Europol along with 21 countries joined forces in a coordinated action week recently that focused on enforcement and prevention measures against over 75,000 criminal users engaging in distributed denial-of-service (DDoS)-for-hire services. With over 75,000 warning emails and letters being sent to identified criminal users and 4 arrests, the action week also led to the takedown of 53 domains and the issuing of 25 search warrants.
During these sprints, the participating countries disrupted illegal booter services, dismantling the technical infrastructure that supports illegal DDoS. Booter services allow users to launch DDoS attacks against targeted websites, servers, or networks. Their infrastructure is made up of servers, databases, and other technical components that make DDoS-for-hire activities possible. By seizing these infrastructures, authorities were able to hinder these criminal operations and prevent further damage to victims. The seized databases allowed Europol experts to support their national colleagues in providing data on over 3 million criminal user accounts, which led to a series of coordinated actions across the globe during the action week.
Countries that participated in the joint action
The following countries participated in the joint action: Australia, Austria, Belgium, Brazil, Bulgaria, Denmark, Estonia, Finland, Germany, Japan, Latvia, Lithuania, Luxembourg, the Netherlands, Poland, Portugal, Sweden, Thailand, the United Kingdom and theUnited States.
Leading up to the action week, a series of operational sprints took place gathering experts from national authorities across the globe to carry out actions against high-value target users of DDoS-for-hire platforms and raise awareness about the illegality of these activities.
What are DDoS-for-hire attacks
DDoS-for-hire is one of the most prolific and easily accessible trends in cybercrime, enabling individuals with little technical knowledge to follow step-by-step tutorials to execute criminal attacks. These attacks inflict significant harm on businesses and individuals across the globe by targeting servers, websites, or online services and making them inaccessible to legitimate users.
Individuals engaging in DDoS activity range from users with minimal technical background able to launch attacks with little effort to more technically proficient actors who customise and optimise their illegal operations. Attacks are often regionally focused, with users targeting servers and websites within their continent, and directed at a wide range of targets including online marketplaces, telecommunications providers, and other web-based services. Motivations vary from curiosity to ideological purposes linked to hacktivism, as well as financial gain through extortion or the disruption of competitors’ services.
Operation PowerOFF: Disrupt and prevent
Operation PowerOFF is an ongoing, coordinated effort among international law enforcement aimed at dismantling criminal DDoS-for-hire infrastructure. As the operation enters its prevention phase, a series of coordinated and proactive campaigns to prevent future attacks took place, with more to follow. These campaigns include:
* The creation of ads on search engines, with targeted messages shown to young people searching for DDoS-for-hire tools on Google.
* The removal of over 100 URLs advertising DDoS-for-hire services from search engine results.
* Sending warning messages on the blockchains used by criminals to make payments related to their illegal activities.
* Updating the dedicated website for Operation PowerOFF to keep track of and give further visibility to all the enforcement and prevention actions.
Which are the Law enforcement authorities involved
Australia: Australian Federal Police
Austria: Criminal Intelligence Service Austria – Cybercrime Competence Center (C4)
Belgium: Federal Judicial Police - FCCU
Brazil: Brazilian Federal Police
Bulgaria: Cybercrime Department - General Directorate Combating Organized Crime
Denmark: Danish Police - POLITI
Estonia: National Criminal Police
Finland: National Bureau Of Investigation
Germany: Federal Criminal Police Office
Japan: National Police Agency of Japan
Latvia: Cybercrime Enforcement Department, Central Police Department, State Police of Latvia
Lithuania: Lithuanian Criminal Police Bureau
Luxembourg: Service de Police Judiciaire – Section Cybercrime
Netherlands:Netherlands Police
Norway National Crime Investigation Service
Poland: National Police - Central Cybercrime Bureau
Portugal: Polícia de Segurança Pública and Polícia Judiciária
Sweden: Swedish Police Authority - Swedish Cybercrime Center (SC3)
Thailand: Royal Thai Police – Immigration Bureau and Cyber Crime Investigation Bureau
United Kingdom: National Cyber Crime Unit, National Crime Agency and UK Regional Cyber Crime Units
United States: Homeland Security Investigations (HSI), Department of Defense Office of Inspector General’s Defense Criminal Investigative Service (DCIS), United States Department of Justice (DOJ), Federal Bureau of Investigation (FBI), United States Attorney’s Office (USAO)
Start a Conversation
Post comment