Europol Disrupts Six DDoS-for-Hire Services Linked to Worldwide Cyber Attacks

Europol has successfully executed an operation targeting distributed denial of service (DDoS)-for-hire services that have facilitated numerous cyber-attacks globally. This initiative has resulted in the apprehension of four suspects, aged between 19 and 22, by Polish authorities, while the United States has seized nine domains associated with the now-defunct services.

The suspects are linked to six distinct stresser/booter services that enabled users to orchestrate DDoS attacks on websites and servers for a fee as low as EUR 10. Europol’s statement highlights the detrimental impact of these services, which include cfxapi, cfxsecurity, neostress, jetstress, quickdown, and zapcut. These platforms have proven significant in executing extensive attacks targeting educational institutions, government services, commercial enterprises, and gaming platforms between 2022 and 2025.

Europol emphasized that these platforms featured user-friendly interfaces, allowing individuals with minimal technical expertise to initiate DDoS attacks. Users would merely need to input a target IP address, select the attack type, and process their payment.

Often marketed on dark web forums, stresser services typically masquerade as legitimate stress-testing tools. However, their actual intent is to disrupt access to online resources by inundating the targeted site with fake traffic, rendering it unavailable to authentic users.

Unlike traditional botnets, which depend on extensive networks of compromised devices, stresser/booter services streamline DDoS attacks through centralized, rented infrastructure. This industrialization of DDoS attacks poses a significant threat to online security.

Documented evidence on the Internet Archive portrays cfxsecurity, among others, as a leading stress testing service, offering comprehensive assessments to ensure websites can withstand such disruptions. Plans were available for a monthly fee, with various pricing tiers ranging from $20 to $130, depending on the service’s features.

Prominent cloud security company Radware reported that newer stresser services like QuickDown have incorporated a hybrid architecture utilizing both botnets and dedicated servers. This evolution in service strategy illustrates the ongoing adaptation within this illicit market.

The latest operation, part of the larger initiative called Operation PowerOFF, was executed in collaboration with Dutch and German authorities, underscoring a sustained effort to dismantle the infrastructure supporting DDoS-for-hire activities. Previous operations have successfully taken down multiple stresser services and have led to various criminal charges across jurisdictions. The continual disruption of these illicit services is critical in mitigating the risk posed by DDoS attacks as the threat landscape evolves.