[ISN] Hacker cops to $70k botnet rampage

From: InfoSec News (alerts@private)
Date: Wed Jun 11 2008 - 01:03:12 PDT


http://www.theregister.co.uk/2008/06/11/botherder_admits_to_ddos_assault/

By Dan Goodin in San Francisco
The Register
11th June 2008

A 21-year-old American has admitted to using a potent botarmy to wage a 
relentless campaign of destruction on two volunteer websites as part of 
a scheme to punish the operators for behavior he thought was unfair.

Gregory C. King, of Fairfield, California, pleaded guilty Tuesday to two 
felony counts of transmitting code to cause damage to protected 
computers. King, an irascible hacker who used monikers including Silenz, 
SilenZ420 and Gregk707, faces a maximum of 20 years in federal prison 
and a fine of $500,000, although his plea agreement calls for him to 
spend two years behind bars and pay restitution to his victims. 
Sentencing is scheduled for September 3.

King's distributed denial-of-service (DDoS) attacks on CastleCops [1] 
and KillaNet Technologies [2] were so potent that the sites and their 
service providers sustained as much as $70,000 in damage, according to 
court documents. Unlike more sophisticated hackers who take pains to 
cover their tracks, King frequently taunted his victims in online chat 
rooms even as he flooded their servers with as much as 1 gigabyte of 
data per second.

"My good friend's ISP shut him over this fucking post," a user by the 
name of SilenZ wrote in a CastleCops forum in February 2007, just 
minutes before a DDoS attack brought it down. "I have the right to be 
angry."

Volunteers at CastleCops, a watchdog computer-security website, spent 
the next five days trying to deflect the assault.

King's DDoS activities date back to at least 2003, according to KillaNet 
owner Tami Quiring, when a 17-year-old King perpetrated an especially 
nasty electronic assault known as a smurf attack on her site. King 
struck at Quiring again in December of 2004, shortly after FBI agents 
had raided King's home.

King's arsenal included a 7,000-node botnet that he misappropriated from 
another bot herder, according to court documents. At times, he used his 
father's DSL connection to unleash the attacks. Other times, he launched 
them from a near-by Best Buy store or a McDonald's restaurant.

Upon learning of Tuesday's guilty plea, Quiring said she had "mixed 
feelings."

"We're glad that it's over but two years [sentence] after four years of 
hell, and the amount of money that his actions cost us, is somehow not 
equaling up," she said.

Quiring recounted the years she and her coworkers spent trying to 
insulate themselves from King's rampage. They tried befriending him, and 
when that didn't work, they spent countless hours working with law 
enforcement agencies to track him down and charge him.

Still, she said she feels something approaching satisfaction to know 
that her ordeal with King is over.

"We told Greg a long time ago that he was taking on the wrong people and 
I guess we proved it," she said.

[1] http://www.castlecops.com/
[2] http://www.killanettechnology.com/about.html


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Wed Jun 11 2008 - 01:15:20 PDT