More than 75,000 individuals using distributed denial-of-service (DDoS) platforms for disruptive attacks have been warned through emails and letters during the latest phase of the Operation PowerOFF international law enforcement action.

The ongoing operation is supported by Europol and involves authorities in 21 countries. Coordinated efforts led to the arrest of four people, taking offline 53 domains, and issuing 25 search warrants.

“Leading up to the action week, a series of operational sprints took place, gathering experts from national authorities across the globe to carry out actions against high-value target users of DDoS-for-hire platforms and raise awareness about the illegality of these activities,” Europol says.

“During these sprints, the participating countries disrupted illegal booter services, dismantling the technical infrastructure that supports illegal DDoS.”

The operation has a global span, and includes multiple European Union countries as well as Australia, Thailand, the United States, the United Kingdom, Japan, and Brazil.

“Booter services” are DDoS-for-hire platforms that allow users to pay for renting the firepower of DDoS swarms, typically consisting of compromised routers and IoTs, and directing it to their intended targets.

Some operators of these services attempt to hide their real goal by claiming they are used for legitimate stress testing, but lack verification of target ownership and hence are still used for illegal attacks.

The latest Operation PowerOFF action was built on previous phases that resulted in dismantling key infrastructure and seizing databases with more than 3 million criminal accounts.

Europol states that the operation is now entering its prevention phase, which includes launching awareness campaigns and disruption measures.

These involve placing search engine ads aimed at young people seeking DDoS tools, removing from search results more than 100 URLs that promote these illegal services, and adding on-chain warning messages tied to illicit payments.