• Fri. May 24th, 2024

Poland Arrests DDoS-on-Demand Service Owners

Avatar photo


Jul 12, 2023
Poland Arrests DDoS-on-Demand Service Owners

Two people have been detained by Polish police on suspicion of starting and running a DDoS-for-hire service that has been operational since 2013. The arrests were conducted as part of Operation PowerOFF, a bigger multinational law enforcement initiative that tries to disable networks that allow massive DDoS assaults in exchange for money. The Joint Cybercrime Action Team (J-CAT), the FBI, and law enforcement organizations from the Netherlands, Germany, and Belgium all worked together on this operation.

Significant Success in Operation PowerOFF: Polish Police Arrest DDoS-for-Hire Service Operators

Officers from the CBZC in Poland searched the defendants’ server in Switzerland ten times during the arrests in order to gather important information. The server’s data showed a vast network, comprising more than 35,000 user accounts, more than 76,000 login logs, and more than 320,000 distinct IP addresses connected to the DDoS assault service. The authorities also found over 1,000 records of additional plans costing over $44,000 and around 11,000 records of plans that had been acquired and for which clients had paid a total of about $400,000.

Furthermore, Polish law enforcement found compelling evidence of criminal domain management and administration on one of the suspects’ computers. This successful operation is part of ongoing international efforts to dismantle numerous DDoS-for-hire platforms. In December 2022, the FBI seized 48 booter service domains, and although some previously thwarted platforms reemerged under new domains, law enforcement agencies remained vigilant.

In March, the UK’s National Crime Agency (NCA) implemented a proactive approach by establishing counterfeit DDoS-for-hire websites to identify cybercriminals who exploit these services to target organizations. Several thousand individuals accessed these deceptive sites, which mimicked authentic DDoS-for-hire services. However, instead of providing access to DDoS tools, the websites discreetly collected information about their visitors, aiding law enforcement in their investigations.