British Authorities Nail Online Blackmailers

Iphtashu Fitz writes "CNet's News.com is reporting that 3 men have been arrested for allegedly blackmailing websites by threatening DDoS attacks if they didn't pay between $10,000 and $55,000. Britians National Hi-Tech Crime Unit (NHTCU) worked with the targeted websites to combat the DDoS attacks and to track their origin. With the help of Russian police they identified and arrested three Russians and expect more arrests in the near future."

In other news...

...Slashdot is rumoured to be investigating a new method of securing additional "revenue"...

Re:In other news...

[Metallic+Matty]

Actually, that's not a bad idea..

*ponders*

Send 100 USD to this pay pal account or I'll submit a slashdot story which links to your personal website.

hehe.

DDoS

And now Slashdot will DDoS them.

Allegedly threatening a DDoS attack?

[Quickfry]

That can get you arrested? What if I 'allegedly threaten' to watch my sister change? Will I get arrested for being a pervert?

Re:Allegedly threatening a DDoS attack?

[rking]

What if I 'allegedly threaten' to watch my sister change? Will I get arrested for being a pervert?

Arrests are invariably over allegations. In the UK, at least, we have a whole court system that determines whether the allegations were true and that only kicks in after arrest. In this case the charges were for blackmail. Blackmail is by its nature based on threats. If you're from the US then I think you call the crime "extortion" instead.

pay me $10k...

...and i will not submit news about your site on /.

I say good job

[Alcohol+Fueled]

This is good. It may only be three people, but that's three less people who are trying to take advantage of the Internet and the people who use it. And I say good job on the cooperation between British and Russian officials who got the three guys. :)

Re:I say good job

[akaiONE]

There were acording to El. Reg ten more of these crimminals who got arrested in Riga, Latvia last year. This investigation seem to have been going for a while and its good to see that scriptkiddies, mafia and mobsters are not allowed to try to extort victims this way.

The scope of this would surprise many of you.

[mindstrm]

The scale and scope of these attacks, and the amounts of money paid to these people, how far that money went, how many countries it was wired through, and the amount of law enforcement and private sector work involved in getting even this far would shock many of you.

Contrary to what some say, the US authorities *DO* care what's going on... they just can't prosecute directly unless it's affecitng US business.

These people and similar operators have extored millions of dollars in the last 12 months alone.

I'm sure many will come out and say "Oh well if you had just built your network properly...".. oh, if only it were that simple. These attacks have come in at over 4Gbps... and no matter how you slice it, that's a shitload of bandwidth.

The slashdot effect is jack shit compared to what these guys have unleashed for WEEKS at a time on one site alone.

This is extortion not blackmail

[TheNarrator]

Knock! Knock! Langugage police is here

Blackmail is defined as: 1. Extortion of money or something else of value from a person by the threat of exposing a criminal act or discreditable information.

While Extortion is: 1. The act of extorting; the act or practice of wresting anything from a person by force, by threats, or by any undue exercise of power; undue exaction; overcharge.

Now since these guys weren't threatening to reveal something about the company this is garden variety extortion and not blackmail.

Re:This is extortion not blackmail

[rking]

Blackmail is a specific crime in the UK, defined by section 21 of the Theft Act 1968 :

21 (1) A person is guilty of blackmail if, with a view to gain for himself or another or with intent to cause loss to another, he makes any unwarranted demand with menaces; and for this purpose a demand with menaces is unwarranted unless the person making it does so in the belief:
(a) that he has reasonable grounds for making the demand; and
(b) that the sue of the menaces is a proper means of reinforcing the demand

(2) The nature of the act or omission is immaterial , and it is also immaterial whether the menaces relate to action to be taken by the person making the demand.

(3) A person guilty of blakmail shall on conviction non indictment be liable to imprisonment for a term not exceeding fourteen years.

These people are being accused of blackmail.

Re:Why DDos?

[nacturation]

I'm just anxious to see a real DoS attack. Any idea where I can find some code to see how it actually works?

I'm probably feeding a troll here, but what the hell. Why do you need to see code? It's little more than a massive surge in traffic which looks legitimate. Try this pseudocode on for size:

while(1)
- recursively get victim's entire website

Now spread that across 100,000 zombie machines, each capable of pulling in an average of maybe 20KB/s. Suddenly the victim's dealing with 2GB/s of traffic or, more likely, not dealing with it as the traffic would thoroughly saturate not only the victim's website but also the entire hosting provider's network.

Re:what's next?

[nacturation]

Is this a new form of terrorism?

This has been around since the dawn of man. "Do X or else I'll do Y." X can be a request for money, goods, services, actions... you name it; Y is generally always something which will harm the intended victim, whether financially, personally, or emotionally. Extortion is certainly nothing new and, while it's often terrifying for the victim, it isn't necessarily a terrorist activity.

Heck, compare the following three extortion demands:

Mild: "If you don't stop playing Doom 3 so much, I'm leaving you."
Medium: "Give me a raise or I'll alert the media about the company's fudged finances."
Intense: "Clear out of Iraq or we execute these hostages."