German police arrest two for alleged ties to DDoS-for-hire platform

German police shut down a platform used to carry out distributed denial-of-service (DDoS) attacks and arrested two men who allegedly operated the site. 

Police seized infrastructure tied to the platform, Dstat.cc, as well as Flight RCS — a clear web marketplace for designer drugs and synthetic cannabinoids. The takedown operation was conducted by the Central Office for Combating Internet Crime in Frankfurt, the Hessian State Criminal Police Office and the Federal Criminal Police Office. 

It is part of “Operation PowerOff,” an international initiative to disrupt the DDoS-for-hire industry, which has opened the door for hacktivists and others with limited technical expertise to carry out disruptive cyberattacks in which targeted servers are flooded with traffic. 

Dstat.cc, which now has a notice on its homepage from law enforcement that it has been seized, allegedly provided information about so-called stresser and booter services — the tools used to carry out DDoS attacks.  

In an advisory from January 2023, the cybersecurity company Radware said “Dstat.cc… provides reviews and contact information for the booter services, allowing potential subscribers to compare and find the best service for their malicious intents.”  

The two unnamed defendants, who are 19 and 28, are accused of “having provided and administered various criminal infrastructures on the Internet” both for selling narcotics and for “computer sabotage.” 

The yearslong “Operation PowerOFF” initiative has resulted in a handful of large-scale seizures, including the takedown of 48 DDoS-for-hire service providers in December 2022. 

Last month, the U.S. indicted two men allegedly connected to the Anonymous Sudan group and revealed that it had seized and disabled the group’s DDoS tool, which it would sell to other criminal actors.