Slashdot Mirror
CEO Indicted for DDOSing Competitors
ruland writes "It turns out there was a reason the hosting company CIT/Foonet was raided in February. SecurityFocus.com reports that the CEO of a web-based satellite T.V. retailer has been indicted for allegedly paying Foonet's administrator to arrange denial of service attacks against his competitors, causing outages as long as two weeks at a time, and $2 million in losses. Now he's skipped out on $750,000 bail, while the five packet monkeys who worked for him are left facing felony charges of their own."
what a bunch of retards.
Here's to hoping the term "packet monkeys" enters the lexicon as soon as possible. For some reason that made me laugh, imagining a NOC full of monkeys flinging poo at one another.
Actually, I guess that pretty much describes most NOCs nowadays...
El riesgo vive siempre!
If your boss tells you to do something illegal, they'll arrest him *and you*. When he skips bail, you'll be left holding the bag.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
I seem to recall quite an uproar surrounding the seizure before. People yelling about the government raping the constituion, etc.
Glad I was one of the people that decided to wait and see what it was all about instead of taking it as a sign that our government was overextending itself. Not that they don't, but I'm guessing this isn't one of those times if everyone on staff got felony charges.
Whee signature.
According to the article, they think the CEO's skipped town to Morocco. Don't we have an extradition treaty w/them? If so, it shouldn't be that hard to get him back, assuming Morocco's police play along.
Dalnet's a Satellite TV retailer? Who knew?
"The dew has clearly fallen with a particularly sickening thud this morning"
At least the CEO had the class to not outsource the packet monkey work to Russia or India. ;)
Everyone knows the perfect crime when it comes to DDoS is to post your opponent's URL on slashdot...
My company was a direct target of these assholes. It is about time the FBI finally did something. They are the reason I am paying more for my servers than any other IRC shell provider.
AcmeShells.com The cheapest Eggdrop
RackSpace fought back, but the attackers proved determined and adaptive. In mid-October the simple SYN flood attacks were replaced with an HTTP flood, pulling large image files from WeaKnees.com in overwhelming numbers. At its peak the onslaught allegedly kept the company offline for a full two weeks.
Wouldn't it have made more sense to host these files from a tarpit? If you know you're under attack by zombie hordes that are going to repeatedly ask for a file, why not give it to them s--l--o--w--l--y? Although I suppose that since the attacks were being watched and changed frequently, the attackers probably would simply have switched tactics again.
Anyway, is it possible or practical to use the logs of the http flood to go back to the zombified PC owners and "fix" them? HTTP requires a real connection, which is traceable. Or should that list just be delivered to their ISPs and have the ISPs shut them down until they're virus free?
John
Now he's skipped out on $750,000 bail, while the five packet monkeys who worked for him are left facing felony charges of their own.
Executives pulled this stunt with stockholders quite heavily over the last 5 years. I imagine that he didn't actually pay out $750k but probably put up "collateral" with an appraised worth of $750k. It doesn't mean much if he's been cutting his own salary, stock options, and other investments at several million/year.
+++ATHZ 99:5:80
If a manager asks me to do something that is morally or legally questionable, I ask them to send me a signed memo with their request. That usually makes them go away and drop the subject.
Mea navis aericumbens anguillis abundat
I'd rather be unemployed and searching for a job for a good long while than being in federal PMITA prison for PACKETING someone. The packeters deserve whatever they get, because frankly, I know how much of a pain in the ass it is to get DDoSed. If you can't get the upper hand through legitimate tactics and methods, then you don't deserve to be in business. Go flip burgers or something.
No, no, no. Anytime something happens in technology, people start clamoring for new laws. Then the special interest groups get involved, and then we end up with a law that is worse than the crime it is intended to prevent. Like, say, I dunno, the DMCA. There were plenty of laws about copyright infringement already. It was already illegal to take a camcorder into movie theaters and make tapes to sell on the street corner. All they had to do was extend that to the Internet. But isntead we have the DMCA.
I'm sure there are laws about interfering with commerce already. Just ammend them to include DDOS attacks. If we start writing new laws, they'll get more and more restrictive and before you know it, hitting Reload on a page more than twice in 5 minutes will land you in jail for cyber terrorism.
There is no sig, there is only Zuul.
I remember back when it was published ... all about how the FBI was just oppressing innocent geeks, it was all Bush and Ashcroft's fault, and the FBI were violating the 1st amendment etc.
Now maybe slashbots can realise that not every 'hacker' is a hero who's been oppressed by Da Man.
Mod parent up, that's exactly what I thought.
What kind of moron doesn't think a big DDOS like that is going to be traced? The reason everyone gets away with it with MS and SCO is because everyone hates them, so there are too many suspects...But when its your biggest competitor? You're going down.
And then to skip bail? "Noooooo please don't send me to white collar CEO prison for a week. Waaaaaaah."
This is almost too dumb to make a Dilbert strip.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
It's like the soldier who's ordered to commit war crimes. What do you do? It's in no way you're fault - but you're in a lose - lose situation.
Yes, it sucks, but ultimately you AND your superiors are responsible. It is better to be punished for doing the right thing than to do the wrong thing and be rewarded. Cowardice and fear are no excuse for committing injustices or allowing them to be committed.
Oh, and regarding your sig: al Qaeda endorsed Bush.
The company's hosting provider, Lexiconn, responded by dropping WeaKnees.com as a client, sending the company to more expensive hosting at RackSpace.com.
Does this make any sense? I can see if your legitimate traffic is exceeding a bandwidth limit that you might get dropped/forced to pay more. But a denial of service attack? Wouldn't most service providers want to help their customer with this kind or problem?
Should they call it 'packeteering'?
You are in error. No-one is screaming. Thank you for your cooperation.
new laws? what the fuck for?
it's already illegal. it's already criminal to disrupt someone others communications knowingly.
you don't need new laws when you could just apply the old laws, stupid criminals think that an old law doesn't apply if they just use a new device in the crime - it's a stupid excuse that does not pull through.
it's not pure simple thief either, but there's been laws in civilised countries against disrupting someone elses telecommunications for quite some time(decades at least if not centuries in one sense or another, you think it was legal to steal mail ever?) and the same laws apply.
the lesson of the story is that if you take money for hitting someone you're just as responsible as the fucker who hired you to do it.
world was created 5 seconds before this post as it is.
Definitely stinky-cheese spammers too!
One line blog. I hear that they're called Twitters now.
Someone please tell me why I should feel sorry for the poor "monkeys" that were helping him commit felonies? This isn't a digital rights issue, this isn't a case of big guy trampling little guy. They partook in organized crime and gave computer people a bad name, why should we care that they are left hanging?
- Short company Y.
- Initiate DDOS campaign intended to temporarily cripple company Y and drive its stock price down.
- Cover at the depressed price.
- Profit.
Certainly the SEC would look askance at short-sales before a coordinated DDOS attack, but if a nebulous entity in Eastern Europe is doing the dirty work while a nebulous entity in East-Asia is doing the shorting, it could be extremely difficult to prove a connection.No this isn't a recommendation or some novel idea. In fact, I'm certain that organized crime is well ahead of us in the nefarious schemes department.
I checked their "News" section: still no "Deadbeat thug CEO jumps bail, flees country" headline. Looks like their webmasters are slacking.
I actually was expecting to see some sort of "new interim CEO" announcement, but couldn't find anything like that either.
Just once I'd like someone to call me 'Sir' without adding 'You're making a scene.'
I remember this story back in Feb with all the conspiricy people coming down on how the "FBI has overstepped their bounds again" and calling it another Ruby Ridge or Waco.
Click on the original story and even THAT makes it seem like they were just innocent people being unfairly picked on by the evil overlords known as the FBI.
If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? BZZZZT! I'm sorry, but you've taken too long to answer. We'll be confiscating all the hardware you use, er, used to use, to run your business. But we'll get it back to you 'real soon now.' Thank you for playing.
Now it turns out the people raided were in fact "the bad guys" and the warrent (remember, the FBI HAD a warrent) was legit AND...er...warrented.
It's funny how everything changes when more facts are thrown in...and I'm sure not all the facts are even in yet!
"Music is everybody's possession. It's only publishers who think that people own it." - John Lennon.
The levels of bad feeling now are so much higher than they were before. It's foolish to move in and screw things up over there, especially when you have no concrete plan, and no concrete reason.
9/11 was planned by Bin Laden, and his grudge with us dates back to the '70s. Probably somethign to do with the fact that we used him against the soviets and then left him in a bombed out wasteland of a country.
They don't forgive and forget, but despite that we just romp around fucking with things, and pretend like the only consequences are the immediate ones. We're going to be paying for Bush's ego and Bush's oil cronies for decades to come.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
I actually got attacked by one of these guys' botnets (Krashed I believe) when a friend IRCing from my connection pissed him off. I traced him to Foonet thinking "great, I know the head admin from being an IRC junkie back in the day" and when I told him what was going on he acted like it was no problem. I thought he should have been a little more concerned about some punk kid attacking people from his net. Figures.
Before going to that retailer link in the article, make sure that your browser is locked up tight. They try to run an awful lot of VBscript and copy/paste to your clipboard. (Not sure what it all does, but I wouldn't trust them.)
One line blog. I hear that they're called Twitters now.
...he's a CEO that knows *something* about technology. That's an improvement.
LilMikey.com... I'll stop doing it when you sto
Here is a log of EMP just a few minutes ago. http://www.xbox-irc.net/log.txt
AcmeShells.com The cheapest Eggdrop
Or maybe you might remember Ruby Ridge or Waco. Or maybe you might remember some of the excesses since 9/11. Was this a good bust or bad one? It looks more like a good one. Don't automatically think that they are the evil jackbooted minions of the evil overlord. Nor should you automatically presume that they are the good guys.
You are an idiot, and I'm going to use my mod points to mod you down....er... DAMMIT!
HA! I just wasted some of your bandwidth with a frivolous sig!
RapidSatellite.com, which sells satellite TV receivers, was hit at the same time and with similar results. The company responded by quickly moving their electronic storefront to the distributed content delivery services of Speedera, only to be crippled three days later by an attack on that provider's DNS servers, which for an hour also blocked access to other Speedera-hosted sites, including Amazon.com and the Department of Homeland Security, according to the FBI affidavit. RapidSatellite then moved to Akamai, but were out again within a week when the attackers switched to an HTTP flood attack, running massive numbers of queries through RapidSatellite.com's search engine.
I'm not being cynical, but realistic. How much you want to bet the FBI didn't really get involved until either Amazon.com or the Department of Homeland Security's resources got peripherally hit?
Every day there are thousands of DDOS attacks going on, usually against small providers or companies that don't have enough political clout to get the authorities to care much. The perps biggest mistake was probably targetting a provider that had some more substantive clients.