Slashdot Mirror
DDOS Mafia On The Loose
TivoLee writes "If you were worried that courts have been cracking down too much on Internet miscreants lately, think again. Sure, virus writers and spammers have been hit with some tough sentences in recent months. But what about this: the U.S. govt. has dropped charges against a group of four guys known as the DDOS Mafia. Two of the men admitted to releasing viruses so they could create botnets to launch DDOS attacks for hire. Their boss is accused of causing $2Mil in damage to victim sites. Yet prosecutors are dropping charges, so they can get the criminals to snitch on other criminals. Oi vey."
Umm, it wasn't me I swear!
In Soviet Russia, Linux compiles you!
Release the little fish so you can get the big one. You can't have everything you know. If you can do a better job, then please do so.
Ironically, when I clicked on the comment button, Slashdot told me there was "Nothing to see here. Move along." Denial of slashdot? :-)
Why is this bad? It's worked well against organized crime, why not try it against organized cyber-crime?
Slashdot: providing anti-social weirdos a soapbox, since 1997.
This is a common prosecutorial practice... whats the big deal?
Here's a hint. They do the same thing for murderers, drug trafficants, gang members. Prosecuting them will take 4 places in jail. Getting them to cooperate will help stop others, and they probably have to engage themselve not to continue doing viruses / ddos. Everyone wins. Honestly, if they do it with murderers, is it THAT surprising that they do the same thing with script kiddies?
Eureka Science News - automatically updated
h-t-t-p-colon-slash-slash-slash-dot-dot-org
In other words, normal lawyer tactics. Nothing to see here.
Condemnant quod non intellegunt.
This seems like a smart move they did by dropping charges. I still understand why the govt dont put these guys to good use, they have some serious brains and are extremly bright, might as well give them a job and take good use of it. I am sure the hackers or virus writers would like that better than be in the slammer or get fined.
oops. not first comment. and double post. my karma is going down the tubes now. and yes, it has worked well against other forms of crime, just wondering if it will this time...
This sig left blank for page turns.
Any idea how much they were charging for these services?
Moral of the story: if you're going to commit crimes, don't tell people about it :-)
...if they'll actually snitch on anyone. Unless there's a quota of snitches they must keep up with. I didn't see anything in this FA suggesting that anyhow, other than one DDoS'ed admin saying he hopes to get a plea deal. Correct me if I'm blind.
You can hold down the "B" button for continuous firing.
Rewards are expected to be offered to anyone with information leading to the arrest and/or conviction of Mr. Malda. :)
SopranOS
What does "oi yey" mean? Google's doesn't know.
Their boss is accused of causing $2Mil in damage to victim sites.
...but I assume the victims can still file a civil lawsuit for damages? So it's not exactly like walking away as a free man.
Kjella
Live today, because you never know what tomorrow brings
Why prosecute someone when you got bigger fish to fry?
:P
They should to go after Joe Q. Public who leaves his computer wide open for the script kiddies to cruise on. I hear he does that everywhere he goes. He really should be Public Enemy Number One.
This sort of thing happens all the time. Prosecutors are always willing to adjust or drop charges in exchange for information which would lead to big arrests for other people. Sure these guys caused $2 million in damages, but maybe the government knows these guys could help them find other people that have caused $10 million in damages, or maybe these guys could help the government find other people who are planning these attacks before these other people do $2 million or $10 million in damages.
I Am Not A Lawyer, but I've taken some criminal law classes taught by experienced attorneys, and I watch Law & Order. On the other hand, maybe there's something I'm missing.
nothing worse than trying to sound multilingual and failing, its spelled Oy, not Oi.
A bullet may have your name on it but splash damage is addressed "To whom it may concern."
Like a Karma rating of Terrible, a -1, Troll on every post and at least one more name on your Freaks list. Good luck.
You can hold down the "B" button for continuous firing.
Wait? Why are all the Slashbots packing suitcases for overnight trips to Canada?
"What's the frequency Kenneth?"
Part of agreements like that are "and you keep your nose clean in the future." These guys will have an eye kept on them, and if they go back to their old habits not only can they be charged with the new crimes, but with the ones they made a deal on as well.
I have no problem at all with this, provided it is used to catch more important criminals. I mean really, I'm not that interested in the script kiddies that write the software and create the botnets. I want them stopped, of course, but I'm more interested in the people behind the operation that pay them and benefit from it. Bust the kiddies, the backers will find new ones, bust the backers, it's a done deal.
Even if, in the end, all the charges are dropped, we will likely be very safe from the DDOS Mafia. Think about it: every bit of data they transmit will likely be monitored. Sure, they might try to pull a quick one past the government, but all of a sudden, at least for them, such an attempt just got much more difficult.
SlashDot: Jews for nerds. Stuff that's farklempt. *dodges tomatoes*
Honey, I shrunk the Cygwin
DDoS Mafia = Press' Term for Slashdot Horde?
In that case, the press should know...there's way more than four...and we're all willing to snitch...
www.kiwilyrics.com - a wiki for lyrics
There's a small snag with that idea. Their boss, satellite TV equipment retailer Saad "Jay" Echouafni, did a runner despite being out on $750,000 bail and is currently on the FBI's most wanted list. Someone is going to have to find him and his assets before that approach will bear fruit.
UNIX? They're not even circumcised! Savages!
Rob "CmdrTaco" Malda, who, via his massively popular website Slashdot, has been crushing other, weaker websites for years. Prosecutors have a great deal of evidence, but are still looking for motives.
Speaking of this, has anyone yet solved the Slashdot Paradox?
Few read the articles, yet the web servers get annihilated!
Beware: In C++, your friends can see your privates!
Even if these guys cooperate, will their assetts be sized by the government under civil forfeiture laws?
At least that way, they don't profit from their crimes. If they can do it for someone getting oral sex in their car, they should be able to do it for a DDOS gang.
Fight Spammers!
So they admit the did these DDOS's, cut a deal to finger Mr Big in return for immunity from prosecution.
If your company were one of the ones damaged by their admitted DDOS, can you sue them for damages?
This is a special case of a more general question: If a person has been accused of a crime, and been processed by the justice system, can the victims of the crime also sue for reparation? (Well, in one far-too-celebrated case (OJ) they did.)
I can see various arguments why it would be a good or bad thing to allow this, various possible compromises, references to weregilds etc., but I'm supposed to be working, not writing an essay, so I'll quit here.
Quattuor res in hoc mundo sanctae sunt: libri, liberi, libertas et liberalitas.
Looks like the FBI watches "Law and Order" too!
The article states that the charges were dropped "without prejudice", which means that they can be refiled at a later date if the prosecutor decides that it is in the public interest to do so.
Mea navis aericumbens anguillis abundat
I'm waiting for an angry group of Russian mobster geeks to go postal on some U.S. Cyber Crime witnesses. I can see it now "Hax0r hacked in two, two days before testifying in trial."
Now, what would be funny is if they used a rail gun to do it. HEADSHOT.
Help me, help you. - Jerry McGuire
This makes me question the hierarachy. Sure script kiddies use programs written by others, in rare cases they may also get day0 scripts. But to what extent is their a hierarchy in DDOS, Spammer or general botnets, and to what extent is it organised in cells largely or totally independent in operation? Some bot-creation and cracking networks, from the best of my knowledge from what I pick up, are professional criminals who have turned their hands to this as its low-risk high-yield compared to drug running or prostitution and they have access to a relative advantage: there is some hierarchy? There are several well established gangs in Eastern Europe doing that, and other places I'm sure too. Questions:
How well are the gangs linked up?
Are they insulated from each other (deliberately or because paths haven't crossed)?
Will we see them in competition soon and in what form will this competition be in?
Some really interesting stuff for criminal research, me thinks.
I guess it depends on what kind of criminals they would be snitching on. Dropping charges of a little ping bombing in order to track down a serial killer would be a fair trade. "I know someone who did worse, but I won't talk until you drop the charges," seems to be the universal way to get away with anything anymore.
With that said, it would have to be a pretty major thing these kids would be snitching on to get away with what they did. Maybe two of the kids testifying against the rest so the DAs can know that someone got punished for the crime. That's how the legal system works anymore: As long as someone takes the fall and the victim is satisfied, then it doesn't matter if some or all of the criminals got off.
Let's fake an answer for the curious; let's fake it all for the fame.
they can always confiscate his house and auction it off. i mean, he obviously doesnt need it anymore.
Many read the articles without posting. Others post without reading. the two groups will never meet.
--
Yes I am consistant.. what was the article about again?
I'm not that interested in the script kiddies that write the software and create the botnets. I want them stopped, of course, but I'm more interested in the people behind the operation that pay them and benefit from it. Bust the kiddies, the backers will find new ones, bust the backers, it's a done deal.
Are you suggesting that there is more than the script kiddies launching the DDOSs, that there is actually a whole organization behind them supporting what they do? A real mafia?
If so, who could these people be? The security companies? Terrorism? The competition of the company being attacked?
In former times, the Internet used to be the place where our clowns would laugh in happy anarchy. ...) those have brought with them banished from our networks.
Corporations and Business from "real life" have since taken over the networks.
We - rightly - want the filth (organized criminality, theft, fraud,
But the ultimate outcome will be a governed Internet. Already, DRM is around the corner and internet communications are being tapped.
Protect Internet Anarchy! Suffer the occasional virii and spam mails - for the sake of a free Internet!
It's called "I read it for the pictures!"
"On The Loose"? They're being prosecuted yet somehow they're... on the loose? Stupid Slashdot.
I read the article, and then forget it as the comments are more interesting.
You are suggesting correlation without thinking about the possible causation. :P.
We don't read the articles Because we've already slashdotted the servers and therefore can't. Sometimes I don't even bother with the links cause I figure the server's already down.
Sometimes the server goes down with the <SYN> flood before anyone gets a page back
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Of course some would like the death sentence as a more effective deterrent/barganing power, but I'll not get into that debate.
AC comments get piped to
Maybe I read it wrong, but at what point does it state the charges were dropped in exchange for further testimony?
[quote]
"Charges could still be brought. This just allows us to talk to defense attorneys and negotiate things before having to bring an indictment against a particular individual," said Alikhan.[end quote]
This says nothing about giving immunity or copping a reduced sentence, it just infers they're taking their time before taking the offenders to court. Sounds to me like they're trying to be thorough.
Don't doubt that they'll keep an eye on these guys. They might agree to drop charges to nail a bigger fish, but that doesn't mean that they can't nail these guys again in the future for another transgression.
DDoS mafia is terrorism: threats of destruction are a media attack against groups of people, hence political. Of course the US is dropping charges against them for cooperation: we have a terrorist government, with an express policy of creating terrorists like bin Laden and the Iraqi "insurgents". With every cyberterror czar we've ever had quitting in disgust, why should we be surprised that we're consistent?
--
make install -not war
Those who read TFA dont comment, those who comment dont read (hence the Slashdot Axiom: never let facts get in the way of a good argument).
Life is a continual education in the triumph of application over ability.
Just what is the problem? That kind of quid pro quo is not exactly uncommon, and for a good reason, too.
quidquid latine dictum sit altum videtur.
In America, the amount of punishment has no relation to the amount of damage that your crime has done to people.
For example, if you get caught with ten cents worth of weed, expect to be greatly punished for years. You lose the right to vote, drive, travel, and student loans. Expect the same thing next year if you get caught listening to an MP3 file.
Release a virus that destroys data and rips off thousands of credit card numbers; get probation.
Bankrupt and loot a Fortune 50 major corporation, transfer the funds offshore, destroy the pensions and life savings of thousands of employees, and our president will give you the Medal of Freedom.
They will need to expand Guantanamo... greatly
I am the unwilling control for my Origin.
Well, now I understand why such non-news is being posted to slashdot. Cmdr Taco just wants to show the prosecutors a little bit of the heat he can bring in case they try and file charges against him...
[tin foil hat on]
Casue it's usually an XJ-42-RED coverup...Works like this: Plan a DDOS...Post an article on Slashdot to cover it up...
[tin foil hat off]
Although it would be comforting to know that these guys were receiving justice from a demented cell mate named Bubba, at least be satsified with the knowledge that they probably aren't sitting around on the beach drinking mai-tais. They've already doled out thousands of dollars to a lawyer/lawyers, meaning they're going to have to buy the generic Mountain Dew for years to come. They have a potential criminal case pending, which could re-initiate at any moment if they're unable to find a replacement who can satiate their investigators. If the victim company determines that any of them is valuable enough to expend the litigation money, they have a civil case to take away their generic Mountain Dew. And as far as their livelihoods are concerned, they're probably going to have to wait at least a week or two before they can obtain a job at a reputable company.
umm small problem on this google for "bill of rights" and hit [im feeling lucky] number VIII on the list is "Amendment VIII Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.
Any person using FTFY or editing my postings agrees to a US$50.00 charge
Unless something is done to force accountability for wireless devices, perhaps by recording ethernet MAC addresses (which are unique and hard-coded to a physical piece of hardware), the smartest hackers will use loopholes in our current systems to break into them, literally in plain sight.
It is a simple job of using a software like smac to change your mac address through software to defeat the purpose of recording them.
There is no other nation in the world with such a bastardized version of capitalism as the US. Other nations think restricting corporations and preventing them from destroying lives is good.
"Oi Vey" is Jewish punk rock.
Oi vey is not Jewish punk rock. This, however, is Jewish punk rock.
I think it's important to make a distinction at least morally of who got hit with the $2mil damages.
For example, I'm pretty sure the lad vampire has done some significant ddos damage, but stealing from fake banks is cool with me.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Some of our friends contributed to the original investigation against these foonet posers. We're gathering logs to contact ISPs and the old group at the FBI who originally investigated them. so, here we go again.
-----8<----- ...his crew begin a war which well never end. ..which one again I dont think he should be here anyway, But alas ... ...
* Now talking on #chatz
r0d3nt whats up ?
raziel Greetings r0d3nt
raziel We have been sent here at the behest of someone who we consider a
friend.
r0d3nt for what purpose ?
* raziel removes channel operator status from raziel
raziel To talk.
r0d3nt about ?
raziel I was told by this someone, whom I think you know who it is. That you
are a reasonable man.
r0d3nt ok
raziel This someone personally means a great deal to us.
raziel Why he enjoys this net I really dont know. No offence
r0d3nt none taken.
raziel Yet here we are on the very edge of what we consider to be a foolish
move on the part of 2600.
r0d3nt which was ? for clarification..
raziel By now its obvious this someone has quite the following and abilities
to have us
raziel What I dont understand is why these facts were known, after he
apologized
he likes the company of that little news chan of his.
r0d3nt i explained to emmanuel he apologized, this evening.
raziel So being two intelligent men, surely we have better things todo with
this.
r0d3nt i certainly hope so.
raziel To our knowledge he is akilled for 1 month.
r0d3nt i believe so...
raziel And I simply state the truth when I say this no "chest thumping" as
it were. We are resolved to explain one way or another be it 24/7 why we
think that akill is a mistake.
raziel Today has been a small kiddy demo of what is to come. You see r0d3nt
he is not an a healthy man and I need not go into that further.
r0d3nt i'm interested to know how you deal with users of this nature on your
networks ? Surely you can see both sides of the "table"
raziel But for some odd reason it gives him happyness to be here with his
news channel.
raziel We dont personally care for 100% of the user count on my nets.
raziel Him we do.
r0d3nt I understand that to be true, but his actions don't give 2600net the
same "feeling"
raziel As men we know we make mistakes these things happen.
r0d3nt of course..
raziel And to what we know all he did wrong was get drunk and act the fool.
r0d3nt so what do you feel was/would be appropriate ?
raziel Which he apologized for.
raziel And was then without mercy akilled.
raziel That is not very nice in our eyes.
r0d3nt let me clarify.. what do you think would have been the appropriate
action ?
raziel Well honestly as much of a fool as he was acting as We did read the
crap he did.
raziel And he does speak of you as a friend...
raziel Quite highly infact.
raziel As a net staffer and his friend You should have seen his drunken
state and given him a 24hr line timeout.
raziel Thats how we handle these matters.
raziel A 30 day akill is simply asking for where we are now.
r0d3nt unfortunitly I wasn't around @ the time of the incidents and didn't
have any input... well I see your perspective
raziel Wouldnt you say?
raziel This certain someone long ago helped to build the first of the irc
nets, his health is bad as I said for the time. But we will not leave his
side..no matter how silly the issue is.
raziel And In my opinion this is beneath the groups effort and time.
r0d3nt ok
raziel I bear the option of peace.
raziel The question is will it be accepted?
raziel Are we civi
I think it's ironic how little girls sharing mp3s are being subpoenaed and charged for sharing a few Disney mp3s, when massive DDOS attacks are doing costly amounts of damage only to have the case dropped in court.
Just like drug cases the only people that go away for the full streatch are the poeple that know so little they dont have anything to deal with. Yet you can be the jackass at the top and do the least ammount of time so long as you roll over on anyone and everyone. The moral of the story, make sure that if you get involed in any thing that the federal justice deparment might take note of you should always keep a good list of fressher fish then you. And of course use some good encryption on said list, you wouldnt want them getting it a hold of it and not needing your services.
If the Feds charge them with cyber-terrorism,
the DDOS Mafia can be threatened with a stay
at Camp XRay, Guantanamo Bay, Cuba for an
extended "vacation" from the world.
That sounds like a fairly pursuasive argument
for cooperation with the Feds, actually.
What, have you never seen an episode of Law & Order?
These kinds of deals go down all the time...
why nickel and dime the petty criminals when what you really want to do is cut the chicken's head off
"Yet prosecutors are dropping charges, so they can get the criminals to snitch on other criminals. Oi vey."
You don't know how it works, do you?
I knew a guy in the Alameda County Jail (in California) who was, like me, a Federal detainee awaiting trial. He was the chemist for a drug ring. The ring got busted; he got arrested along with the kingpins involved. The Feds threatened him with 25 years or whatever if he didn't roll over on the kingpins. He refused. Although he had no other criminal record, he was going to be charged with multiple counts totalling a lot of years in the joint. Meanwhile, the kingpins rolled over on everybody and got sentences of probation, four months, time served, etc. In other words, they rolled right out of jail and went right back to work while the one guy who was not a dealer - but who also was not a rat - got major time.
This is how the Feds get their 98% conviction rate. You are arrested, threatened with fifty years in the joint unless you rat out all your relatives and everyone else you know. Then you get only ten years in the joint. Their evidence against you is the same crap info they got from YOUR relatives in exchange for the same deal. Everybody rolls over on everybody - whether they're guilty or innocent doesn't matter.
Of course, in some case, the relatives roll over on somebody who is not a relative in order to protect their relatives. The effect is the same. I had a cellie who was an idiot who merely held stash for some dealers. When arrested, his contact told the judge he was the major player in order to protect the dealer's brother-in-law who was the real local partner in the ring. When my cellie met the head of the ring in a holding cell, the head told him he'd never heard of him but he knew of the relative. When my cellie had his lawyer bring this up to the judge, the judge said he didn't want to hear the testimony of the head man because he was "just a drug dealer" - despite the fact that my cellie had been convicted on the testimony of a lesser drug dealer with a relative to protect and a Federal deal encouraging him to rat out innocent (well, relatively innocent in my cellie's case) people.
And of course, there's the case of Kevin Mitnick and Justin Petersen...The FBI ran this one-legged crook while he took advantage of the FBI to run his own scams - eventually embarassing the FBI.
Not to mention the FBI agents in Boston and the Whitey Bulger case.
You think there's any rationality to any of this?
You've got to be kidding.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
You always want to get to the guy who caused the most crime to be committed and his subordinates have to have a powerful incentive to snitch in the face of possible retribution. Probably the DDOS attacks in question didn't cause any death or injury. It's reasonable to drop the charges in exchange for reduction of such things in future. For that matter, I don't think DDOS warrants subjecting people to rape and other cruelties of prison. Just make them spend several years worth of weekends in community service.
Jee man
;-)
I am sure the crims just go to rent-low or something, and keep all their assets in caymenisland bank accounts or gold (which is easy to buy). Hey you can even BUY a licence to MAKE YOUR OWN BANK for $50000USD and then really hide stuff well.
The real big crims are making billions yearly and pollute it with 50% legit business.
Once you currupt mix so many people into your activities, no one will snitch on you.
Like they say, steal $12000 and your toast, steal $20m weekly and you begin to have an army so big no DA/lawyer can touch you. ie 9000 fake accounts in your fake bank with 2000 fake businesses. Its like having root access
Liberty freedom are no1, not dicks in suits.
I thought that Was the M.usic A.nd F.ilm I.ndustry A.ssociation.....
US attornies are the least likely to offer a generous plea. A US Attorney has huge resources at their disposal for discovery and prosecution. They are evaluated on their conviction rates; they almost never lose. One can reasonably assume that if one person is given a particularly good deal, somebody will be facing a much more rigorous prosecution because of it. If the Attorney could get two major convictions without a plea, they would.