After four suspects in the Netherlands came to light at the end of 2024, various actions have been carried out in recent months to impact the criminal DDoS-for-hire market. The Polish authorities arrested four suspects last month who were responsible for a website where one can easily order DDoS attacks; a so-called booter. The booters that are no longer operational – Cfxapi, Cfxsecurity, neostress, jetstress, quickdown and zapcut – are suspected of having played a facilitating role in DDoS attacks on schools, government institutions, businesses, and gaming platforms between 2022 and 2025.
Operation PowerOFF 2025
The arrests in Poland were part of this recent action in Operation PowerOFF. Furthermore, the United States took over nine domains associated with DDoS services. Additionally, Germany and the Netherlands supported the Polish investigation by sharing relevant information. Finally, the Dutch police have launched several fake DDoS websites in recent weeks that were promoted via Google Search Ads. These websites resembled real DDoS services, but in reality, they were run by the police. Individuals who attempted to purchase a service from these websites were immediately confronted with a warning message from the police. Executing a DDoS attack is illegal and can cause significant damage. The police do not rule out such actions in the future.
Offender Prevention is Important
Experts from the cybercrime team of Unit Central Netherlands and Team High Tech Crime of the National Investigation and Intervention Unit (LO) are working closely together in Operation PowerOFF. This time, they focused on the use of alternative interventions. In addition to the criminal prosecution of the big users, implementing these alternative interventions, also known as offender prevention, is very important for us, said Stan Duijf, responsible for tackling cybercrime at the LO. With this, we aim to prevent those involved from becoming criminals.
What is a DDoS Attack?
A Distributed Denial of Service attack, also known as DDoS, is an attempt by cybercriminals to send an enormous number of requests to, for example, a website. As a result, these become unreachable for users. Compare it to a massive traffic jam, but digitally. Through, for example, a botnet, a network of hacked zombie computers with central control, a website is visited so massively that it becomes very slow or even crashes. Various other services, such as routers, firewalls, or DNS servers, can also be targeted. There are various types of perpetrators and motives for a DDoS attack. The victims of these attacks are also varied: from game servers and schools to banks, web shops, or even entire governments. Committing a DDoS attack is no joke and is always illegal. One risks a prison sentence of five years for committing a DDoS attack.
About Operation PowerOFF
With Operation PowerOFF, law enforcement agencies from various countries are joining forces to influence the global criminal DDoS market. DDoS attacks are illegal because they rely on criminal botnets to carry out attacks. This is also the case in the Netherlands. Through international cooperation, Operation PowerOFF focuses on infrastructure, administrators, and (potential) users. Participating police organizations work together to gain access to DDoS services and shut them down. See also: operation-poweroff.com