Polish Authorities Uncover Teen-Led DDoS-for-Profit Scheme
Poland’s Central Bureau for Combating Cybercrime (CBZC) has identified seven minors, aged 12 to 16, involved in distributing and operating tools used for Distributed Denial-of-Service (DDoS) attacks. The suspects targeted high-traffic websites, including auction platforms, IT domains, hosting services, and accommodation booking sites, with their activities motivated by financial gain.
The investigation began last year after authorities linked a 14-year-old from the Masovian Voivodeship to the administration of DDoS attack tools. Further probes uncovered six additional minors across four regions Masovian, Lublin, Łódź, and Greater Poland who collaborated in the scheme. Police raids at the suspects’ homes recovered attack infrastructure, including mobile phones, computers, storage devices, and handwritten records detailing their operations.
Given the minors’ ages, the case has been referred to family courts for further action. The CBZC confirmed the suspects were in regular contact and worked together to deploy the attacks.
Source: https://www.helpnetsecurity.com/2026/03/10/poland-minors-identified-distributing-ddos-attack-tools/
Polish Chapter of the Honeynet Project cybersecurity rating report: https://www.rankiteo.com/company/polish-honeynet-project
NASK cybersecurity rating report: https://www.rankiteo.com/company/nask
"id": "POLNAS1773146096",
"linkid": "polish-honeynet-project, nask",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'E-commerce',
'location': 'Poland',
'type': 'Auction platforms'},
{'industry': 'Information Technology',
'location': 'Poland',
'type': 'IT domains'},
{'industry': 'Web Hosting',
'location': 'Poland',
'type': 'Hosting services'},
{'industry': 'Hospitality',
'location': 'Poland',
'type': 'Accommodation booking sites'}],
'attack_vector': 'Distributed Denial-of-Service (DDoS) tools',
'description': 'Poland’s Central Bureau for Combating Cybercrime (CBZC) has '
'identified seven minors, aged 12 to 16, involved in '
'distributing and operating tools used for Distributed '
'Denial-of-Service (DDoS) attacks. The suspects targeted '
'high-traffic websites, including auction platforms, IT '
'domains, hosting services, and accommodation booking sites, '
'with their activities motivated by financial gain.',
'impact': {'systems_affected': 'High-traffic websites (auction platforms, IT '
'domains, hosting services, accommodation '
'booking sites)'},
'investigation_status': 'Ongoing (case referred to family courts)',
'motivation': 'Financial gain',
'references': [{'source': 'Central Bureau for Combating Cybercrime (CBZC)'}],
'regulatory_compliance': {'legal_actions': 'Case referred to family courts'},
'response': {'containment_measures': 'Police raids, seizure of attack '
'infrastructure (mobile phones, '
'computers, storage devices, handwritten '
'records)',
'law_enforcement_notified': 'Yes (CBZC)'},
'threat_actor': 'Seven minors (aged 12 to 16)',
'title': 'Polish Authorities Uncover Teen-Led DDoS-for-Profit Scheme',
'type': 'DDoS'}