"DDoS is not a game. It's a crime!" Europol targets the youth in latest bid to take down DDoS-for-hire infrastructure

Modern DDoS attacks are notoriously difficult to trace. Because they deploy massive, geographically dispersed botnets, pinning a single mastermind to an attack is nearly impossible. However, a recent international crackdown has successfully targeted much of the DDoS-for-hire infrastructure used by cybercriminals.

Operation PowerOFF: A Global Crackdown

Last week, several countries collaborated in a Europol-supported effort to take criminal services offline. This was part of a coordinated action week that began on April 13. The initiative is part of Operation PowerOFF, an ongoing effort involving 21 different countries that has been active since at least 2018.

During this recent period, law enforcement achieved several significant milestones:

• 75,000 users were sent warning emails and letters.
• 53 domains were taken down.
• 25 search warrants were issued.
• Four people were ultimately arrested.

Dismantling the DDoS-for-hire infrastructure

Much of this success was made possible by intercepting "illegal booter services." These tools allow users with minimal technical knowledge to launch devastating attacks against their targets. By targeting this DDoS-for-hire infrastructure, authorities were able to expose data on over 3 million criminal user accounts.

According to Europol, these attacks are often regionally focused, hitting everything from online marketplaces to telecommunications providers. Motivations vary widely, ranging from simple curiosity and hacktivism to financial gain through extortion or the disruption of competitors. Law enforcement continues to work to dismantle this DDoS-for-hire infrastructure piece by piece.

Targeting Youth with "Cringe" Prevention

With the infrastructure dismantled, the operation is now shifting into a prevention phase. This includes scrubbing 100 URLs linked to cybercrime from search engine results and displaying targeted messages to young people searching Google for attack tools.

The campaign even features an official website with a somewhat cringeworthy animated short. In it, a young gamer turns to a life of crime after losing his connection to a Minecraft server. While the tagline "DDoS is not a game. It's a crime!" might be hard to take seriously, the real-world impact on gaming is undeniable.

The Real Cost of Cybercrime in Gaming

We have already seen the fallout from these attacks in major titles. Earlier this year, Arc Raiders suffered through "extensive" and coordinated attacks, while Final Fantasy XIV Online's North American servers struggled following Patch 7.4.

While it is hard to say if the youth are solely to blame, the legal consequences are real. In 2025, the US Department of Justice charged a 22-year-old for his role in creating Rapperbot, described as one of the most powerful botnets to ever exist. Europol has been actively targeting young users of these tools since at least 2016.