International law enforcement has shut down 27 of the most popular platforms used to carry out distributed denial-of-service (DDoS) attacks, Europol announced in a statement on 11 December 2024. The operation called PowerOFF, conducted across 15 countries to include the US, UK, Australia, Brazil, Canada, and Finland, which led to the identification of 300 users of these platforms and the arrest of three administrators in France and Germany.
Europol explained that the takedowns were timed ahead of Christmas because the holiday season “has long been a peak period for hackers to carry out some of their most disruptive DDoS attacks, causing severe financial loss, reputational damage, and operational chaos for their victims.”[1]
The targeted websites, also known as “booters” and “stressers,” enable cybercriminals and hacktivists to flood online services with junk traffic, rendering them inaccessible. Platforms taken down during the operation included zdstresser.net, orbitalstress.net and starkstresser.net, according to Europol.
Sites like those make it relatively easy for groups or individuals to create digital disruptions without having to use more advanced hacking techniques. "We know that Booter services are an attractive entry-level cybercriminal and users can go on to even more serious offending. Therefore, tackling this threat doesn't just involve arresting offenders, it includes steering people away from straying into cybercrime and helping them make the right cyber choices," said Frank Tutty of the UK's National Cyber Crime Unit in a news release.
A recent report by Cloudflare revealed that the number of DDoS attacks worldwide surged in the third quarter of 2024 to nearly 6 million, about 50 percent more than during the same period last year. The banking and financial services sector was the most targeted by these attacks.
Global geopolitical tensions have further fueled the use of powerful botnets used in DDoS incidents, Cloudflare noted. Germany's cybersecurity agency (BSI) reported this week a sharp rise in high-volume DDoS attacks targeting the country over the past year. The BSI suggested that this trend indicates threat actors are increasingly leveraging large botnets for their operations.
On 9 December, Denmark's cybersecurity officials reported a suspected Russia-linked cyberattack targeting websites of several Danish municipalities. The country’s top cyber official, Mark Fiedel, commented that politically motivated hackers often seek attention and therefore choose symbolic targets. “For example, someone with a clear connection to Denmark's support for Ukraine,” Fiedel added.
PowerOFF is one of several campaigns led by Europol targeting services used by cybercriminals for a range of illicit activities. Last week, the agency collaborated with Belgian and Dutch authorities in an international operation against a phone phishing gang, resulting in the arrest of eight suspects. As part of this campaign, hackers attempted to gain access to victims' financial data via phone or online, later spending the stolen money on luxury watches, jewelry, and lavish parties in designer clothing at exclusive clubs.
Earlier in December, police dismantled a “sophisticated” encrypted messaging service called MATRIX, which was linked to serious crimes, including international drug trafficking, arms trafficking, and money laundering.
In November, Europol and its partners took down one of the largest illegal streaming networks, arresting nearly a dozen individuals tied to the operation. The suspects had pirated over 2,500 television channels, primarily sports channels and made them available to more than 22 million viewers worldwide.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://therecord.media/ddos-sites-takedown-international-law-enforcement-europol/
Comments