Seizing control of criminal websites is literally standard procedure. Three letter agencies are known for hacking their way into criminal platforms and keeping them running for as long as possible. They justify it as an opportunity to catch high value targets. They're quite willing to literally distribute CSAM from their own servers for months, years on end if that's what it takes. They don't just react either, they are very proactive. They start their own CSAM communuties to entrap criminals. So called honeypots.

It's a recurring theme with these authorities. You see, they're special. They get to spread this sort of material with complete impunity. They get to stockpile cyberweapons and use them against the targets of their investigations, or even indiscriminately. If you do it, you're a hacker spreading malware. They're just doing their jobs.

Sometimes those two privileges collide, resulting in truly comical and absurd situations. FBI has allowed cases against child molesters to go down the drain because the judge ordered them to reveal some Firefox exploit they used. They didn't want to invalidate their "network investigative techniques".

It's even more legally funny than this. They are also allowed to enact entrapment to some degree and it passed court muster in the US. That because it's extremely hard to use it as a defence.

Note that these actions are illegal in most continental jurisdictions as stings must be devised ahead of time against specific groups of people. There's also Article 6 of ECHR.

In other words, FBI cannot run a sting off an EU site like this, at least definitely not a German one.