- Europol announced the closure of multiple more stress/starting services in the EU
- Four people were arrested in Poland
- Application of the law in the Netherlands, Germany, the United States and Poland, participated in Operation Poweroff
The police have dismantled an important DDOS-for-for-for-rental operation, and arrested four people suspected of executing it.
In a press release, the International Police Force said the arrests were part of Operation Poweroff, a continuous effort aimed at the infrastructure behind the DDOS-for rental activity.
The Polish authorities arrested four people suspicion of executing multiple services of more stress/start: cfxapi, cfxsecury, neostress, jetstress, quickdown and zapcut.
The filtered chats
It is believed that these services have facilitated “generalized attacks on schools, government services, companies and game platforms” between 2022 and 2025.
They presented an “slippery” interface that reduced the entrance barrier: users did not need any particular technical knowledge to set up an attack. All they had to do was know the victim’s IP address and have € 10 to pay the attack (the cost would increase depending on the desired duration of the attack).
As part of the effort, the Dutch authorities were implementing false starting sites, designed to warn users who are looking for ddos-living services. They also confiscated data on websites housed in data centers in the Netherlands, providing their partners with crucial information necessary to make arrests.
In the United States, the police confiscated nine domains associated with starting services, and in Germany, the police identified one of the suspects. Europol said he provided analytical and operational support throughout the investigation.
The difference between usual ddos botnets and stressful/starting services is that the DDOS botnets are generally executed by a single threat actor, which also works to expand the botnet by implementing rear and malware.
Stresser/Booter services, on the other hand, are announced as a white hat solution, which offers a “legitimate” service to test the resilience of a network or a website. However, in most cases, these are only coverings for obvious illegal activities, so the application of the law generally closes them.
Through Infosecurity magazine
