Polish police officers of the country's Central Bureau for Combating Cybercrime detained two suspects believed to have been involved in operating a DDoS-for-hire service (aka booter or stresser) active since at least 2013.
These arrests are part of an international law enforcement effort (known as Operation PowerOFF) aiming to disrupt and take down online platforms allowing anyone to launch massive distributed denial-of-service (DDoS) attacks against any target worldwide for the right amount of money.
The operation was conducted in coordination with Europol, the FBI, and law enforcement agencies from the Netherlands, Germany, and Belgium, under the supervision of the Joint Cybercrime Action Taskforce (J-CAT).
Polish Central Cybercrime Bureau officers arrested two individuals and conducted ten searches which helped collect valuable data from the perpetrators' server located in Switzerland.
Evidence collected from the suspects' servers revealed information on over 35,000 user accounts, 76,000 login records, and more than 320,000 unique IP addresses linked to the DDoS-for-hire service.
Furthermore, police officers also uncovered 11,000 records of purchased attack plans, with associated email addresses of service buyers who paid approximately $400,000, and over 1,000 records of attack plans worth around $44,000.
Polish police also found substantial evidence of operating and managing a criminal domain on the computer belonging to one of the suspects.
The Polish Central Cybercrime Bureau shared the following video of the arrests and searches.
Operation PowerOFF is a long-running law enforcement that has resulted in the takedown of dozens of other major DDoS-for-hire platforms.
The FBI also targeted DDoS-as-a-service platforms in December 2018, when it took down 15 websites, and in December 2022, when the Department of Justice seized 48 Internet domains linked to stressed platforms and charged six suspects for their involvement in operating the booter services.
Six months later, in May 2023, the U.S. DOJ announced the seizure of 13 additional domains linked to DDoS-for-hire platforms.
"Ten of the 13 domains seized today are reincarnations of services that were seized during a prior sweep in December, which targeted 48 top booter services," the DOJ said at the time.
"Regardless of whether someone launches a DDoS attack using their own command-and-control infrastructure (e.g., a botnet) or hires a booter and stresser service to conduct an attack, their transmission of a program, information, code, or command to a protected computer is illegal and may result in criminal charges," the FBI warns.
H/T vx-underground
Comments
h_b_s - 10 months ago
These arrests aren't going to do a lot in the long run to stop DDoS for hire. Someone else will just herd those hundreds of thousands of compromised devices. The only way to stop this cycle is to do something about abandoned, ignored, or otherwise negligently administered devices on the Internet. The cheapest and least damaging thing to do is simply have regulatory power to force ISPs to stop providing services till these devices are cleaned up and properly hidden, updated, or removed.