Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aussie Blogger Hit With DDoS Death Threats

Posted by timothy on from the bad-childhoods-continue dept.

mask.of.sanity writes "An Australian blogger who blew the lid on emerging domain-name fraud campaigns has received death threats from the scammers. His blog and domain parking company are still being hit with a large distributed denial of service attack that has the death threats embedded as HTML links within its logs. Australia's government CERT team and the U.S. Secret Service (blog servers were hosted on U.S. soil) are pursuing the botnet's command and control servers. Ten days later, the victim is still being attacked and is fighting a cat-and-mouse game as IP address ranges change."

17 of 125 comments (clear)

  1. Re:Stop giving hackers a bad name! by Psychotria · · Score: 5, Insightful

    Those were never "hackers"

  2. I am confused by bloodhawk · · Score: 3, Informative

    Huh? So now domain name parkers are considered innocent victims rather than the scumbucket profiteers that polute the web and search engines with advertisings and misleading links?

    1. Re:I am confused by North+Korea · · Score: 4, Insightful

      There's nothing wrong with domain name parking. If you have no current use for a domain you've paid, you park it. Also, you could use the domain for other purposes than just for web - like email, game servers etc. There's internet out of the web too, you know.

    2. Re:I am confused by AftanGustur · · Score: 2

      There's nothing wrong with domain name parking.

      "Domain parking", usually means tapping into search results of the big search engines and feeding people advertisements in place of the actual content they were looking for. This may be legal, but that doesn't make it "right".

      In addition, people like Michael Gilmour get away with paying only a few cents for each domain and then buy them in the thousands when people forget to renew or let them expire, hoping to sell them back with a hefty profit.

      Michael Gilmour is not giving people any more service than someone who buys up all the tickets for a concert and then sells them back to those that want to listen to their favorite musician.

      --
      echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
    3. Re:I am confused by bloodhawk · · Score: 2

      There's nothing wrong with domain name parking. If you have no current use for a domain you've paid, you park it. Also, you could use the domain for other purposes than just for web - like email, game servers etc. There's internet out of the web too, you know.

      He is not that sort of domain parker. He is someone that buys up domain names for generic terms and mistyped domain names and parks the domain with advertising to get ad traffic from searches and mispellings.

    4. Re:I am confused by Anonymous Coward · · Score: 2, Informative

      Wrong. Not everyone seeks to gouge the shit out of everyone else. How sad that the epitaph on the tombstone of our society will be "Well, at least they made a profit". Pathetic.

    5. Re:I am confused by WNight · · Score: 2

      Btw there's actually a phrase for what you're feeling: "domain envy". It's no different than those that lament not buying MSFT back in the early '90s.

      I (may) lament my lack of money but not my unwillingness to mug a senior citizen for it. I don't envy the killers.

      You're using domain envy a little too loosely here. Under your usage a rape counselor would have domain envy towards rapists.

      And I'd bet the you'd feel much differently if you owned a multi-million dollar domain like beautiful.com.

      Ahhh, the "You can't prove you wouldn't do it so it's unjust to punish anyone for it" argument. Weak.

      But no, I wouldn't want them, or me, to be punished. I'd want it taken away and allocated in a way that best matches what the public wants to find when they type "beautiful com(pany)".

      But you can't because P&G registered [...] Sounds like you're unhappy about the situation.

      Yes, I am. There are systems that could serve people and here we are using one pretty much designed not to help.

      Out here in the real world it's called capitalism.

      Wow. That's so abysmally stupid that you must have an MBA.

      That is precisely the opposite of capitalism. The government took some computer config stuff and wrote laws about it, handing control of the process to the biggest lobbyist and in general fucking the whole system up, just so someone could 'own' it. That's cronyism and rent-seeking. Pay attention, it's the main cause of the decay of your society.

      The whole thing is shockingly Soviet. Take some functioning industry, decide bureaucrats know best, and drive it into the ground through a total lack of domain knowledge.

  3. Re:Laziness by mevets · · Score: 2

    Your right; the really lazy would just hire someone local to do their 'wet work'. Good thing they haven't thought of that.

  4. Re:Stop giving hackers a bad name! by WorBlux · · Score: 3

    Hacker make things work, generally with either with a low budget, a high degree of creativity, simple elegance, or superfluous complexity. More for the satisfaction of being able to be it. Sometimes involving good-natured pranks, naivety or a need to take dissect things just to see how they work. However a death threat is the sort of malovelence far removed from a hacker's nature. Also hackers tend to be very strongly motivated by internal rewards (satisfaction at a job well done) rather than the external (money) as these scammers are.

  5. Re:Umm... unplug it? by WorBlux · · Score: 3, Insightful

    That's the most fucking asinine or exceedingly obtuse comment on this page yet. The threat doesn't go away when you turn the computer off. The damage of a death threat isn't in the symbols used to convey the message, but the intent it converts.

  6. Re:Interesting. by ikkonoishi · · Score: 3, Informative

    http://www.secretservice.gov/investigations.shtml

    Since 1984, the Secret Service's investigative responsibilities have expanded to include crimes that involve financial institution fraud, computer and telecommunications fraud, false identification documents, access device fraud, advance fee fraud, electronic funds transfers and money laundering as it relates to the agency's core violations.

  7. Aren't IPs good enough to identify someone? by AK+Marc · · Score: 3, Funny

    If they can sue based on IP, why can't they get the names and addresses of everyone involved?

    There's only one thing that will end this. Find every IP launching the attack and prosecute them for hacking, even if all they did was own an insecure system. You have to push the responsibility back on the people allowing the attacks. It's illegal to leave your car running attended because it's an attractive nuisance.

    --
    Learn to love Alaska
    1. Re:Aren't IPs good enough to identify someone? by julesh · · Score: 4, Interesting

      If they can sue based on IP, why can't they get the names and addresses of everyone involved?

      FTFA:

      Scammers would change their origin of attack to evade blocking and Gilmour would respond in kind.

      In the last hour, the attacks have moved to Indonesia where some 28,000 unique IP addresses are attacking his sites every few minutes.

      So you're suggesting he sues 28,000 indonesians? And then when the botnet operator switches to a different IP range, another few thousand people of some other nationality. And then another, and another. And you think that's going to work because...?

      It's illegal to leave your car running attended because it's an attractive nuisance.

      Maybe where you live it is. I can assure you it isn't where I am. Which is the problem: laws work differently in different countries. Sometimes even in different regions of the same country. The Internet is international. Even if some jurisdictions have laws that you can use against attacks like this, not all do. And that just means the attackers will end up working from those that don't.

  8. Re:Stop giving hackers a bad name! by Samantha+Wright · · Score: 2

    Fortunately, the hardware hacking community has worked toward making the name its own again, ensuring that the concept of a hacker as a knowledgeable, creative person who works with complex computer technology at least somewhat lurks in the minds of the educated public.

    --
    Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
  9. Re:Internet toughguy syndrome by SteveTheNewbie · · Score: 4, Informative

    Sadly, thats incorrect, there are cases where people have been tortured and kidnapped for messing with these criminals

    http://www.wired.com/threatlevel/2008/08/hacker-reported/ is one such case, another i dont have the link for right now involved a reporters daughter being kidnapped, put on drugs and sent to work in a brothel for 5 years. The hacker con ruxcon in Australia had a talk on it last year, no country is safe when dealing with real criminals. They will find and kill you for disrupting their business.

  10. Re:Internet toughguy syndrome by PPH · · Score: 2

    But the reverse is also true they can also be found hunted down and eradicated fumigated and deleted from the record of humanity

    Really? From the article:

    In April, Miami Beach police busted a ring of Bulgarian nationals ....

    The Secret Service took over the Miami Beach case, and the four defendants were each released on a $100,000 cash and signature bond. Three, including alleged ringleader Nikolai Hristov Arabov, jumped bail and went on the lam last month.

    That goes beyond stupidity and incompetence and possibly straight to collusion. And this isn't corruption in the ex-Soviet bloc. This is the Secret Service and our own court system.

    --
    Have gnu, will travel.
  11. Re:real estate doesn't quietly expire and be resol by Dan541 · · Score: 2

    By allowing a domain to expire you relinquish your owner ship of it. Just about every domain I have ever let expire has been registered the instant it dropped. There is nothing wrong with this because I let the domains expire. If someone else wants to register them; they have every right to do so. Domains need to expire, otherwise we would have an exponential growth of dead/abandoned domains that could never be recovered and no revenue stream to maintain their infrastructure. Currently between 60,000 and 70,000 .com domains expire every day and become available for registration. I own plenty of domains that I would never have gotten if they didn't expire.

    The same thing happens to houses. If you own a property and you leave it unattended you certainly can lose it just like a domain. Try it, buy a property and never ever check the mail pertaining to the property or do anything with it. Eventually you're guaranteed to lose that property; through failure to pay tax if nothing else.

    --
    An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"