and disrupting the infrastructure that helped power online attacks around the world.
Backed by Europol, Operation PowerOFF brought together authorities from 21 countries in a coordinated action week on 13 April 2026.
The operation resulted in four arrests, 25 search warrants, and the takedown of 53 domains linked to illegal booter and stresser services.
These platforms are designed to let users launch distributed denial-of-service, or DDoS, attacks against websites, servers, and online networks. In a DDoS attack, criminals flood a target with traffic so legitimate users cannot access it.
Authorities also sent more than 75,000 warning emails and letters to identified users of these services. The message was clear: even paying for a DDoS attack through a third-party platform is a criminal act.
Investigators said the crackdown targeted not only the operators behind the services but also the customers using them to attack businesses, telecom providers, marketplaces, and other online systems.
According to Europol, the action followed several operational sprints involving cybercrime experts from participating countries. During those efforts, investigators seized servers, databases, and other backend systems that supported illegal DDoS operations.
Analysis of the captured data exposed information tied to more than 3 million criminal user accounts. That intelligence helped identify high-value targets and supported enforcement actions across multiple jurisdictions.
Operation PowerOFF also highlights how easy DDoS-for-hire services have made cybercrime. Many platforms offer step-by-step tools, cheap pricing, and simple dashboards, allowing people with little technical skill to launch disruptive attacks.
Officials said motivations range from curiosity and revenge to hacktivism, extortion, and business sabotage. While some actors are inexperienced users, others are more advanced and customize attacks for stronger impact or longer outages.
The campaign also included a prevention phase aimed at reducing future abuse. Law enforcement worked with search engines to remove more than 100 URLs advertising DDoS-for-hire tools from search results.
Authorities also placed targeted warning ads that appear when young users search for these services online. In addition, warning messages were sent through blockchains used for payments, and the Operation PowerOFF website was updated to publish enforcement results and awareness material.
The participating countries included the United States, the United Kingdom, Germany, the Netherlands, Japan, Australia, Brazil, and several other European and international partners.
Europol said it supported the operation with intelligence analysis, geolocation of suspects, crypto-tracing, forensic help, and a command post during the action days.
The latest phase of Operation PowerOFF shows that law enforcement is now going after the full DDoS-for-hire chain, from service operators to paying users, while also trying to stop new offenders before attacks begin.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
