Europol identifies over 75,000 users linked to DDoS-for-hire services

Europol has identified more than 75,000 users involved in organizing DDoS (denial-of-service) attacks through so-called “attack-for-hire” services, according to an official statement cited on its website.

The coordinated operation took place on April 13, 2026, involving law enforcement agencies from 21 countries.

Preparatory work included joint international efforts aimed at identifying users of DDoS services and dismantling infrastructure of so-called “booter” platforms, which allow attacks on websites, servers, and networks. During the operation, databases containing information on more than 3 million accounts were seized, enabling further investigations.

According to Europol, DDoS-for-hire services remain one of the most accessible forms of cybercrime, allowing even non-technical users to launch attacks that can disrupt online services and cause significant damage to companies and individuals.

The agency noted that participants in such attacks range from beginners to experienced cybercriminals, with motives including curiosity, financial gain, and ideological objectives.

The operation, codenamed “PowerOFF,” is continuing and has now moved into a preventive phase. Measures include removing more than 100 links to DDoS services from search results, displaying warning ads to users searching for such tools, and sending notifications through blockchain-based payment networks used for these services.

By Jeyhun Aghazada