They don't simply have to knock the genuine server offline; instead, they have to be able to be seen as the genuine server by each validation server.
If they control a node very near to the original server it should be possible...
Also discussed here BTW: