Slashdot Mirror
British Authorities Nail Online Blackmailers
Iphtashu Fitz writes "CNet's News.com is reporting that 3 men have been arrested for allegedly blackmailing websites by threatening DDoS attacks if they didn't pay between $10,000 and $55,000. Britians National Hi-Tech Crime Unit (NHTCU) worked with the targeted websites to combat the DDoS attacks and to track their origin. With the help of Russian police they identified and arrested three Russians and expect more arrests in the near future."
The scale and scope of these attacks, and the amounts of money paid to these people, how far that money went, how many countries it was wired through, and the amount of law enforcement and private sector work involved in getting even this far would shock many of you.
Contrary to what some say, the US authorities *DO* care what's going on... they just can't prosecute directly unless it's affecitng US business.
These people and similar operators have extored millions of dollars in the last 12 months alone.
I'm sure many will come out and say "Oh well if you had just built your network properly...".. oh, if only it were that simple. These attacks have come in at over 4Gbps... and no matter how you slice it, that's a shitload of bandwidth.
The slashdot effect is jack shit compared to what these guys have unleashed for WEEKS at a time on one site alone.
Before i always thought DDoS attacks were initiated by frustrated scriptkiddies who had some form of dispute (probably glined off an irc server) with the victims. This is the first time people try to take money in the process. Is this a new form of terrorism? If so, will others (virii/worm coders etc.) pick up the trend?
Erm no, because though a slashdotting may cripple a site, 10 people will post mirrors, plus it's free publicity -- so why pay when you're basically threatening to advertise them for free and offer the value added service of recruiting 10 people to mirror the site for FREE? That's some threat. :)
/. these days? Well now you know why.
Maybe you haven't noticed the rise in advertisements masquerading as articles on
I'm just anxious to see a real DoS attack. Any idea where I can find some code to see how it actually works?
I'm probably feeding a troll here, but what the hell. Why do you need to see code? It's little more than a massive surge in traffic which looks legitimate. Try this pseudocode on for size:
while(1)
- recursively get victim's entire website
Now spread that across 100,000 zombie machines, each capable of pulling in an average of maybe 20KB/s. Suddenly the victim's dealing with 2GB/s of traffic or, more likely, not dealing with it as the traffic would thoroughly saturate not only the victim's website but also the entire hosting provider's network.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
As I understand it, Russia is a bad place to get busted for anything. I wonder what they do when the crime is in the 50k range.
Anyone know anything about modern Russian legal?
Then, when are the British authorities going after SCO?
This is the thing that always gets me.
Companies and webmasters cry DDOS when their website just simply cant handle the flood.
Granted, some attacks are genuine, but all it takes to DDOS someone is a posting on one of the many websites (not just slash) that the original webadmin wasn't expecting.
Its like hearing in the news about an ongoing DDOS attack on xyz's site, whats the first thing you do?
I know I try and load the page.....
liqbase
Because they do money laundering? There may be the odd bookie out there who took some dirty money, but by and large this is total nonsense.
You might be surprised the lengths many internet gambling places go to to prevent being used to launder money. The LAST thing any gaming shop wants is the international authorities busting down their door and shutting them down. It's already a good profitable business if done right.. there is no need to accept the increased risk of laundering money for a small extra profit.
Also, in the scenario you painted... unless a lot of people do it, or the numbers are huge (in which case it would be noticed right away), there is nothing in it for the bookie above and beyond his normal customers anyway.
That said, there are several reasons this industry was more vulnerable, and was a good choice for them to attack.
- gambling sites operate outside the US & Canada, where it is MUCH harder to get solid hosting and tons of bandwidth.
- The US authorities are still on the fence as to whether someone legally operating an online gambling business in another country taking action from americans is breaking US law or not.
- Because of not operating in the US, and not wanting extra US exposure, online gambling shops generally don't talk to the US authorities.
- Online gambling shops, specifically bookies, make their money in bursts. Being down for a weekend during NFL is really expensive. 3 hours of downtime could cost you the entire week's profits on a Saturday.
- Many shops are small, independant, and not large organisations who have to justify their decisions to a board. Given the amount of money to be lost, paying $20,000 in order to not lose $100,000 is a fairly easy decision to make. pay up then investigate how you can avoid having this happen again later.
It's like if someone robbed you on the street.. and instead of just taking your moeny said "Okay, I can either take all your money, every day, or you can give me $100 right now, and keep the other $900 in your wallet AND I won't bug you again until next year". In the long run, you had better learn how to fight.. but in the immediate short term, it's a good deal.
There is a reason protection rackets work, both on and offline.