Global Law Enforcement Cracks Down On DDoS-For-Hire Services, Warns 75,000+ Suspected Cyberattackers

A cross-border coalition of international law enforcement groups has sent official warnings to more than 75,000 alleged cybercriminals who paid for access to ready-to-use services that launch disruptive cyberattacks capable of taking websites completely offline.

Europol publicly announced the coordinated enforcement effort on Thursday. The operation targets multiple distributed denial-of-service (DDoS) for-hire platforms, which let malicious actors launch attacks without any advanced hacking skills or their own attack infrastructure.

A key centerpiece of the crackdown, officially named Operation PowerOFF, is the outreach to suspected users: Europol sent warning emails and physical letters to the more than 75,000 people identified as customers of these illegal DDoS services.

The agency confirmed it obtained identifying information about the alleged users after raiding and seizing servers tied to the targeted platforms. The server seizures let investigators pull full records of all registered users of the services.

Beyond notifying at-risk users, the operation has delivered significant enforcement results to date: four people have been arrested, 53 domains linked to the illegal DDoS services have been taken offline, and law enforcement officers have executed 24 court-approved search warrants across participating jurisdictions.

DDoS attacks remain one of the most common forms of cyber disruption, in large part because for-hire services make them extremely simple to launch. Last year, cloud infrastructure firm Cloudflare reported it mitigated the largest DDoS attack ever recorded, which peaked at 29.7 terabits per second. This latest global crackdown follows multiple prior operations targeting this illegal industry led by the FBI over the last several years.