CEO Indicted for DDOSing Competitors

ruland writes "It turns out there was a reason the hosting company CIT/Foonet was raided in February. SecurityFocus.com reports that the CEO of a web-based satellite T.V. retailer has been indicted for allegedly paying Foonet's administrator to arrange denial of service attacks against his competitors, causing outages as long as two weeks at a time, and $2 million in losses. Now he's skipped out on $750,000 bail, while the five packet monkeys who worked for him are left facing felony charges of their own."

wtf

[micronix1]

what a bunch of retards.

Re:wtf

[strictfoo]

Don't know how this is a troll. It's pretty much right on. Those guys are absolute idiots and deserve everything they have coming. Just because the guy who hired them fled doesn't mean they shouldn't get in trouble.

Re:wtf

[RDosage]

From the article:
ee Walker, known online as "Emp," "Rain," and "sorCe" respectively. Each of the three apparently had sizable "botnets" at their disposal, meaning they could each command thousands of compromised PCs to simultaneously attack a single host -- Walker alone had control of between 5,000 and 10,000 computers through a customized version of the Agobot worm, according to the FBI affidavit.

I would say that these guys had it coming.

Re:wtf

[dasmegabyte]

My question is, will we now see a number of apologies from everybody who posted to the last article with Big Brother complaints and privacy concerns?

Here's an example of the FBI doing its damn job and doing it well, shutting down a major example of a new type of crime. Maybe we should give the FBI a little fucking credit sometimes, man. I mean, sometimes it's more than Hoover spreading rumors of homosexuality and harassing Black Panthers. Sometimes, they stop ACTUAL crimes, too.

Re:wtf

[jrexilius]

Agreed, and as a contrast the DoJ raided some kids houses to stop them from trading music. You get some good with some bad and no system is perfect but that doesn't mean you shouldn't demand better.

The good examples (which is the majority) of the FBI doing their job should only serve as examples of how they have strayed in other areas. Along with that is the understanding that we are setting higher standards for our federal agencies and should be given respect, resources, and support for meeting them.

Re:wtf

[DM9290]

My question is, will we now see a number of apologies from everybody who posted to the last article with Big Brother complaints and privacy concerns?

Just because someone commited an actual crime, you are suggesting Big Brother complaints are unwarranted?

I'm not sure which is the "last article" you referred to. So I can only comment generically.

Are you suggesting that this type of crime would have been impossible to investigate prior to Patriot Act (ect) removing judicial oversight and giving broad discretionary (read: arbitrary) powers to law enforcement. Or did the FBI abuse its power and happen to actually arrest someone by luck.

Or perhaps you are operating under the premise that prosecuting a handful of criminals is all that is necessary to justify the absolute infringment of the rights of all of society?

Here's an example of the FBI doing its damn job and doing it well, shutting down a major example of a new type of crime. Maybe we should give the FBI a little fucking credit sometimes, man. I mean, sometimes it's more than Hoover spreading rumors of homosexuality and harassing Black Panthers. Sometimes, they stop ACTUAL crimes, too.

Did the FBI shutdown an actual crime based on probable cause? Because this is absolutely nothing new to law enforcement. Probable cause has been the traditional standard required for an arrest/warrant or just about anything for years and years.

Or did the FBI shutdown a operation on the basis of a mere possibility. or out of plain malice. This is certainly worth criticism, and just because something turns out to be a crime after the fact does not and can not justify the original intrusion.

At least.. not without hypocracy in a country which purports to be free.

The FBI is not the only law enforcement agency which sometimes stops "actual" crimes. That is no reason to turn the entire country into a police state.

If you could post a link to the "last article" you were concerned about, that would be good.

In any event. before breaking out the champaign, it would be reasonable to wait for a conviction.
For all we know the FBI are yet arresting another innocent person.

Re:wtf

[Frobnicator]

The DOJ nabbed half a dozen guys running DC hubs containing over 40 PETABYTES of illegal/pirated materials. EACH.

Actually, arstechnica, among others mentions the mis-quote that you are talking about, that there was 40 terabytes available through the hub, and that the "agents were able to download 72GB of copyrighted material that included a variety of movies, music, applications, and games."

Now having terabytes available through a P2P network seems like a reasonable number, as does having only 72GB available on the few machines.

Note that they also don't make any distnction between copyrighted materiels which are distributed legally (as many indie composers, musicians, and other artists allow it) versus those materials that aren't authorized (like the cracked Doom3 versions).

Please actually check your sources, rather than just reciting the over-hyped misquotes.

frob

Packet monkeys, eh?

[the+Man+in+Black]

Here's to hoping the term "packet monkeys" enters the lexicon as soon as possible. For some reason that made me laugh, imagining a NOC full of monkeys flinging poo at one another.

Actually, I guess that pretty much describes most NOCs nowadays...

Guys, take note of this...

[tkrotchko]

If your boss tells you to do something illegal, they'll arrest him *and you*. When he skips bail, you'll be left holding the bag.

Re:Guys, take note of this...

[Doesn't_Comment_Code]

I've been in that situation before... where the boss is hinting/saying that he wants to do something illegal and unethical to gain the upper hand. It is a terrible feeling. Follow orders or not... you're screwed either way. I got lucky: the boss got talked out of it. But honestly, that situation sucks!

It's like the soldier who's ordered to commit war crimes. What do you do? It's in no way you're fault - but you're in a lose - lose situation.

The best thing to do is refuse, and if you lose your job... there could be worse things. But still, it sucks.

Re:Guys, take note of this...

[timmyf2371]

Common sense really - if you do something illegal you should always expect to be arrested/prosecuted if you're found out, whether doing it as a result of your own wishes or someone else's wishes.

Re:Guys, take note of this...

[beacher]

Get revenge too.. When your boss asks you to DDoS a website, make sure you post his website on /. ;)

Re:Guys, take note of this...

[utlemming]

Not if you want to be a little Machiavellian. Simply pick up the phone and dial the nearest police/FBI/whoever station and arrange a possible whitsle-blower agreement. You follow the orders while collecting information, your boss gets canned and sent to jail and when you get fired you file a whistle-blower lawsuit. Then it is a lose/lose for your boss and a win/win for you. And the best part is that you have covered your ace.

Re:Guys, take note of this...

[alexre1]

I hate to tell you this, but following orders is no excuse for committing war crimes.

Or do you want to agree with one of the main Nazi defence points in Nuremberg? They claimed this too, you know, that they shouldn't be held accountable for any of their actions because they were ordered to do so. Should Nazi soldiers not be held to account for torturing and murdering millions of Jews and other 'undesireables' simply because they were following orders? How about atrocities in the civil wars all over Africa?

If a commanding officer tells a soldier to rape women, torture innocent children, etc, then is that soldier is completely innocent of any crime, simply because he was ordered to do so?? I should hope you don't think that. Warfare is supposed to be calculated violence, not a series of uncontrolled bestial impulses.

Re:Guys, take note of this...

[plover]

In a small shop situation like this, if the boss goes down the shop closes. You may not go to jail, but you won't be going to work the next day, either.

Regardless, CYA is still the best advice to follow if you're ever put into this situation. (Homelessness somehow seems a lot better than two to five years, even with time off for good behavior.) And your nearest FBI agency is indeed the right call to make -- they take this very, very seriously. If you do, though, be completely honest and thorough from the start. They will not be kind to you if they discover a lie halfway through their investigation.

Re:Guys, take note of this...

[grendelkhan]

A good friend of mine recently quit her job because she was asked to do something illegal, and when she refused, she was told that this situation would arise again, and she would have to do it. She quit, and finally, almost a year later, she's now getting unemployment for the seven months she was out of work.

Oh, and the company she worked for is now the target of a class action lawsuit for commiting the act she quit over. This, plus the results of her unemployment hearing, are making it very easy to recover her 401k money she was forced to cash out to have something to live on.

Moral of both these stories, don't do it. And if you stick to your guns and do what's right, you will be okay in the end.

Re:Guys, take note of this...

[danheskett]

a little DDoS doesn't look that bad
Umm, no.

This wasn't a little DDoS. These guys had farms of bots - 5k-10k of them. It was a multi-week, pre-meditated, refined criminal operation. Two weeks worth of DDoS?

I don't care if they were living on Ramen noodles, they don't deserve the level of sympathy you show. If this had of been them throwing thier own bandwidth at a single site on a single occasion, well, that'd be one thing. But this is an entirely different scale of operaton.

Tin Foil Hat Brigade

[Tarwn]

I seem to recall quite an uproar surrounding the seizure before. People yelling about the government raping the constituion, etc.

Glad I was one of the people that decided to wait and see what it was all about instead of taking it as a sign that our government was overextending itself. Not that they don't, but I'm guessing this isn't one of those times if everyone on staff got felony charges.

Re:Tin Foil Hat Brigade

[Doesn't_Comment_Code]

Yeah, but they were all innocent!

The CEO just had hotel reservations, and if he didn't go to Morocco, he'd lose his deposit (the bastards make you leave a credit card number you know).

Re:Tin Foil Hat Brigade

[jebell]

Perhaps the blame should lay not with the authorities, but with the people who committed the crime.

Let's say I steal $1000 and put it in my business's client trust account. The cops figure it out and put a freeze on my account. Now the rest of my clients can't get their money. Who's to blame?

Extradition?

[gclef]

According to the article, they think the CEO's skipped town to Morocco. Don't we have an extradition treaty w/them? If so, it shouldn't be that hard to get him back, assuming Morocco's police play along.

Re:Extradition?

[Scarblac]

Apparently, that CEO guy is still stupid.

First, many countries will not extradite their own citizens.

Second, according to this UN extradition page and the linked PDF morocc.pdf, there is only a treaty for narcotics crimes, terrorism, and "organized crime".

I think he's pretty safe.

look at the bright side....

At least the CEO had the class to not outsource the packet monkey work to Russia or India. ;)

fools

Everyone knows the perfect crime when it comes to DDoS is to post your opponent's URL on slashdot...

ABOUT TIME

[AcmeShells.com]

My company was a direct target of these assholes. It is about time the FBI finally did something. They are the reason I am paying more for my servers than any other IRC shell provider.

Using the attack logs for "good"

[plover]

From the SecurityFocus article:

RackSpace fought back, but the attackers proved determined and adaptive. In mid-October the simple SYN flood attacks were replaced with an HTTP flood, pulling large image files from WeaKnees.com in overwhelming numbers. At its peak the onslaught allegedly kept the company offline for a full two weeks.

Wouldn't it have made more sense to host these files from a tarpit? If you know you're under attack by zombie hordes that are going to repeatedly ask for a file, why not give it to them s--l--o--w--l--y? Although I suppose that since the attacks were being watched and changed frequently, the attackers probably would simply have switched tactics again.

Anyway, is it possible or practical to use the logs of the http flood to go back to the zombified PC owners and "fix" them? HTTP requires a real connection, which is traceable. Or should that list just be delivered to their ISPs and have the ISPs shut them down until they're virus free?

Re:Using the attack logs for "good"

[plover]

So you split up the list by ISPs (you can do that with a shell script), and send the list to each of the ISPs saying "Here's address 1.2.3.4, at 22:47:23 on 2004/02/12 it was part of a DDoS attack. Please shut down that MAC now and contact the subscriber to get them anti-virus software."

I think they've already done something similar for the Code Red attackers. And I've been surprised to see that so many off-shore ISPs are quite willing to cooperate in shutting down malicious hosts. I contacted a Chinese ISP once regarding a phishing scam hosted by one of their customers, and they had the site down in minutes. And China isn't known for being home to the most cooperative netizens.

Put it on Paper

[Detritus]

If a manager asks me to do something that is morally or legally questionable, I ask them to send me a signed memo with their request. That usually makes them go away and drop the subject.

I don't care how bad the tech industry is.

[drunkennewfiemidget]

I'd rather be unemployed and searching for a job for a good long while than being in federal PMITA prison for PACKETING someone. The packeters deserve whatever they get, because frankly, I know how much of a pain in the ass it is to get DDoSed. If you can't get the upper hand through legitimate tactics and methods, then you don't deserve to be in business. Go flip burgers or something.

Re:the new breaking and entering

[jdreed1024]

new laws need to cover this kind of disruption, it's a thief pure and simple.

No, no, no. Anytime something happens in technology, people start clamoring for new laws. Then the special interest groups get involved, and then we end up with a law that is worse than the crime it is intended to prevent. Like, say, I dunno, the DMCA. There were plenty of laws about copyright infringement already. It was already illegal to take a camcorder into movie theaters and make tapes to sell on the street corner. All they had to do was extend that to the Internet. But isntead we have the DMCA.

I'm sure there are laws about interfering with commerce already. Just ammend them to include DDOS attacks. If we start writing new laws, they'll get more and more restrictive and before you know it, hitting Reload on a page more than twice in 5 minutes will land you in jail for cyber terrorism.

How times have changed

I remember back when it was published ... all about how the FBI was just oppressing innocent geeks, it was all Bush and Ashcroft's fault, and the FBI were violating the 1st amendment etc.
Now maybe slashbots can realise that not every 'hacker' is a hero who's been oppressed by Da Man.

Ummm, troll? Don't think so.

[SatanicPuppy]

Mod parent up, that's exactly what I thought.

What kind of moron doesn't think a big DDOS like that is going to be traced? The reason everyone gets away with it with MS and SCO is because everyone hates them, so there are too many suspects...But when its your biggest competitor? You're going down.
And then to skip bail? "Noooooo please don't send me to white collar CEO prison for a week. Waaaaaaah."

This is almost too dumb to make a Dilbert strip.

What do you mean dropped?

[jathan]

According to the article:

The company's hosting provider, Lexiconn, responded by dropping WeaKnees.com as a client, sending the company to more expensive hosting at RackSpace.com.

Does this make any sense? I can see if your legitimate traffic is exceeding a bandwidth limit that you might get dropped/forced to pay more. But a denial of service attack? Wouldn't most service providers want to help their customer with this kind or problem?

A new name for a new crime...

[The+I+Shing]

Should they call it 'packeteering'?

Re:the new breaking and entering

[gl4ss]

new laws? what the fuck for?

it's already illegal. it's already criminal to disrupt someone others communications knowingly.

you don't need new laws when you could just apply the old laws, stupid criminals think that an old law doesn't apply if they just use a new device in the crime - it's a stupid excuse that does not pull through.

it's not pure simple thief either, but there's been laws in civilised countries against disrupting someone elses telecommunications for quite some time(decades at least if not centuries in one sense or another, you think it was legal to steal mail ever?) and the same laws apply.

the lesson of the story is that if you take money for hitting someone you're just as responsible as the fucker who hired you to do it.

Check their SPEWS record

[AndroidCat]

UPDATE: "Our long national nightmare is over" - Foonet raided, shut down.

Definitely stinky-cheese spammers too!

Please tell me

[onyxruby]

Someone please tell me why I should feel sorry for the poor "monkeys" that were helping him commit felonies? This isn't a digital rights issue, this isn't a case of big guy trampling little guy. They partook in organized crime and gave computer people a bad name, why should we care that they are left hanging?

This is too funny!

[ScottGant]

I remember this story back in Feb with all the conspiricy people coming down on how the "FBI has overstepped their bounds again" and calling it another Ruby Ridge or Waco.

Click on the original story and even THAT makes it seem like they were just innocent people being unfairly picked on by the evil overlords known as the FBI.

If FBI agents showed up at your data center bearing a warrant, would you be able to provide them prompt access to customer data? BZZZZT! I'm sorry, but you've taken too long to answer. We'll be confiscating all the hardware you use, er, used to use, to run your business. But we'll get it back to you 'real soon now.' Thank you for playing.

Now it turns out the people raided were in fact "the bad guys" and the warrent (remember, the FBI HAD a warrent) was legit AND...er...warrented.

It's funny how everything changes when more facts are thrown in...and I'm sure not all the facts are even in yet!

Re:This is too funny!

[dougmc]

Now it turns out the people raided were in fact "the bad guys" and the warrant (remember, the FBI HAD a warrant) was legit AND...er...warranted.

[ spelling corrected :) ]

As a general rule of thumb, the FBI and similar organizations don't go around raiding the `good guys'. It does happen sometimes ( one good example), but it's not the general rule. But the thing that tends to be forgotten is that even the `bad guys' have rights, and the FBI (and similar organizations) tends to violate these rights, and that's what people tend to get really upset about. And then there's things that aren't really `rights', but should happen anyways. For example, if they take all your hardware, and don't charge you with a crime, you should get your hardware back QUICKLY and UNDAMAGED. But I digress ...

As for Waco and Ruby Ridge, the people involved were definately `bad guys', but the government wasn't exactly being `good guys' either.

As for the FBI going after these DDoS monkeys, good for them. It's about time.

Re:This is too funny!

[DM9290]

So what means are justified in this situation? What could the FBI have done that would have satisfied you?

It would have satisfied me, if the FBI were open and forthright with a judge and obtained a proper warrant on reasonable grounds, based on reasonable and credible evidence, and based on reasonable grounds that seizure of all the computers in question was the only means of securing the evidence, and the grounds for believing in that evidence was also reasonable and presently openly and honestly to that judge in addidavit. If the judge came to that conclusion, and ordered the seizure. Then I would be happy if the FBI executed that order to the best of their ability with the minimum possible additional hardship on the parties involved.

I would be happy if the warrant did not leave the FBI with any discretion as to whether or not to seize the material. That should be for a judge to decide. Not a cop. The cops are not trained or expected to be unbiased. I would be happy if it was a judge who ordered such an infringement and not a cop.

Tell us how YOU would have approached this situation, knowing now that the suspects WERE doing something bad. How could the FBI have done anything or found evidence that could link them to the crime, without the bad guys erasing everything they had?

I would have put everything I knew about the situtation into an affidavit, and presented it to a judge. If the judge ordered me to seize the computers, I would have obeyed the order.

What is known post facto is irrelevant to the conduct the police should have used prior to and during the seizure.

Police should be polite. They should respect and obey the law. Especially the constitution, which is the highest law. They should not get personal about the situation, and they should absolutely remember COPS ARE NOT RESPONSIBLE FOR PUNISHMENT OR MAKING A FINDING OF GUILT.

I always see people talking about the government overstepping their bounds, yet offer no real solution that can actually catch bad guys red-handed. I mean, I kinda agree with you...I don't want the FBI breaking down someones door and taking away everything for no reason or because they "think" illegal activity may be going on. But I look at it from their point of view also, how are they going to catch people that don't play by the rules?

Check it out. lawmakers, are responsible for making sure cops have the necessary legal tools for enforcing the law that the lawmakers make.

Cops only need to follow the law, and use the legal tools lawmakers set up. NOTHING MORE.

Cops are not vigilantees. No one is above the law. Society can not distinguish between cops which break the law for personal gain and cops which break the law because they are trying to do good. Moreover, cops which play by the rules should be rewarded promotions.

Lawmakers must be able to craft good laws.

This is called "seperation of powers" and this is one of the things which keeps a democracy from turning into a tyranny.

Lawmakers don't enforce the law. Lawmakers don't interpret the law. Judges interpret law but do not make law. Cops obey law and enforce law but do not make law or interpret. Lawmakers make law, but do not interpret or judge or enforce.

If we gives cops the authority to unilaterally decide whose rights to violate, without a requirement to answer justify such violation, we are living in dangerous times.

I dont know the facts in the situation, so speculating on whether or not the FBI properly seized the computers is pointless. Since we still have a right to a fair trial (at least on paper), hopefully this can be explored at that time.

People are well justified in getting scared when they see the seperation of powers threatened.

Whatever.

[SatanicPuppy]

The levels of bad feeling now are so much higher than they were before. It's foolish to move in and screw things up over there, especially when you have no concrete plan, and no concrete reason.

9/11 was planned by Bin Laden, and his grudge with us dates back to the '70s. Probably somethign to do with the fact that we used him against the soviets and then left him in a bombed out wasteland of a country.

They don't forgive and forget, but despite that we just romp around fucking with things, and pretend like the only consequences are the immediate ones. We're going to be paying for Bush's ego and Bush's oil cronies for decades to come.

OrbitSat are script-monkies

[AndroidCat]

Before going to that retailer link in the article, make sure that your browser is locked up tight. They try to run an awful lot of VBscript and copy/paste to your clipboard. (Not sure what it all does, but I wouldn't trust them.)

Log of emp

[AcmeShells.com]

Here is a log of EMP just a few minutes ago. http://www.xbox-irc.net/log.txt

You mean like Steve Jackson Games?

[Tangurena]

When the story first came out, many folks, myself included, were thinking about Steve Jackson Games. They published games and novels on their bulletin board system. The Secret Service confiscated all their gear and never returned it, nor charged them. It would be equivalent to raiding a local newspaper and siezing everything because one classified ad was placed by one crook. The SS even refused to obey a court order for the return of the gear. When the gear was finally returned, several years later, all of it was broken.

Or maybe you might remember Ruby Ridge or Waco. Or maybe you might remember some of the excesses since 9/11. Was this a good bust or bad one? It looks more like a good one. Don't automatically think that they are the evil jackbooted minions of the evil overlord. Nor should you automatically presume that they are the good guys.

Their mistake

[mabu]

RapidSatellite.com, which sells satellite TV receivers, was hit at the same time and with similar results. The company responded by quickly moving their electronic storefront to the distributed content delivery services of Speedera, only to be crippled three days later by an attack on that provider's DNS servers, which for an hour also blocked access to other Speedera-hosted sites, including Amazon.com and the Department of Homeland Security, according to the FBI affidavit. RapidSatellite then moved to Akamai, but were out again within a week when the attackers switched to an HTTP flood attack, running massive numbers of queries through RapidSatellite.com's search engine.

I'm not being cynical, but realistic. How much you want to bet the FBI didn't really get involved until either Amazon.com or the Department of Homeland Security's resources got peripherally hit?

Every day there are thousands of DDOS attacks going on, usually against small providers or companies that don't have enough political clout to get the authorities to care much. The perps biggest mistake was probably targetting a provider that had some more substantive clients.