Article Details

Polish cops bail 20-year-old bedroom botnet operator. DDoSer of 'strategically important' websites admitted to most charges. Polish authorities have cuffed a 20-year-old man on suspicion of carrying out DDoS attacks. The Central Bureau for Combating Cybercrime (CBCZ) claims the uunamed individual was responsible for attacks on "numerous popular websites," including those of strategic importance. Given the context, it can be reasonably assumed that strategically important websites likely refers to those providing essential services to the public or government. CBCZ officer combing through alleged DDoS attacker's PC The man faces six charges and a maximum five-year prison sentence for disrupting IT systems and acquiring the software to do so. CBCZ officers in Lublin, Poland's eighth-largest city, said the websites, portals, and services the alleged criminal attacked were located around the world. Officials said on Tuesday morning the suspect used "C2 stresser" and "Command and Control Node" machines to carry out the attacks, referring to the overall mechanism as a multi-layered botnet. The case is ongoing and further arrests related to the same activity are possible. Following the man's arrest at his apartment, officers seized his computer equipment, saying that in doing so they "dismantled the IT infrastructure used to host and distribute DDoS attack tools." The 20-year-old is said to have admitted to "most of the charges" and was bailed after providing a police statement. He will remain under non-custodial police supervision until sentencing. Per the CBCZ's annual review, Poland's police are heavily involved in coordinated efforts to stymie DDoS attacks in Europe. Poland is one of the 15 countries that supported the Europol-coordinated Operation PowerOFF, and its authorities arrested seven individuals as part of this work in 2025, six of whom were described as domain administrators. The CBCZ also supported Operation Eastwood in July, which targeted the prolific pro-Russia hacktivist crew NoName057(16), charging an 18-year-old with four counts related to computer crimes. Officers reported a 30 percent increase in cybercrime charges and detentions in 2025, with the unit growing to more than 1,000 staffers – nearly double the size at the start of 2024.