The Financial Times reports an angle I hadn't seen before: professional script kiddies extorting money from companies with threats of a denial of service attack. Seems they're currently threatening online gambling houses.
Printable View
The Financial Times reports an angle I hadn't seen before: professional script kiddies extorting money from companies with threats of a denial of service attack. Seems they're currently threatening online gambling houses.
That's crazy to think about. I wonder how they are "commandeering" all those comps. I would imagine they wrote a trojan that always looks to a source somewhere online for the next command and hit all sorts of peeps in chat rooms w/ it... and then little 14yo girls are taking down online gambling houses and are involved in coorporate blackmail. LMAO. I could run on forever making up stories on this one. I think I'll write a comic book.
Haven't they been doing that for some time now?
http://www.theregister.co.uk/content/55/33954.html
That article I linked to is almost a year old now.
I had thought I heard about them doing this to people who run pr0n sites in exchange for free service. If they didn't give them accounts, then they got DDoS'd...
It isn't too hard to get the computers. The just load a trojan on the "zombie's" computer, then they have a password protected chatroom in mirc with a bunch of bots that they use to call those computers. When they want to attack someone, they go to their irc chat room and issue the attack command with a target address.
But yeah, that is sick. And how do they think they are going to get away with that money? I doubt any skiddie is that knowlegeable in that area.
It's widely rumored that there are connections between Russian/Eastern European crackers and the Russian Mafia. That would explain how they plan to get away with it. That would also explain why they're asking for $40k, instead of $100 worth of porn access.
That disgusts me more than anything else on the internet. The very idea that somebody would essentially hold systems for ransom is awful. It's sad that there are people who are obviously motivated solely by money running around. At least most s kiddies are just doing it to be cool.
Lansing_Banda's right, it has to be a semi-professional, very few script kiddies could get away with something like that. It's not the technical side of it that's difficult, it's the financial side.
But if all I have to do to get free porn is a DDoS...... LOL.
Whatever happened to a big guy named "Fat" Tony going to the local pr0n shop and extorting money for "protection"?...J/k :)
"Professional Script Kiddies" - isn't that an oxymoron? Heh heh..
Yeah, it'd have to be someone else.. due to the financial side. Once a cash transaction is made, a paper trail a mile long is created, and the authorities (depending on the country or treaty we're talking about) can jump. Besides, to really DDoS a location with lots of bandwidth, you'd have to have a pretty big bot network.. that's usually the domain of organized groups, not kids who aren't old enough to drive.
Some speakers I've seen recently from CERT and the FBI on DDoS have been quoting statistics having evidence of bot networks as big as 14,000 computers. No hard evidence, but estimates based on profiles of whats been going around. Myth or truth? Who really knows.
l00p
Quote:
Originally posted here by InfiniteL00p
Some speakers I've seen recently from CERT and the FBI on DDoS have been quoting statistics having evidence of bot networks as big as 14,000 computers. No hard evidence, but estimates based on profiles of whats been going around. Myth or truth? Who really knows.
l00p
I bet Myth. These guys get caught, and its reported as news. Recently, I have not seen any recent mass Dos attacks causing long term damage on high profile sites. If the dos attack lasts long, it gets to be traceable.
Ahem. WorldPay was DDoS'd into the ground for almost a week.