Tag Archives: defend against ddos

Apple Daily in Hong Kong and Taiwan hit by DDoS attack

Apple Daily said its websites for both Hong Kong and Taiwan were hit by DDoS attacks on Saturday. IP addresses reveal that attacks originated from China, Russia, and France, according to Michael Yung, CIO of Next Media, the parent company of Apple Daily. Starting 1pm on Saturday, traffic to the Next Media website became increasingly huge that access to Apple Daily and other contents of the firm was significantly slow, Yung said, adding that audiences could only view text content via the newspaper’s mobile app. The firm’s website was restored at 6pm after several hours of fixing, Next Media said. According to Yung, small-scale attacks to the Next Media website are frequent but much more severe ones come before the June 4 commemoration and July 1 protest every year. Next Media said the attack is an act of harming freedom of press and but that won’t stop the organization from defending it. While Anonymous reportedly confirms that the attack came from the mainland Chinese government, Next Media said the identity of the attacker remains unknown at the moment because IP addresses identified could be fake. There’s also speculation that the attack’s related to Sunday’s “Free Speech, Free Hong Kong” protest organized by the Hong Kong Journalists Association. The protest is a response to recent moves that are seen as compromising editorial independence and freedom of speech. Of late, Commercial Radio fired its outspoken host Li Wei Ling while Chinese-language newspaper Ming Pao replaced its existing chief editor with a Malaysian journalist who’s not known to the local community and media industry. Source: http://news.idg.no/cw/art.cfm?id=F7551BB6-DF9A-6D69-EBD70AD566B9147F

Continued here:
Apple Daily in Hong Kong and Taiwan hit by DDoS attack

Cyber attacks: preventing disruption to your website

One of the largest ever cyber attacks took place this month and it has been cited that it was the shape of things to come. But it is not all doom and gloom – there is plenty that businesses can do to prepare for the future. Start by thinking about the impact of your website being down for a day to three days and how it would affect current and prospective clients and the reputation of your brand. Google is usually the first port of call when checking out products and services, so chances are high that any disruption to your web experience won’t be favourably looked upon by prospects. Cyber criminals will often inject malware into legitimate websites with the goal of getting innocent users to click on it, which will automatically trigger a download and can lead to all sorts of problems for the user. As the website owner, you may be completely unaware, but this is something that Google is cracking down on. If a website is spotted hosting malicious links, Google can blacklist it, meaning it will not show up in searches and it will temporarily remove it from the Google index, which badly affects SEO. Browsers, such as Chrome, Firefox etc will also flag insecure or risky websites and that may scare away potential customers. It may take weeks of effort to get removed from blacklists and re-indexed. If this wasn’t bad enough, the risk is actually two-fold. There are some would-be attackers that will threaten to hold your website to ransom. In this case, they will identify the holes in your website and blackmail you into paying them in order for them not to get your website blacklisted. The best way to avoid getting blacklisted, or indeed blackmailed, is to have the website checked for malware and other infections. And it is also highly recommended to have your website scanned for known vulnerabilities. This will ensure that there are no “holes” that attackers can exploit to install malware or create watering holes for unsuspecting customers. Another issue to avoid falling victim to is a DDoS attack. DDoS attacks bombard a website with so many external communication requests that it floods the system and overloads the server to such a point that it can no longer function, leaving the website paralysed and unable to transact business. Attacks of this nature are on the rise and it’s fair to predict that this year will be no exception to this trend. The best start is to have a plan in place- whether it is a hardware solution that takes days to install and requires a higher up-front cost; or a provider who offers DDoS protection services that can be up and running in as little as a few hours for a monthly cost. In addition, it’s worth noting that some good DDoS protection services will offer a caching component that will allow bursts of legitimate traffic to your website without negatively impacting on the server. Because it will automatically balance the load coming in, it keeps the website available to handle large amounts of requests with no disruption to your user base. So, make sure you do your research when choosing the best option for your website. Bear in mind that, while you can get a protection service in an emergency situation, as with so many things, the best offense is a good defence, so businesses should make sure that they have a proactive DDoS solution in place to avoid disruption to your web presence. Top tips: 1) Run malware detection and anti-virus on your website to spot and clear any existing infections 2) Enlist the services of a vulnerability scanner to identify and fix any exploits in your website 3) Have proactive DDoS protection in place; either in the form of hardware or a managed service 4) Have load balancing in place to ensure your website can handle increases in transactions Source: http://www.itproportal.com/2014/02/21/cyber-attacks-preventing-disruption-your-website/

Stack Overflow goes down for an hour on Sunday due to DDoS attack

Stack Overflow went out for about an hour on Sunday morning due to a DDoS attack, TechCrunch reported. Stack Overflow is a question and answer website focused on coding that programmers, both professional and amateur, rely on. Stack Exchange, the parent firm of Stack Overflow, told TechCrunch that the site went down because of a DDoS attack on its network provider. According to Webopedia, a DDoS attack or Distributed Denial of Service is a kind of DOS attack “where multiple compromised systems-which are usually infected with a Trojan-are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.” Stack Exchange added that the issue has already been “partially mitigated” and the platform is already operational. A 100% free site that does not require any registration, Stack Overflow allows anybody to ask and answer a question. Users vote on the best answers and they then go up to the top. Posts about the outage began to hit micro-blogging site Twitter and Hacker News at about 11 am Pacific Time Sunday. The notes, often humorous, of programmers served as a testament to the importance of the platform to a lot of people, the report said. Some of the Twitter posts about the outage featured in the TechCrunch report included one from Adam (@adamjstevenson) which said, “Stack Overflow being down reminds me how badly I need Stack Overflow in my life.” Another one came from pickett (@pickett) which said “Well, stackoverflow is down. Might as well pack it in and take the day off.” Vineet Shah (@vineetshah), meanwhile, posted “Came to work on a Sunday and Stack Overflow is down EVERYBODY PANIC.” Source: http://www.vcpost.com/articles/21665/20140216/stack-overflow-goes-down-for-an-hour-sunday-due-to-ddos-attack.htm

See more here:
Stack Overflow goes down for an hour on Sunday due to DDoS attack

Bitcoin Value Plunges as DDoS Strikes Currency Exchanges Read

Russia and China are backing out of the Bitcoin business. Recent DDoS attacks on a number of major Bitcoin exchanges have caused them to suspend trade. Mt Gox, one of the most significant exchanges, blames hackers trying to create fraudulent transactions for the attack. The value of the cryptocurrency has dropped significantly, from a high of $926 on February 5th to $501.83 as of time of writing. Bitstamp, BTC-e and Mt Gox are all known to have been affected. Tokyo-based Mt Gox argues that the attackers are trying to create uncertainty, and exploiting that uncertainty to duplicate transactions. By intervening just after a transaction is initiated but before it completes and changing the transaction ID, the hacker can create the illusion that the transaction never completed. The hacker then claims a second payment, alleging that the first one wasn’t valid. “Whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming,” says Jinyoung Lee Englund of the Bitcoin Foundation. “It’s important to note that DDoS attacks do not affect people’s bitcoin wallets or funds.” The value of most other Bitcoin variants has fallen, dragged down by the drop in Bitcoin itself. The one exception so far is Dogecoin, whose value has risen markedly. It’s now the third most valuable cryptocurrency, after its value soared 27% in 24 hours. Meanwhile both Russia and China have started cracking down on Bitcoin. Last week the Central Bank of Russia made it illegal to use Bitcoin, alleging that it could be used for money laundering and criminal activity. Russia’s move came after China’s largest exchanges started banning Bitcoin sales earlier this year, as the government cracked down on the cryptocurrency. Alibaba Group, China’s biggest online marketplace, complied with the government’s demands “in the interest of consumer protection,” said a spokeswoman. In both instances it seems likely that, although there are legitimate concerns about criminal activity, the bigger issue is currency control. Though there are benefits – China’s investments in Africa have been made much easier with Bitcoin – neither China nor Russia really likes the idea of an electronic currency that avoids both government regulation and monitoring. “It is proposed to punish (with large fines and imprisonment) all anonymous ‘electronic’ money transfers through the border,” alleged an anonymous Russian Cryptocoins News source. “Since Bitcoin has no borders, it may be the problem.” The source argues that Russia’s political opposition has been funded via Bitcoin for some time, and this crackdown is an attempt to stifle that opposition, as well as a more general reaction against technology the government doesn’t understand. “To put things in perspective,” says Mt Gox as it explains the reasons behind its suspension of trade, “it’s important to remember that Bitcoin is a very new technology and still very much in its early stages. What Mt Gox and the Bitcoin community have experienced in the past year has been an incredible and exciting challenge, and there is still much to do to further improve.” Source: http://www.escapistmagazine.com/news/view/132215-Bitcoin-Value-Plunges-as-DDoS-Strikes-Currency-Exchanges?utm_source=rss&utm_medium=rss&utm_campaign=news

View article:
Bitcoin Value Plunges as DDoS Strikes Currency Exchanges Read

Exchange Halts Payouts as DDoS Attack Pummels Bitcoin

A second major bitcoin exchange suspended withdrawals on Tuesday, amidst widespread attacks on the vast software system that drives the digital currency. Bitstamp, an exchange based on Slovenia, says that it suspended Bitcoin withdrawals due to “inconsistent results” from its online bitcoin wallet caused by a denial-of-service attack, according to a post on the exchange’s Facebook page. “Bitcoin withdrawal processing will be suspended temporarily until a software fix is issued,” the post reads. The news comes a week after the Tokyo-based exchange Mt. Gox suspended Bitcoin payouts, blaming a known bug in the bitcoin software. At the time, outside observers turned the blame on Mt. Gox’s accounting software, but it turns out that the company isn’t the only exchange struggling to cope with the bug. That a known issue like this could lead to the suspension of payouts on two of the world’s most popular bitcoin exchanges underscores the immaturity of bitcoin and the ongoing growing pains of the the world’s most popular digital currency. These growing pains are not just technical, but political. As Bitstamp battles against these attacks, it’s also worth noting that the Slovenian exchange is not listed as a money services business with FINCEN, the U.S. agency that registers money transmitters — even though it accepts US customers. Bitstamp did not respond to a press inquiry from WIRED. But according to Andreas Antonopoulos, the chief security officer with bitcoin wallet-maker, Blockchain, the effects of this week’s attack should be temporary. “It’s a griefer attack,” he says. “All it does is slow down these exchanges.” But the company could eventually run into serious problems with regulators in the U.S. FINCEN expects even foreign-based money transmitters to register if they service US customers. A Bored Teenager With a Computer? Bitstamp’s technical issues came to light after someone — nobody knows who, exactly — started flooding the worldwide bitcoin network with thousands of bad transaction records. Because of a flaw in the bitcoin protocol, it’s possible for the bad guys to create two unique transaction identifiers — called hashes — for legitimate transactions on the network. The official bitcoin ledger, or blockchain, is not fooled by these so-called “malleable transactions”, but some badly written wallet software could be confused. “It’s like creating a fake receipt,” says Antonopoulos. In theory, someone could try and use one of these fake receipts to try and trick an exchange into believing that a bitcoin transfer had not gone through, but a look at the blockchain would clear things up, he explains. It turns out that a small number of these bad transactions have been broadcast in the background of the bitcoin network for some time now, but after Mt. Gox went public with its problems, someone cranked up the volume. “Some joker is rewriting thousands of bitcoin transactions and rebroadcasting them,” says Jeff Garzik, a core developer on the bitcoin software. “It’s not a ‘massive and concerted’ attack, probably just a bored teenager with one computer.” Antonopoulos, who is working with other bitcoin companies to coordinate a response to the attack, says he’s spoken with five exchanges (not including Mt. Gox) about the issue, and that three of them are unaffected by the issue. None of the five exchanges that Antonopoulos has spoken with appear to have lost money because of the issue, he says. Source: http://www.wired.com/wiredenterprise/2014/02/bitcoin-ddos/

See the original article here:
Exchange Halts Payouts as DDoS Attack Pummels Bitcoin

Largest ever DDoS attack

CloudFlare said that the attack was close to 400Gbps in size, making it bigger than last year’s DDoS attack against anti-spam outfit Spamhaus, which was measured at just over 300Gbps. Confidentiality stopped CloudFlare from revealing the identify of the customer under attack, and there were few details on how many other companies had been affected. The DDoS attack did, however, seem to pose a bigger threat on European networks, with French hosting outfit OVH later reporting that it had fended off a 350Gbps attack. It’s not known if the same attacker was responsible. Company CEO Matthew Prince responded to the news by saying on Twitter that “someone’s got a big, new cannon” and the attack was the “start of ugly things to come”. While the size of this attack is likely to draw the headlines, it’s worth noting that hackers carried out the DDoS attack by using NTP reflection and amplification techniques, which are increasing common for overwhelming target servers by sending more data packets than switches can support. The attack technique has been seen in relatively recent hacks against online gaming services like Steam, League of Legends and Battle and essentially aims to push big traffic to the target’s Network Timing Protocol (NTP) server. In this instance, attackers used NTP reflection to exploit a weakness in the UDP-based NTP, which connects to the Internet to synchronise clocks on machines. The hackers then spoofed the IP address of the target, and sent DNS queries to open DNS resolvers that will answer requests from anywhere. As a result, overwhelming levels of traffic were sent back to the NTP server. CloudFlare has a detailed blog post on NTP reflection attacks. Martin McKeay, senior security advocate at Akamai Technologies, told SCMagazineUK.com that this method of attack troubles unpatched DNS servers, and said that is attractive to attackers because it can reflect huge traffic back to the target. He added that it’s also favourable to the attacker because UTP is “easily spoofed” and because it’s hard for victims to see who is behind the intrusion. “The main reason for using NTP as an attack tool is that it increases traffic by 100 or 200 percent. It’s a great reflection index and makes for a very effective tool if you’re an attacker. “At 400Gbps, it’s conceivable that the attack is being run by a small botnet outputting 20Gbps to 30Gbps of traffic,” he added. McKeay, and other industry commentators, have advised IT administrators to patch and upgrade their NTP servers in light of this attack, although the Akamai exec admitted that some can assume that NTP servers are safe. “NTP servers are often stable and so haven’t often been looked at before. [IT departments] are having to now.” IT administrators are advised, in light of this attack, to patch and upgrade their NTP servers and to check management rights. Speaking recently to SCMagazineUK.com , Visiting Professor John Walker, of Nottingham Trent University, warned that DDoS attacks will continue to be a big threat in 2014, and added that, since company divisions struggle to get their heads around the issue, the firm itself struggles to establish an effective defence strategy. “Since they see the issue solely from their perspective, they cannot hope to develop an effective strategy to deal with this security problem,” he said at the time. A previously unknown division of the UK Government was recently accused of launching DDoS attacks against hactivisim groups such as Anonymous and LulzSec, while a report from the end of last year revealed that most UK companies ignore DDoS threats. Source: http://www.scmagazineuk.com/cloudflare-spots-largest-ever-ddos-attack/article/333480/

Follow this link:
Largest ever DDoS attack

Snapchat Vulnerability Could Lead To iPhone DDoS Attacks

A cyber security researcher has discovered a vulnerability within the Snapchat mobile app that makes it possible for hackers to launch a denial-of-service attack that temporarily freezes a user’s iPhone. Jaime Sanchez, who works as a cyber-security consultant for Telefonica, a major telecommunications company in Spain, said he and another researcher found a weakness in Snapchat’s system that allows hackers to send thousands of messages to individual users in a matter of seconds. Sanchez said he and the fellow researcher discovered the glitch on their own time. Flooding one user with so many messages can clog their account to the point that the Snapchat app causes the entire device to freeze and ultimately crash, or require that the user perform a hard reset. Snapchat is a popular mobile app for iPhone and Android devices that allows users to send each other photo and video messages that disappear a few seconds after they are opened by their recipients. Every time a user attempts to send a message through Snapchat, a token, which is a code made up of letters and numbers, is generated to verify their identity. Sanchez, who wrote about his security findings on seguridadofensiva.com (in Spanish), said a flaw within Snapchat’s system allows hackers to reuse old tokens to send new messages. By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals, he said. Sanchez demonstrated how this works by launching a Snapchat denial-of-service attack on my account. He sent my account 1,000 messages within five seconds, causing my device to freeze until it finally shut down and restarted itself. (See the video above.) Launching a denial-of-service attack on Android devices doesn’t cause those smartphones to crash, but it does slow their speed. It also makes it impossible to use the app until the attack has finished. Sanchez said he has not contacted Snapchat about the vulnerability because he claims the Los Angeles startup has no respect for the cyber security research community. He says Snapchat earned that reputation by ignoring advice in August and on Christmas Eve from Gibson Security, a security group that predicted a flaw within the app could be used to expose user data. On New Year’s Eve, another group exploited that vulnerability and exposed the user names and phone numbers of nearly 5 million Snapchat users. “They warned Snapchat about issues — about the possible dump of database — and Snapchat didn’t care,” he said. The Times asked Snapchat if it knew of the vulnerability claimed by Sanchez. Snapchat said it was not aware of the problem. “We are interested in learning more and can be contacted at security@snapchat.com,” a Snapchat spokeswoman wrote in an email reply. Source: http://www.latimes.com/business/technology/la-fi-tn-snapchat-shut-down-iphone-20140207,0,3127301.story#axzz2sixJmHSh

Read the original:
Snapchat Vulnerability Could Lead To iPhone DDoS Attacks

DDoS Surges in Mobile and Data Centers

Distributed denial-of-service (DDoS) attacks against mobile networks and data centers are increasing significantly: mobile DDoS attacks alone have more than doubled last year, with nearly a quarter of respondents in a new study indicating that they have seen attacks impacting their mobile Internet infrastructure. In addition, more than 70% operating data centers reported DDoS attacks over the last year, up dramatically from the year before. According to Arbor Networks’ 9th Annual Worldwide Infrastructure Security Report (WISR), more than a third of responding data centers experienced attacks that exceeded total available internet connectivity, nearly double from the previous year. Staggeringly, about 10% saw more than 100 attacks per month. The report also found that DNS infrastructure remains vulnerable. Just over one-third experienced customer-impacting DDoS attacks on DNS infrastructure – an increase of a quarter over the previous year. “Despite a really high-profile year for DNS amplification attacks, including the largest attack ever monitored (Spamhaus), there are still a significant number of open DNS resolvers out there within the survey base,” said Andrew Cockburn, consulting engineer for Arbor’s carrier group, in a blog. “Fully 20% of our respondents do not restrict recursive lookups, which when extrapolated to the entire base of DNS resolvers, makes for rich pickings among those that are interested in launching this kind of attack.” He added that after the Spamhaus attack, which was very well-publicized, Arbor saw a large number of copycat attacks in the months following. “And despite this, the number of open resolvers stayed pretty consistent with last year’s survey,” he said. “I think that the increase in lack of internal organizations with specific responsibility for DNS infrastructure is partly to blame. Without a targeted and holistic approach to security, such organizations have no way to connect the dots between their decisions to leave a resolver open, and the associated security risks.” The report found that more than a quarter of respondents indicated that there is no security group within their organizations with formal responsibility for DNS security, up 19% from the previous report. Also, there’s been a dramatic rise in DDoS attack size in general. In all previous years of the survey, the largest reported attack was 100Gbps. This year, attacks peaked at 309Gbps, and multiple respondents reported attacks larger than 100Gbps. “Last year we saw eight times the number of attacks over 20Gbps when compared to 2012,” said Darren Anstee, solutions architect for EMEA at Arbor. “In short, attackers seem to have re-focused on utilizing large volumetric attacks to achieve their goals and this illustrates why layered DDoS defense is such an important message. “ Meanwhile, internal network, advanced persistent threats (APTs) and ubiquitous application-layer attacks continue to be everyday reality for IT departments too. The proportion of respondents seeing APTs on their networks has increased from 22% to 30% year over year – and respondents ranked botted hosts as their No. 1 concern. “The other key aspect of the results this year, from my perspective, relates to internal network threats,” Anstee said. “Over half of respondents this year indicated that they had seen botted/compromised hosts and or APTs on their internal networks during the survey period. This clearly shows that threats are getting inside networks, either around or through perimeter defenses. Organizations need to augment their security postures so that they can identify suspicious or malicious activities wherever they might occur on their networks.” The report also found that application-layer attacks are now common, with nearly all respondents indicating they have seen them during this survey period. There has also been continued strong growth in application-layer attacks targeting encrypted web services (HTTPS): these are up 17% over the previous year’s report. Source: http://www.infosecurity-magazine.com/view/36687/ddos-surges-in-mobile-and-data-centers/

Read the article:
DDoS Surges in Mobile and Data Centers

Education sector is fastest growing for DDoS mitigation

The education sector is the fastest growing segment in taking up distributed denial of service (DDoS) mitigation, according to DDoS protection services firm DOSarrest. The firm’s CTO Jag Bains told Computing that many companies -not just e-commerce firms – are deploying DDoS protection. “If their website goes down as a result of an attack, they can lose their SEO ranking or it could have an effect on their brand, there is a lot at stake aside from revenues,” he said. And despite there not being a particular industry that looks at DDoS protection as a must, DOSarrest’s general manager, Mark Teolis claimed that the education sector is one area which has grown significantly. “Our fastest growing segment in the last six months is the education sector believe it or not,” he said. Teolis explained that the firm was getting business from “schools from the UK, the US and international universities” but said he couldn’t identify a specific reason as to why the sector has shown a sudden interest. Bains believes that it may be as a result of educational institutes guarding themselves against their own students. “Students have easy access to DDoS tools, so they may want to try it against their own [school or university]. They could be motivated because they’re failing in something, and there are enough smart kids around to access tools – it is easy to Google them anyway,” he said. But Teolis said that the tools have been available on the internet for a long time, so questioned why there was a sudden surge in interest from educational institutes. Bains suggested that it could be because the school and university websites have become an integral part of the education system. “We’ve been talking about e-commerce and gaming [as being key industries for DDoS protection], but web presence itself is very important and schools and universities need to make their websites accessible. They need a website to give out grades, information and schedules – five years ago they weren’t really using the web page apart from explaining where the school is located,” he said. But while the education sector may be taking a keen interest, Teolis claims that there is not one segment that is “taking up 30 per cent of the market”. He said that “10 or 15 per cent of the market is as good as it gets”. As for a particular industry that has not taken DDoS as seriously as others, Teolis believes many e-commerce firms haven’t contemplated being the victim of a DDoS attack. “There are still the odd e-commerce guys out there [who haven’t taken it as seriously]. Money is rolling in and they’re just focused on that; DDoS for them is somebody else’s problem. A lot of it is ‘my ISP will deal with it’, the fact of the matter is, it is difficult to stop all of the attacks,” he said. Source: http://www.computing.co.uk/ctg/news/2325009/education-sector-is-fastest-growing-for-ddos-mitigation-dosarrest

See the original article here:
Education sector is fastest growing for DDoS mitigation

Former hacker Mitchell Frost explains his motivation for launching a DDoS attack

In 2006, Mitchell Frost, then a 19-year-old college student at the University of Akron, used the school’s computer network to control the botnets he had created. Authorities say between August 2006 and March 2007, Frost launched a series of denial of service (DDOS) attacks against several conservative web sites, including Billoreilly.com, Anncoulter.com and Rudy Giuliani’s campaign site, Joinrudy2008.com. He is accused of taking down the O’Reilly site five times, as well as disrupting the University of Akron’s network during a DDOS attack Frost allegedly launched on a gaming server hosted by the university. Frost’s dorm room at the university was raided in March 2007. What followed, according to Frost, was a long, complicated legal battle that ultimately lead to him spending over two years behind bars and owing thousands of dollars in legal and restitution fees for his crimes. Frost was released from prison in 2012 and is now serving probation. Frost took the time to talk to CSO about his experience and delves into the reasons why he did it, his thoughts on the punishment he received and his plans for the future. Tell us about your background. How did you become so knowledgeable about computers and when did hacking become something that interested you? I started on computers around a young age and I have always had a mind that wants to keep exploring and learning. Hacking didn’t start overnight, it all started by networking really. First I wanted to be able to have music without paying for it, so I joined some chat rooms on IRC (Internet Relay Chat). IRC is not used much, it’s typically used only by smaller groups of hackers and gamers. When I was younger I would spend many hours in a row on the computer, and when I woke up or had free time, just continue on with what I was working on. You build skills and make connections with others and keep moving up until you have background in hacking. Let’s just say I built my way up over the years 2000-2007. What inspired you to do the kind of hacking you did in 2006 and 2007 to those conservative web sites? What were you hoping to accomplish by hacking those particular sites? How did you choose your targets and why? In 2006, I was young and, even at that age, I could see there was a lot of corruption and media propaganda going on in newspapers and on television. At that time, I had a rather large and complicated botnet. With the botnet, I was able to use the compromised computers for almost anything; key strokes, DDOS, servers, passwords, pranks. I had several botnets over the years from a few to thousands and didn’t do a whole lot of DDOS on servers because I had no need to. I decided that I had to do something about what I was seeing in the world around me, so I knocked a couple of websites offline at the time thinking it will prevent the hate and conflict and fear mongering from being seen by people. When it became clear you were going to face punishment for the attacks, did you think it would mean jail time? They raided me in March of 2007 right after spring break. They took some computer stuff and took my roommate’s stuff and had three agencies do the raid (FBI, Secret Service, Homeland Security) all with guns pointed right at my head. They brought me into a room and said “if you help yourself now it will be easier at sentencing.” I didn’t answer any questions. They released me and didn’t say much. I was scared shitless after that. I didn’t know what to do. I remember now going to a class after the raid to take a math test and was shaking so bad. About one day later, they expelled me from the school, even though I was not charged with anything yet. I moved back home and then contacted the Federal Public Defenders office in Cleveland and was assigned a lawyer. He said cases like mine take time and to stay out of trouble and he would get back to me. I moved back home and got a job working as a carpet-cleaning technician. From 2007 and on, I tried to live a normal life but had that fear that something was coming. I ended up meeting my wife. We fell in love and she got pregnant in December of 2009. Around May of 2010, my lawyer said I randomly received a judge and that it didn’t look good because of her previous sentencing history. I was hoping for maybe a small amount of time or probation, considering I did not get arrested at the time of the raid in March 2007 and had not yet. I was living in fear for almost 4 years, not going to friends or out to parties and all that. The judge ended up giving me 30 months and tried to place me under arrest right at the sentencing hearing. When she did this, it took the prosecutor and my lawyer to walk up to the bench and say I am not a flight risk with a newborn on the way and I knew about these potential charges for three years, so why couldn’t I self-report? She finally agreed to let me self-report so I can tie up some things with my family before my time. There was some debate after your sentencing about whether or not the penalty was too harsh. Do you think it was too extreme? Way too extreme. Who was the victim? Yes, a couple of people had their servers down for a small period of time, but the jacked-up estimates of the damages were over inflated. Example: they said it took $10,000 for them to press one button on one switch to get access back to the network. The reasoning for the sentence has to do with amount of money lost, etc. Bill O’Reilly said he needed to spend $300,000 to upgrade his systems. My lawyer did not fight or really look into their claims of money loss. I think they should of come to some plea with me within a year of the initial raid so I could of dealt with this problem and moved on with my life. Maybe do 3-4 months in some low-security prison and some intensive probation would have been the same. Now it will end up costing me about 10 years of my life — 2006 started it and by the time I’m off probation it will be 2016. All for taking some servers offline. You tell me: is that fair? What has this experience taught you? The experience is not over yet and is far from. I have learned to keep to myself when I see something unjust or unfair or unbalanced all I can do is stay clear of it and talk to people I know or influence and explain my point of view without any damages, physical or monetary. Last year, there was a lot of sadness and discussion around the suicide of Reddit co-founder Aaron Schwartz. As you know, Schwartz was facing a trial after being arrested on allegations of breaching a computer network to download millions of pages of documents kept at MIT. Many feel he was being too harshly prosecuted for the crime and it drove him to suicide. What are your thoughts on that, having faced a sentence yourself? I am very familar with Aaron Schwartz. Did you know he chose to take his case to trial because he was not guilty? He was murdered and it was made to look like a suicide. Who would ignore a plea deal with no jail time, wait for trial and then commit suicide? All he did was download some stuff from the MIT library — most of it was like 30 years old. He was prosecuted because of his ties to a grassroots movement for Internet freedom. What’s next for you? What are you plans for the future? I am rebuilding my life the best I can for having limited resources. I was released Election Day 2012. I was stuck living in a halfway house in the slums of Toledo, Ohio. Then I had to go up the chain of the BOP and the halfway house to get released to home detention. That took about 2.5 months. I started probation on March 8th, 2013. I work at a small store in a town where my wife’s parents let us live in a rental, so we pay them what we can. I pretty much cannot go to school because I owe so much to U of Akron and I have $50,000 in fines and restitution. They take a percentage of my pay each check to give to Bill O’Reilly. I guess when you’re worth $50 million, why not ruin some guy’s life and future and suck every check he makes? I guess my life is not going anywhere until I am off probation. I would like to be a wireless network security consultant, or a real news reporter for the independent media. I will continue to try and make my son and wife’s life the best I can for the position I am in. Source: http://www.computerworld.com/s/article/9245624/Why_I_did_it_Former_hacker_Mitchell_Frost_explains_his_motivation?source=rss_latest_content

View article:
Former hacker Mitchell Frost explains his motivation for launching a DDoS attack