Lights out for 18 more DDoS booters in pre-Christmas Operation PowerOFF push

The Europol-coordinated Operation PowerOFF struck again this week as cross-border cops pulled the plug on 27 more domains tied to distributed denial of service (DDoS) criminality.

Europol stated on Wednesday that the booter and stressor services shut down by law enforcement were among the most popular in use by hacktivists and crooks, and included zdstresser.net, orbitalstress.net, and starkstresser.net.

Booters, stressors, DDoS platforms, whatever you call them, they all essentially act as an easy way for low-level or even entirely skill-less cybercriminals to launch DDoS attacks. They can reasonably be viewed as point-and-shoot tools used to break computer security laws.

As part of the latest activity, French and German officials made a combined three arrests of suspected administrators of these services. The operation also identified more than 300 users of these illegal platforms.

According to Europol, the operation took down 27 domains and seized 18 booter platforms. The news this week is the latest of many milestones for Operation PowerOFF, which began in 2018 and has led to six arrests so far this year.

The alleged operator of digitalstress.su was cuffed by the FBI and the UK's NCA and PSNI in July, while more recently in November, Germany announced the arrests of a further two suspected admins of DDoS platforms and illicit substance marketplaces, also a part of PowerOFF.

Digitalstress was said to have facilitated tens of thousands of DDoS attacks every week. The same was said about Quantum, one of the platforms shuttered as part of the FBI's 50-domain PowerOff seizures in 2022, which also led to six arrests.

Fifteen countries in total contributed to the latest round of PowerOFF activity. Most forces were based in Europe, but Australia, Canada, Japan, and the US got in on the act too, making it a truly international effort.

The global cops involved will be using the platforms' own tricks against them in a bid to scare users away. It was noted in previous announcements that the platform admins would regularly target new users with paid internet ads, enticing those curious about cybercrime to get their first taste of it.

• UK councils bat away DDoS barrage from pro-Russia keyboard warriors
• Internet Archive wobbles back online, with limited functionality
• Internet Archive user info stolen in cyberattack, succumbs to DDoS
• 'Critical' CUPS vulnerability chain easy to use for massive DDoS attacks

"An ad a day to keep cybercrime at bay" is what Europol said in its announcement, saying it too will be paying for Google Search and YouTube ads to deter young people from using these sites.

Those who search for DDoS-for-hire tools on Google will be served the ads, and those who look for YouTube tutorials on how to use them will likewise receive similar messaging. 

"In addition to these digital interventions, other methods such as knock-and-talks, more than 250 warning letters, and over 2,000 emails will be used to reach users of illegal services," said Europol.

"Operation PowerOFF demonstrates an ongoing coordinated effort by law enforcement to tackle this threat comprehensively, from dismantling illegal platforms to preventing future attacks through education and deterrence. Operation PowerOFF continues." ®