Aussie Blogger Hit With DDoS Death Threats

mask.of.sanity writes "An Australian blogger who blew the lid on emerging domain-name fraud campaigns has received death threats from the scammers. His blog and domain parking company are still being hit with a large distributed denial of service attack that has the death threats embedded as HTML links within its logs. Australia's government CERT team and the U.S. Secret Service (blog servers were hosted on U.S. soil) are pursuing the botnet's command and control servers. Ten days later, the victim is still being attacked and is fighting a cat-and-mouse game as IP address ranges change."

Re:Aren't IPs good enough to identify someone?

[julesh]

If they can sue based on IP, why can't they get the names and addresses of everyone involved?

FTFA:

Scammers would change their origin of attack to evade blocking and Gilmour would respond in kind.

In the last hour, the attacks have moved to Indonesia where some 28,000 unique IP addresses are attacking his sites every few minutes.

So you're suggesting he sues 28,000 indonesians? And then when the botnet operator switches to a different IP range, another few thousand people of some other nationality. And then another, and another. And you think that's going to work because...?

It's illegal to leave your car running attended because it's an attractive nuisance.

Maybe where you live it is. I can assure you it isn't where I am. Which is the problem: laws work differently in different countries. Sometimes even in different regions of the same country. The Internet is international. Even if some jurisdictions have laws that you can use against attacks like this, not all do. And that just means the attackers will end up working from those that don't.