Poland arrests four in global DDoS-for-hire takedown

Polish authorities have arrested four people suspected of running illegal DDoS-for-hire services that allowed users to launch cyberattacks on websites and servers worldwide, according to Europol.

The suspects, aged 19 to 22 years old, allegedly operated six platforms — Cfxapi, Cfxsecurity, Neostress, Jetstress, Quickdown and Zapcut — that offered distributed denial-of-service attacks for as little as 10 euros. Beginning in 2022, the services targeted educational institutions, government websites, companies and gaming services.

If convicted, the suspects could face up to five years in prison, Poland’s Central Cybercrime Bureau (CBZC) said. During raids, officers seized computers, phones, SIM and payment cards, cryptocurrency wallets containing about $30,500 in digital currency, as well as cash and vehicles.

Unlike traditional botnets, the so-called "booter" or "stresser" services allow users to flood a website with traffic by simply entering a target’s IP address and paying a fee. The attacks are executed through centralized rented infrastructure, making them accessible to users with little technical skill.

The arrests were part of “Operation PowerOFF,” a coordinated international effort led by Europol and the FBI, with support from law enforcement agencies across multiple countries. As part of the latest action, U.S. authorities seized nine domains linked to illegal DDoS services.

In a previous phase of the operation in December, police shut down 27 booter platforms in a global sweep across 15 countries, identifying 300 users and arresting three administrators in France and Germany.