Slashdot Mirror
CEO Indicted for DDOSing Competitors
ruland writes "It turns out there was a reason the hosting company CIT/Foonet was raided in February. SecurityFocus.com reports that the CEO of a web-based satellite T.V. retailer has been indicted for allegedly paying Foonet's administrator to arrange denial of service attacks against his competitors, causing outages as long as two weeks at a time, and $2 million in losses. Now he's skipped out on $750,000 bail, while the five packet monkeys who worked for him are left facing felony charges of their own."
Actually, the article said he was from Morocco, so he's just going home...not necessarily somewhere "safe." According to Ask Google, we do have an extradition treaty w/Morocco, so if we can prove he's there (difficult, but probably not impossible if he used his real name to buy an airline ticket, for instance), they should be able to arrest him & return him.
Mod me down? ARRGG. It was on topic. I'm very serious about this. Emp almost packeted my company out of existance.
AcmeShells.com The cheapest Eggdrop
Apparently, that CEO guy is still stupid.
First, many countries will not extradite their own citizens.
Second, according to this UN extradition page and the linked PDF morocc.pdf, there is only a treaty for narcotics crimes, terrorism, and "organized crime".
I think he's pretty safe.
I believe posters are recognized by their sig. So I made one.
I think they've already done something similar for the Code Red attackers. And I've been surprised to see that so many off-shore ISPs are quite willing to cooperate in shutting down malicious hosts. I contacted a Chinese ISP once regarding a phishing scam hosted by one of their customers, and they had the site down in minutes. And China isn't known for being home to the most cooperative netizens.
John
We contacted hundreds of providers while these attacks where going on.. Most the colleges would pull the plug on the servers.. Most/all isps would just say, well we look into it.
AcmeShells.com The cheapest Eggdrop
Definitely stinky-cheese spammers too!
One line blog. I hear that they're called Twitters now.
ee Walker, known online as "Emp," "Rain," and "sorCe" respectively. Each of the three apparently had sizable "botnets" at their disposal, meaning they could each command thousands of compromised PCs to simultaneously attack a single host -- Walker alone had control of between 5,000 and 10,000 computers through a customized version of the Agobot worm, according to the FBI affidavit.
I would say that these guys had it coming.
easy if you're a tight assed uptight mother fucker
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
A good friend of mine recently quit her job because she was asked to do something illegal, and when she refused, she was told that this situation would arise again, and she would have to do it. She quit, and finally, almost a year later, she's now getting unemployment for the seven months she was out of work.
Oh, and the company she worked for is now the target of a class action lawsuit for commiting the act she quit over. This, plus the results of her unemployment hearing, are making it very easy to recover her 401k money she was forced to cash out to have something to live on.
Moral of both these stories, don't do it. And if you stick to your guns and do what's right, you will be okay in the end.
Wu-Tang Name: Half-Cut Skeleton Get your own Wu-Na
Well, now they have their charges and their evidence. So where's our innocent machines? The people who are angry are angry because the FBI still hasn't returned all of the machines. Now that its after the investigation, would you like to come up with a new apology for the FBI?
Sure, the CEO sucks ass and should be dragged back to the country and imprisoned, but the FBI needs to learn to play nice and return the toys they borrow.
If I have been able to see further than others, it is because I bought a pair of binoculars.
Before going to that retailer link in the article, make sure that your browser is locked up tight. They try to run an awful lot of VBscript and copy/paste to your clipboard. (Not sure what it all does, but I wouldn't trust them.)
One line blog. I hear that they're called Twitters now.
No.
In Bin Laden's OWN WORDS he specifically states he wants the USA out of Saudi Arabia. He got really really pissed when the Saudi government said "thanks, but no thanks" to his offer to bring the armies that fought in Afganistan over to kick Iraq out of Kuwait. This is WELL after the time frame of Soviet pull out of Afganistan.
That got just about everybody in the Western world on his shit-list, along with certain aspects of his own country.
This makes the Bush administration's idea that Iraq was on the verge of allying with him all that much more rediculous. Bin Laden would have been a huge PIA in the back of Saddam. He might be a meglomaniac... but he's not THAT stupid.
Hmm, secret service has responsibility for just a few areas beyond guarding the president, IIRC. have to look it up -- thought counterfeiting was one...
_ Service
http://en.wikipedia.org/wiki/United_States_Secret
The United States Secret Service is a United States federal government law enforcement agency originally created as part of the United States Department of the Treasury. On March 1, 2003, it was moved under the jurisdiction of the United States Department of Homeland Security. The Secret Service has primary jurisdiction over counterfeiting of currency and the protection or bodyguard of the President, Vice President, their immediate families, past presidents and their spouses, certain candidates for the offices of President and Vice President, and visiting foreign heads of state (all called "protectees"). It also investigates a wide variety of financial fraud crimes and identify theft and provides forensics assistance for some local crimes.
Sounds like they must have found some reason to include Steve Jackson Games thing in their fraud investigative jurisdiction? I bet someone with influence makes a phone call and the SS comes up with some rationale and then the door gets kicked down.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
ZorinLynx wonders:
What I never understood about this is why the SECRET SERVICE, of all agencies got involved.
Guarding public officials is almost a side job for the Secret Service. Their original (and until last year, primary) mission is investigating and enforcing financial crimes (eg. counterfeitting). They also are responsible for identity theft and attacks on computing infrastructure.
The Secret Service also are also responsible for all fraud cases involving counterfeit U.S. currency and credits, not just guarding the current and past presidents.
Secret Service was part of the Department of the Treasury until they got transfered to Homeland Security.
Just saying it like it are.
the DoJ raided some kids houses to stop them from trading music.
"Some kid" is the 13 yr old next door using mom's PC and Dad's cable connection to trade mp3s.
The DOJ nabbed half a dozen guys running DC hubs containing over 40 PETABYTES of illegal/pirated materials. EACH.
That's WAAAAAAAYYYY beyond "some kid".
No unauthorized use. Trespassers will be shot. Survivors will be shot again.
Ashcroft was mistaken when he reported 40 petabytes. It was 40 terabytes, and that was for the entire hub. The 'kid' more or less was just directing traffic.
From the Court's factual findings: "Henry Kluepfel, Director of Network Security Technology (an affiliate Bell Company), was advised a sensitive, proprietary computer document of Bell South relating to Bell's "911 program" had been made available to the public on [a BBS in Illinois]... Around February 6, 1990, Kluepfel learned that the 911 document was available on a computer billboard entitled "Phoenix" which was operated by Loyd Blankenship in Austin, Texas... Prior to February 26, 1990, Kluepfel learned that Blankenship not only operated the Phoenix bulletin board, but he was a user of the Illinois bulletin board wherein the 911 document was first disclosed, was an employee of Steve Jackson Games, Inc., and a user of the Steve Jackson Games, Inc.'s bulletin board "Illuminati." Kluepfel's investigation also determined that Blankenship was a "co-sysop" of the Illuminati bulletin board, which means that he had the ability to review anything on the Illuminati bulletin board and, importantly, maybe able to delete anything on the system. Blankenship's bulletin board Phoenix had published "hacker" information and had solicited "hacker" information relating to passwords, ostensibly to be analyzed in some type of decryption scheme."
Kluepfel reported this to the Secret Service. Kluepfel had a positive history with the Secret Service, in that he had assisted them in prior investigations. The Secret Service agent handling the investigation, Agent Foley, contacted the local U.S. Attorney's Office and had the local U.S. Attorney file for a warrant to search and seize SJG's hardware in order to get evidence about Bell South's 911 file. "The only information Agent Foley had regarding Steve Jackson Games, Inc. and Steve Jackson was that he thought this was a company that put out games, but he also reviewed a printout of Illuminati on February 25, 1990, which read, "Greetings, Mortal! You have entered the secret computer system of the Illuminati, the on-line home of the world's oldest and largest secret conspiracy. 5124474449300/1200/2400BAUD fronted by Steve Jackson Games, Incorporated. Fnord." The evidence in this case strongly suggests Agent Foley, without any further investigation, misconstrued this information to believe the Illuminati bulletin board was similar in purpose to Blankenship's Phoenix bulletin board, which provided information to and was used by "hackers." Agent Foley believed, in good faith, at the time of the execution of his affidavit on February 28, 1990, there was probable cause to believe Blankenship had the 911 Bell South document [**12] and information relating to the decryption scheme stored in his computer at home or perhaps in computers, disks, or in the Illuminati bulletin board at his place of employment at Steve Jackson Games, Inc.; that these materials were involved in criminal activities; and that Blankenship had the ability to delete any information stored on any of these computers and/or disks."
"The only information Agent Foley had regarding Steve Jackson Games, Inc. and Steve Jackson was that he thought this was a company that put out games, but he also reviewed a printout of Illuminati on February 25, 1990, which read, "Greetings, Mortal! You have entered the secret computer system of the Illuminati, the on-line home of the world's oldest and largest secret conspiracy. 5124474449300/1200/2400BAUD fronted by Steve Jackson Games, Incorporated. Fnord." The evidence in this case strongly suggests Agent Foley, without any further investigation, misconstrued this information to believe the Illuminati bulletin board was similar in purpose to Blankenship's Phoenix bulletin board, which provided information to and was used by "hackers.""
That last bit is where the court found fault with the government's case. The Secret Service basically acted on Foley's mis
Actually, arstechnica, among others mentions the mis-quote that you are talking about, that there was 40 terabytes available through the hub, and that the "agents were able to download 72GB of copyrighted material that included a variety of movies, music, applications, and games."
Now having terabytes available through a P2P network seems like a reasonable number, as does having only 72GB available on the few machines.
Note that they also don't make any distnction between copyrighted materiels which are distributed legally (as many indie composers, musicians, and other artists allow it) versus those materials that aren't authorized (like the cracked Doom3 versions).
Please actually check your sources, rather than just reciting the over-hyped misquotes.
frob
//TODO: Think of witty sig statement
steve jackson games were raided by the Secret Service, a completely different organization than the FBI.
Its fairly simple to spoof such attacks and spoof the source addresses.
Do this from enough hosts (since we're generally talking machines connected 24/7 you have plenty of time) and the machine with the adaptive system is crippled. Usually just doing it from that machines upstream DNS servers will stop it functioning properly.
Theres software on Linux called portsentry that runs along these lines, theres also perl scripts knocking about to cripple machines running it.
Using things like rate limiting or white lists and similar may help but no foolproof way has yet been found to my knowledge, not to the extend you could safetly use them on production machines.
How so? Or are you just repeating what the government tells you because we all know that the government doesn't lie?
And all the children burned alive by the FBI & ATF were 'bad guys' too?
For more info on the raid go here. I warn you that some of the pictures are not for the faint of heart.
"It is difficult to get a man to understand something when his salary depends upon his not understanding it."
Actually they did it based off of information obtained from web server logs of one of the companies being attacked. Had you read the Security Focus article you would've known that. Also I can tell you from personal knowledge that they deserved what they got ,and the FBI did not act inappropriately. I know this because I know the admin of the place through a friend, and he also had his personal server taken by the FBI as part of the raid. It was later returned to him, but at the time we were all angry because we thought it was unjustified. The fact was we didnt have all the information(which later it was told to me they were investigating DDoS attacks, which turned out to be true).