Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ohio Cracker Confesses to Attacks For Hire

Posted by Zonk on from the black-hats-for-cash dept.

Ritalin16 writes "An Ohio computer hacker recently pled guilty to carrying out crippling denial-of-service attacks on a shady internet hosting company's competitors. From the article: 'In a deal with prosecutors, Richard "Krashed" Roby, 20, pleaded guilty in federal court in Toledo last month to intentionally damaging a protected computer, after launching a 2003 attack on an online satellite TV retailer that caused at least $120,000 in losses.'" Another article indicating an openness on the international stage to cracking for cash.

29 of 163 comments (clear)

  1. Finally by Ritalin16 · · Score: 5, Interesting

    I know Richard Roby, and it's good to see he's finally getting what he deserves. He's attacked my IRC Network a lot. He's also famous for bringing down mIRCx.com.

    --
    In soviet Russia, Linux compiles YOU!
    1. Re:Finally by tabkey12 · · Score: 3, Insightful

      Still, it's quite sad that someone would spend their time taking down other people's servers, in order that a third party makes money, and then go to jail. Personally, it's hard to really see how people can end up in that situation. As far as I am concerned, the person who ordered the hits, Jay Echouafni should be in jail and the hacker should get help to find something more worthwhile to do with his time.

      --
      Get a free iPod Nano 4GB!
    2. Re:Finally by jcr · · Score: 4, Insightful

      the hacker should get help to find something more worthwhile to do with his time.

      IMNSHO, cooling his heels in prison is a much more worthwhile use of his time than what he was doing on the outside.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
  2. Foonet by Anonymous Coward · · Score: 5, Informative

    The ISP involved is CIT, aka foonet. Here's a link (google cache to information regarding the takedown.

    1. Re:Foonet by Gorath99 · · Score: 4, Informative

      Here's another interesting one. The guy who paid for the attacks is one of the FBI's most wanted and is to be considered armed and dangerous.

  3. Who you callin' a cracker? by moofdaddy · · Score: 5, Funny

    Ohio Cracker Confesses to Attacks For Hire

    Man, why do we have to bring race into this?

    --
    Be better in bed. Wikiafterdark!
  4. I Must Point Out... by spdt · · Score: 5, Insightful

    This is neither hacking, nor is it cracking. This is just filthy DoSsing.

    1. Re:I Must Point Out... by BeesTea · · Score: 5, Interesting

      The cracking is implied. DDoS nodes don't grow on trees. Well, not literally at least.

      --
      2b2b2b415448300d
    2. Re:I Must Point Out... by m50d · · Score: 5, Funny

      No, but you can buy them wholesale if you know the right people.

      --
      I am trolling
  5. If you think this is corrupt for satellite people by suitepotato · · Score: 5, Interesting

    you should see how they do things in the field business. I've done repair jobs on more dish installations than I could count which were monkeywrenched by a competing service when they did a prior add-on or upgrade and did everything they could to badmouth and undercut the prior guy and then farked up the work they did and blamed it on that poor sap.

    The satellite biz is loaded with huckesters, scammers, and just plain bad people from suppliers to installers to servicers. This doesn't surprise me at all. When you have people selling RG-11 jumpers as "Monster Satellite Coax Cable", when you have $2.36 diplexors being sold as "Super High Tech Satellite Splitters" for $32.95+ and $3 roof tar sealant being sold as "Hi-Tech Satellite Waterproofing" for $20 a tube, you know the woods are thick with people whose ethics are not just questionable, but gone entirely.

    The things I've seen in satellite work... They make cable companies look like emissaries of Heaven and the phone company like Knights of the Round Table.

    --
    If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
  6. They should definitely be treated harshly by ShatteredDream · · Score: 3, Insightful

    Attacking companies' online presence and preventing them doing business is only a step away from being as bad as smashing a store's windows in and tossing a stink/smoke bomb in and clearing the store out for an entire day while the workers clean up. If they were to destroy all of the databases, corrupt the server settings and destroy the web applications, it would be almost as bad as throwing a pipe bomb in through the window at night after everyone is gone. This is no more honorable than hiring the mafia to "protect you" from competitors.

    --
    Click here or a puppy gets stomped!
    1. Re:They should definitely be treated harshly by m50d · · Score: 4, Insightful

      It's worse than that. The Mafia will, by and large, do what you're paying them for - stop anyone else trying to do what they're doing. If you pay off one DDOSer there's nothing that stops another one coming around next week.

      --
      I am trolling
    2. Re:They should definitely be treated harshly by E8086 · · Score: 3, Insightful

      "Attacking companies' online presence and preventing them doing business is only a step away from being as bad as smashing a store's windows in and tossing a stink/smoke bomb in and clearing the store out for an entire day while the workers clean up."

      I'd consider it closer to blocking the store's enterance preventing customers from entering. If someone were to do that I wonder what the penalty could be, but it might be more than 18-24mo and monetary fines for any local laws, blocking doors is a fire code violation, blocking the sidewalk should be another, the barracade could be considered littering, maybe someone can fit in disturbing the peace.

      It's about time the real weight of these "digital" crimes is considered. Yes, the statutory fines for an unauthorized copy of an audio or video file is up to $250,000 and a few years in prison, but that mp3 file on some kid's computer they got with some p2p program isn't worth $250,000, maybe 99c if it's available from a legal download service or a new or used CD if you can find it. A copy of a Hollywood movie it worth the price of a new copy on DVD. And the RITA (recording Industry Trust of America) abuses the laws designed to take down people reselling bootlegs for profit, not giving it away.

      Then there are these people who are hired to take out someone's competition. They're nothing more than hitmen and extortionists, pay up or we'll take out your site. These things cost real companies lots of money, lost sales, lost reputation, customer thinks the site/company may not be very reliable, lost man hours trying to repair the damage. And then they're only looking at 18-24mo or less with good behavior/parole.
      They're no longer doing drive-bys in upgraded Model Ts with Thompsons, but the concept is similar.

      --
      F7 doesn't work, ignore spelling and grammar
  7. Re:If you think this is corrupt for satellite peop by ddx+Christ · · Score: 5, Interesting
    The automobile industry is much the same. My father once worked at an autoparts shop and whenever someone clueless came in looking for a part, the manager would come out, pretend to look at a list, then pretty much charge $20-$30 for a part that cost $2, and so on.

    My dad said there was nothing he could really do, since the guy was his boss, except inform customers to pretend to know what they're doing so that they don't get taken advantage of. Come to think of it, this also happens at places like Best Buy when it comes to computers.

    --
    Fun Zoid RPG
  8. It's the future by mhollis · · Score: 4, Interesting

    Rather than innovate, I think we'll see more companies resorting to attacks of competitors' information systems. Innovation costs real money. You have to hire really smart people and they're not as inexpensive as the dullards who willingly participate in these schemes.

    Of course, it's a matter of time before terrorists and/or other countries (China and North Korea being two that come to mind) start these kinds of attacks on their enemies' or perceived enemies infrastructure.

    --
    Gods don't kill people, people with gods kill people.
  9. The Great Enabler. by Anti-Trend · · Score: 5, Informative
    Let's not forget the thing which made it possible for Roby to carry out these attacks in the first place. FTA:

    "In his plea agreement, Ashley admitted he knowingly allowed clients and employees to control networks of compromised Windows machines, or 'bots,' from Foonet."

    Now I realize that this may come across as trolling, but it doesn't make it any less true. If Windows wasn't so difficult for Joe Sixpack to lock down to the point where it can be used in a semi-secure fashion, it might be a different story. As it stands, you need a good antivirus, multiple spyware tools, browser hardening tools (if you continue to use IE) or a new browser, patches, service packs and more. And that's just the software end, not even best practice. In an average user's hands, it seems it's not a question of whether the system will be compromised, rather of who cracks it first. In this case, it seems to have been a script kiddie from Ohio.

    --
    Working in a DevOps shop is like playing in a band made up entirely of keytarists.
    1. Re:The Great Enabler. by waferhead · · Score: 3, Interesting

      Is a troll who makes a valid point really a troll?

      If I had mod points today, I'd probably mod the parent up, as it is at least a good point for discussion to start.

      ISPs IMHO should actively monitor their customers, at least to the point of looking for zombie machines, and shutting them down automatically.

      It would be a public service.

  10. Re:Stopping this altogether by davidu · · Score: 3, Interesting

    Yeah, fixing windows and or firewalling the shit out of it.

    It's no longer a matter of stopping spoofed source addresses, people DoS with massive botnets using real src_addr's.

    Fix windows and you'll start to get somewhere. It'll stop spam too.

    -david

    --

    # Hack the planet, it's important.
  11. Re:If you think this is corrupt for satellite peop by magarity · · Score: 4, Funny

    pretend to know what they're doing so that they don't get taken advantage of. Come to think of it, this also happens at places like Best Buy when it comes to computers.
     
    Funny, I always get the impression the BB sales staff is pretending they know what they are doing so that I won't take advantage of them.

  12. Better idea by Dimensio · · Score: 4, Interesting

    All complicit parties belong in jail. The person who hired the hit and the person who carried it out.

    --
    STOP MISUSING APOSTROPHES, YOU MORONS!!!
  13. the worst part by akhomerun · · Score: 3, Insightful

    Jay Echouafni, the 38-year-old satellite TV mogul who allegedly ordered and funded the cyberhits, went on the lam last year, and remains a fugitive from a federal indictment out of Los Angeles.

    the worst part is that this guy is still out there and hasn't been caught yet. hopefully it's only a matter of time before he's nabbed

  14. Pleading Guilty by Mishra100 · · Score: 3, Insightful

    "Under federal sentencing guidelines, Ashley faces 70 to 87 months in prison for his role in the attacks" Unless he pleads non-guilty, which he should. If you plead guilty then they give you the maximum sentence. Non-guilty defendants have a change of arguing a couple of years off their sentence.

  15. Re:That was obvious wasn't it? by Spaceman+Spiff+II · · Score: 3, Funny

    I mean, if someone's name is 'Krashed', surely he's some sort of criminal... That... or he uses KDE.

    --
    I understand that life's not fair, just why is it never unfair in my favor?
  16. Re:Where is the proof by bigman2003 · · Score: 4, Insightful

    Are you kidding?

    If every claim on Slashdot had to be substantiated, and proven...we'd all sit around doing research, and creating bibliographies.

    This isn't a peer-reviewed publication. We don't need to prove anything.

    Especially to an anonymous coward.

    (By the way- I know that AC. And his mom sleeps with anonymous men she meets in chat rooms.)

    --
    No reason to lie.
  17. Re:If you think this is corrupt for satellite peop by Eberlin · · Score: 5, Informative

    I always like to retell my best buy experience when the subject comes up simply because it was so frustratingly lame.

    I was going to purchase a laptop from them -- I did my research to make sure all of the essential hardware would run with my choice distro, yadda yadda.

    I walked into a store and instead of just picking the laptop up, decided to go ask one of their sales droids about it. "Will it run Linux?"

    The basic thing I got from him was that it would not. It was way underpowered to run a Linux server. (I had a 400MHz PII that ran RH, and this laptop had at least twice the stats of EVERYTHING the ol' PII had). I explained I didn't want a server but a desktop install. Same thing, he says. Says they all run their Linux servers on Alienware laptops.

    Asks why I disliked XP. Performance issues, security issues, MS antics. Guy tries to sell me XP Pro instead. Tells me an alphabet soup of certification credentials to make himself the smarter one...then says Bill Gates had bought out Linux and that in a year we wouldn't even be talking about Linux at all. This was two years ago.

    I politely thanked him and said I'd go home to rethink my strategy. I bought a Dell. Now running on Ubuntu Hoary.

    So yeah, not sure if that guy still works at that Best Buy but the degree of misinformation to upsell shtuff can get ugly.

  18. Stopping this altogether: You can do it now. by twitter · · Score: 3, Insightful
    Is there anything that is being implemented to eliminate DDOS attacks altogether?

    Two things are being done. First, the FBI is nailing inept perpetrators as they can. This is like trying to cure a flea infestation by pinching the fleas off your friend's back. The second, more effective thing is the replacement of Windoze. Without Windoze, there will be no botnet. If you are new here, I suggest you get one of the following to improve your computing experience and help stamp out the weakness that will destroy the net:

    • Mepis, auto configures and runs live off CD. If you like it, the "install me" button does it's business in 20 minutes.
    • Xandros, what's left of Correl Linux, even easier for Windoze refugees with as much of the look and feel as possible.
    • Fedora, Red Hat's free software offering.
    • Debian Proper, harder than the others to set up but of much higher quality and easier to maintain.

    With so many choices, there will never be Windoze type problems on free software. The exploits will not carry into more than 10% of the install base at a time. Go get some and take a bite out of crime.

    --

    Friends don't help friends install M$ junk.

  19. Cracker Jack by Doc+Ruby · · Score: 3, Insightful

    Roby and the rest of his cracker gang are criminals and deserve jailtime when they're proven guilty. But the cops caught these guys because all they had to use to get away was a measly $1000. The guy who hired them, Echouafni, is "on the lam", because he's got the money to hide. So the cops and prosecutors will pounce all over Roby, because he's an easy target. Will the keystone kops take any heat for not getting Echouafni, who will easily find other people who are "brilliant in one area, but absolutely lacking in common sense in others"?

    --

    --
    make install -not war

  20. Taking Offense . . . by Dausha · · Score: 5, Funny

    "Ohio Cracker Confesses . . . "

    I can't believe nobody else has taken offense to this. "Cracker" is a highly-charged derogatory term. The politically correct term is "Saltine-American."

    --
    What those who want activist courts fear is rule by the people.
  21. Re:That was obvious wasn't it? by chub_mackerel · · Score: 3, Funny

    No, no. Then he'd be a Kriminal.