European police email 75,000 people asking them to stop DDoS attacks
Europol sends warning emails to 75,000 suspected DDoS-for-hire customers as Operation PowerOFF takes down 53 domains and arrests four. The crackdown highlights the growing DDoS threat and why proper mitigation matters.
Operation PowerOFF Targets 75,000 DDoS Customers
Europol and a coalition of global law enforcement agencies have sent warning emails to more than 75,000 people suspected of paying for DDoS-for-hire services. The operation, dubbed PowerOFF, also resulted in four arrests, 53 domain takedowns, and 24 search warrants executed across multiple countries.
The agencies identified these users by seizing servers from DDoS-for-hire platforms and combing through customer records. The message is clear: buying attacks is not anonymous, and law enforcement is watching.
DDoS-for-Hire Remains a Growing Problem
DDoS-for-hire services, also called booters or stressers, let anyone launch attacks without technical skill. For a few dollars, users can overwhelm a target with traffic and knock it offline. These services continue to grow despite repeated law enforcement crackdowns.
The scale of modern DDoS attacks keeps climbing. Cloudflare reported mitigating a record 29.7 terabits per second attack last year. Providers like Fastly, Akamai, and Imperva all offer DDoS mitigation as part of their WAF and edge security platforms. Without proper protection, even a small booter attack can take down an unprepared site.
This Is Not Just a Criminal Problem
Many booter customers are young people who do not realize they are committing crimes. Europol explicitly stated the emails are partly a deterrence campaign aimed at potential repeat offenders. The FBI has run similar operations in the US, seizing DDoS-for-hire domains in multiple waves since 2022.
WAFplanet Take
Sending 75,000 emails is a creative approach, but it will not stop DDoS attacks. The barrier to launching them is still too low, and new platforms pop up faster than old ones get taken down. The real takeaway for website operators: assume you will be targeted eventually.
If your site is not behind a provider with proper DDoS mitigation, you are gambling. Compare Cloudflare vs Akamai or check our full WAF comparison to find a solution that fits. Relying on law enforcement to protect your uptime is not a strategy.
