Europol’s Mass Email Blitz: 75,000 DDoS Users Get Direct Warnings in Global Crackdown

Europol-led Operation PowerOFF sent 75,000 warnings to DDoS-for-hire users worldwide, yielding arrests and domain seizures. The effort targets amateur attackers with emails extracted from raided servers, shifting focus to prevention amid rising threats.
Europol’s Mass Email Blitz: 75,000 DDoS Users Get Direct Warnings in Global Crackdown
Written by Sara Donnelly

Law enforcement agencies across 21 countries fired off more than 75,000 warning emails and letters to suspected DDoS attackers this week. The recipients? People who paid for ‘booter’ and ‘stresser’ services to flood websites offline. Operation PowerOFF, coordinated by Europol, marked a shift to prevention after years of chasing infrastructure. Four arrests. Fifty-three domains seized. Twenty-five search warrants executed. And a database haul revealing over three million user accounts.

Servers raided. User lists extracted. Emails dispatched. Europol’s European Cybercrime Centre sifted through seized data, geolocating suspects and sharing leads with partners from Australia to the United States. The action week hit on April 13. But PowerOFF isn’t new. Launched in 2017 as Operation Vulcania, it has dismantled dozens of platforms before—27 booters alone ahead of last Christmas, per Europol’s operation page.

DDoS-for-hire makes chaos simple. No coding required. Pick a target. Pay with crypto. Watch the site crumble under fake traffic. Targets often include e-commerce sites, telecoms, gaming platforms. Motivations vary: kids testing limits. Hacktivists pushing agendas. Extortionists demanding ransoms. Businesses suffer downtime costs in the millions. Last year, Cloudflare blocked a 29.7 terabits-per-second monster, as noted in TechCrunch.

Europol didn’t stop at emails. They planted ads on Google and YouTube aimed at curious teens. Scrubbed over 100 shady URLs from search results. Even slipped warnings onto blockchains tied to illicit payments. A dedicated site tracks progress in real time. ‘Message received loud and clear,’ writes Clubic. ‘Authorities know who they are. This is just the beginning.’

Luxembourg’s cyber unit dug into the data too. Their judicial police helped probe users from platforms analyzed across the coalition, according to Paperjam. Many targets lack real skills—amateurs ordering attacks like fast food. France felt the sting recently; La Poste endured weeks of disruption. PowerOFF responds to that vulnerability.

Partners spanned the globe. Australia’s Federal Police. Germany’s BKA. U.S. FBI and Homeland Security Investigations. Japan’s National Police Agency. Even Thailand and Brazil joined. Europol ran the command post, traced crypto, forensically picked apart servers. Part of the EMPACT platform against organized threats. Ongoing. Four-year cycles. This phase emphasizes deterrence.

Past wins build momentum. Poland nabbed four admins last year, U.S. seized nine domains. December 2024: 27 platforms down, three arrests in France and Germany. Yet booters rebound. Users migrate. Warnings aim to scare off the casual crowd before they graduate to worse.

But will it stick? Deleting accounts won’t erase traces. Investigators hold the logs. High-value targets face follow-ups. The emails spell it out: stop now, or else. Industry watches closely. DDoS mitigation firms like Cloudflare report attacks surging—regional floods hitting markets hardest.

PowerOFF enters prevention mode. Expect more ads. More blockchain pokes. Continued server hunts. Law enforcement bets on scale: hit 75,000 at once. Shock the ecosystem. Many users are young, impulsive. A stern note from cops might suffice. For pros? Expect warrants next.

The operation exposes how commoditized cybercrime has become. Booters sell access cheap—minutes of downtime for pennies. No wonder novices flock in. Europol’s data trove changes the game. Instead of whack-a-mole with sites, they chase customers directly. Bold. Scalable. A template for future ops.

Subscribe for Updates

CybersecurityUpdate Newsletter

The CybersecurityUpdate Email Newsletter is your essential source for the latest in cybersecurity news, threat intelligence, and risk management strategies. Perfect for IT security professionals and business leaders focused on protecting their organizations.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.

Notice an error?

Help us improve our content by reporting any issues you find.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us