Europol uncovers cybercrime empire with 27 DDoS sites shut down
Law enforcement agencies have disrupted holiday cybercriminal activities by dismantling 27 platforms used for Distributed Denial-of-Service (DDoS) attacks as part of Operation PowerOFF. Initiated by Europol, the operation spanned 15 countries, including Germany and France. Authorities have arrested three administrators and identified over 300 users potentially involved in planned attacks. DDoS attacks, especially during the festive season, often lead to significant financial and reputational damage for affected organizations.
Law enforcement disrupts DDoS platforms during Operation PowerOFFThe operation specifically targeted ‘booter’ and ‘stresser’ websites, which facilitate the flooding of targeted systems with illegal traffic, rendering websites and services unreachable.
“Known as ‘booter’ and ‘stresser’ websites, these platforms enabled cybercriminals and hacktivists to flood targets with illegal traffic, rendering websites and other web-based services inaccessible,” told Europol.
Notable platforms taken offline include zdstresser.net, orbitalstress.net, and starkstresser.net. These platforms commonly employ botnet malware from compromised devices to execute attacks for paying customers. The actions taken by law enforcement underline the seriousness of the online threat landscape, particularly during high-traffic periods like the holiday season.
The investigation involved coordinated efforts from various countries who collaborated extensively. Europol’s European Cybercrime Centre (EC3) played a crucial role by organizing operational meetings and technical sprints to create investigative leads. The agency also provided analytical support and expertise in crypto-tracing, further assisting member countries in the exchange of critical information through the Joint Cybercrime Action Taskforce (J-CAT).
Best practices for preparing your organization for cybersecurity incidents
This prolonged disruption is timely, as the festive season has historically been a peak for DDoS attacks, instigated by motivations ranging from economic sabotage to ideological expressions, associated with groups like Killnet and Anonymous Sudan. As incidents of DDoS attacks have increased significantly during the end-of-year shopping events, law enforcement’s efforts aim to mitigate anticipated threats.
To complement the dismantling of DDoS services, Operation PowerOFF initiated proactive measures to discourage potential offenders from engaging in such criminal activities. The InterCOP network contributed significantly to this initiative by facilitating international cooperation among participating countries.
An online advertising campaign is set to deter individuals from seeking DDoS-for-hire services, targeting specific demographics known for such interests. This campaign includes Google search ads that display deterrence messages to young users searching for these tools, alongside YouTube ads that aim to educate viewers watching tutorials on the subject. Enforcement will also include direct outreach methods, such as “knock-and-talk” operations, over 250 warning letters, and 2,000 emails dispatched to users identified as engaging with illicit services.
This campaign, alongside traditional enforcement actions, showcases a comprehensive approach to addressing the ongoing threat of cybercrime. Participating entities in Operation PowerOFF include law enforcement agencies from Australia, Brazil, Canada, Finland, France, Germany, Japan, Latvia, the Netherlands, Poland, Portugal, Sweden, Romania, the United Kingdom, and the United States.
Featured image credit: Europol