Article Details

Police takes down six DDoS-for-hire services, arrests admins. ​Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022. Such platforms are often marketed as legitimate testing tools on the dark web and hacking forums, but are mainly used to disrupt online services, servers, and websites by flooding them with traffic in distributed denial-of-service (DDoS) attacks and causing outages for real users. The six DDoS services, named Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut, have been taken down in a coordinated law enforcement action involving authorities from Germany, the Netherlands, Poland, and the United States. "In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide," Europol said on Wednesday. "The suspects are believed to be behind six separate stresser/booter services that enabled paying customers to flood websites and servers with malicious traffic — knocking them offline for as little as EUR 10." As Europol explained, these DDoS-for-hire services (also known as stressers or booters) provided customers easy-to-use interfaces that required no technical skills besides paying for a subscription or a one-time fee, entering the target's IP address, and choosing the type and duration of the DDOS attack. ​Data seized by the Netherlands police from these booter websites was shared with international partners and led to the arrest of four administrators associated with the DDoS platforms in Poland. The United States seized nine domains as part of this coordinated operation, while German law enforcement assisted the investigation by identifying a suspect and sharing intelligence on others involved. Dutch investigators have also created their own fake booter sites to warn those seeking DDoS-for-hire services that what they're doing is illegal and highlight that such activities are monitored and may lead to prosecution. These takedowns and arrests are part of an ongoing and long-running joint operation known as Operation PowerOFF that started in December 2018 with the seizure of 15 websites linked to DDoS-as-a-service platforms. Previously, this operation led to the seizure of the Dstat.cc DDoS review platform, the takedown of the DigitalStress DDoS-for-hire service in the UK, and the arrest of two booter service operators in Poland. Other joint actions include seizing 13 domains and another 48 domains hosting booter platforms in two separate enforcement waves. Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.