Alleged Proprietors of 'DDOS For Hire' Service vDOS Arrested

Long-time Slashdot reader pdclarry writes: Brian Krebs reports that the two youthful (18-year-old) alleged proprietors of vDOS, the DDOS service have been arrested in Israel on a complaint from the FBI. They have been released on $10,000 bond each, their passports lifted, and they have been placed under house arrest, and banned from using the Internet for 30 days. They were probably identified through a massive hack of the vDOS database recently [reported Friday morning on Slashdot].

Krebs also reports that vDOS's DNS addresses were hijacked by the firm BackConnect Security to get out from under a sustained DDOS attack, and that his site, krebsonsecurity.com has been under a sustained DDOS attack since his last article was published, with the packets containing the string "godiefaggot". Those attacks continue, but, as he has been the target of many DDOS attacks in the past, he's covered by a DDOS protection firm. The two teenagers coordinated more than 150,000 denial-of-service attacks over the last two years, according to Krebs, using at least four servers in Bulgaria.

Re:What a legend

[Gumbercules!!]

Actually the guy is a pretty good journalist - unlike most he doesn't just cut and paste from another source and turn up for his paycheque. He's also pretty fearless and done some real investigations. I like him.

Re:What a legend

[Anonymous Coward]

Seriously, I don't get the hate Krebs seems to get from the general public. The guy does in-depth analysis of different criminal rings and scams and posts in scathing detail on his website. If he was so ineffectual or not a big deal, you wouldn't have these criminal rings constantly trying to take him down. Whether its targeted attacks on his website or even attacks against him personally (some of his enemies even tried to frame him for possession of heroin but Krebs discovered and foiled the plot), they obviously don't like the light he's throwing on the whole shady scene. More power to him and I can't wait to see what he reveals next.

Re:

[Sun]

Use of Internet is less a fundamental right than freedom of movement, and that has also been limited for them. That is what you do when you catch criminals. You limit their freedom.

Shachar

Re:

[D00MSlayer]

Keep fucking that chicken, AC.

Re:

[Anonymous Coward]

On the bright side they don't support censorship :)

Re:

[Sun]

So how do you explain the fact they were arrested? Is it so incomprehensible to you that and Israeli may be an asshole without being an agent of the state of Israel?

Shachar

Re:

[Sun]

I will say one thing in your favor. Your inability to distinguish private and state actors isn't limited to Israel.

The US did not spot them. A security researcher did.

Shachar

Re: Israelis?

[Luthair]

They apparently also did not ddos Israeli targets rather international ones.

Re:

[Aighearach]

Jewish rights were legally acknowledged in England in 1215 in the Magna Carta.

It is funny that you don't know it, but anywhere you had Lords you had to have Jews because the Lords were all Christians, and forbidden to collect interest on loans. Guess what, rich people don't loan out their money without interest! So it was a basic part of the governance of nations to insure that there were enough Jews in each area to keep the economy going. You can find times where some idiot tried to cause them problems, bu

Re:

[D00MSlayer]

You're more annoying than a spambot

What a Surprise

[Anonymous Coward]

Once again we see a couple script kiddies who thought they were such hot poop for being able to crash a couple servers get what they deserve.

They wanted to so desperately be some hotshot badass criminals? Well wish granted.

The fewer teenage imbeciles we have running around with rebranded LOICs, giving actual hackers and penetration testers a bad name in the process, the better.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[pdclarry]

No that's called farming STDs.
These kids got off so easy, they made 600k in 2 years so it isn't hard to see how they made that whimsy 10k bond. And 30 day ban from the net. Just LOLs for these kids, now they have more street cred.

They haven't gotten off. They were arrested, posted bail, and had restrictions placed on them including the 30 day ban, lifting their passports and house arrest, presumably pending the next court appearance. There's more to come.

Re:

[Aighearach]

You make the same strange slander as the summary. I doubt their passports were "lifted," they were much more likely confiscated.

Re:

[Aighearach]

"No, that wasn't it. Nope, that wasn't it either." You shouldn't have to test that.

How long have they been active?

[Vlad_the_Inhaler]

I read the article here a couple of days ago where he "outed" the pair and got the impression that vDOS had been active for more than just two years.

Brian Krebs writes that he has obtained the hacked database of an Israeli company that is responsible for most of the large-scale DDoS attacks over the past (at least) 4 years.

They are 18 now? Most of their misdeeds would have been performed as minors, and I'm a bit sceptical that they started when they were (at most) 14.

Re:

[drinkypoo]

They are 18 now? Most of their misdeeds would have been performed as minors, and I'm a bit sceptical that they started when they were (at most) 14.

It doesn't matter; they can and probably will be tried as adults for the lot of it. That whole "minor" thing means exactly fuck. We expect children to behave responsibly but we give them no rights, then are surprised when they don't behave the way we like.

Sucks to be an Israeli

[h33t l4x0r]

Any other country within 1000Km of Israel would tell the FBI to go screw.

Re:

[golodh]

No other country within 1000 Km of Israel depends quite so much on US good will for its survival.

Re:

[h33t l4x0r]

Thanks for the clarification, Captain Obvious.

Re:

[Sun]

Maybe. The countries immediately surrounding Israel either have bigger issues to deal with, or don't have a very good rule of law.

How is that a good thing, though?

Shachar

Re:

[h33t l4x0r]

For an 18 yr old hacker? It's a fucking great thing, dummy.

Re:

[h33t l4x0r]

Since when is DDOSing considered hacking?

How big is your botnet? You clearly don't know anything.

What I miss here ...

[golodh]

What I miss in this thread is are excited posts from Angry White Men or Libertarians telling us that this is Yet Another Example of "Da Gubbamint" stifling private anterprise and a ploy to promote Big Government.

What happend to those good folks?

Busy? Distracted? Overslept? Tired? Despirited? Think they're all right? Should we worry?

DNS vs BGP

[SilentChasm]

Krebs also reports that vDOS's DNS addresses were hijacked by the firm BackConnect Security to get out from under a sustained DDOS attack

According to the article it was a BGP (ie IP address) hijacking not a DNS hijacking. DNS isn't even mentioned at all in the article aside from a phone number in a domain registration found to match one obtained from the hack.

Re:

[Sun]

Haven't read the post, but if you use BGP to hijack the IPs on which the DNS reside, then you have hijacked the DNS. A literal reading of the sentence you quote supports that theory, IMHO.

Shachar

Whipping's Too Good For Them!

[Toad-san]

Why does everyone treat these DDOS attacks (and other cyber threats) so lightly? These two punks get a slap on the wrist, and it just goes on and on! There are significant effects from these threats, you know; not just some bank inconvenienced for a day or so, or the release of a new computer game being spoiled.

Public whipping would be nice, actually. I stop short at firing squads .. barely.

Re:

[Northdot]

The point is, it is not a small crime. This wasn't a couple of kids with a can of spray paint. They were running a criminal enterprise for an extended period of time, causing damage to many businesses and individuals.

Several years in prison is appropriate, and would send the correct message.