14 comments

[ 3.5 ms ] story [ 19.6 ms ] thread
The web has become a very crazy place. I'm not sure I'm able to tell Neal Stephenson novels and reality apart anymore.
As usual, you can distinguish reality because it is the less believable of the two.
I have some experience managing servers that were targeted by script kiddies using services like this. Dealing with the attacks is usually pretty simple due to clear ways to identify the traffic (i.e. the bots all have the same useragent). However, if they're powerful enough to fully saturate your connection, you're going to have a tougher time. It's great that sysadmins can mostly get away with just paying for CloudFlare, nowadays.

What actually surprises me more about this article is that he is operating in the United States. However, I'm not sure the value of an "FBI backdoor" in this situation. People "renting a botnet" are not usually important people that I'd think the FBI should be spending their budget on.

There were some interesting comments below the post hinting that a lot of these services are themselves using CloudFlare to protect against being taken out by their competitors. The advantage to CloudFlare apparently being that these booters also drive more users to their own services.
The "admission of guilt" came after krebs needled the "suspect?" incessantly via his personal facebook chat about the illigitimacy of his business.

Does anybody else think that Poland was just trolling krebs at this point?

Krebs continues... "When I asked Poland to provide more information that I might use to verify his claims that he was working for the FBI, the conversation turned combative,"

I am pretty sure that Poland was already in full on defense mode when he told krebs he worked for the FBI.

EDIT: Jesus christ Krebs... Seriously? "The victims can see the ragebooter.net username of the logged in attacker because that info is, bizzarely, sent within attack traffic."

If that isn't a blatant example that the company isn't trying to hide anything, and that you're being an unlrelenting paranoid security "expert" I don't know what is.

Leave this man and his business alone. Just because he doesn't fit your definition of being moral and just doesn't mean you should write up a witch hunt about him on your blog.

Yep and this "blogger" just lost any chance he had of having other people trust him with their information in the future. The article would have been fine without revealing that guy's identity and a picture of his naked back.
It seems pretty clear that this guy was running a dime-a-dozen "buy a ddos" service and was caught by the FBI due to very lax security - like openly posting name/work/age/city. According to a post on webhostingtalk [1] on Dec 10 2013, he may also control the hosting for viphackforums.net.

His story ("now working for the FBI") superficially checks out - there is a Special Agent Stephen Lies who works at the Memphis, TN FBI branch. Here is a similar op this agent took part in: https://www.commercialappeal.com/news/2007/oct/10/predators-...

1. https://www.webhostingtalk.com/showpost.php?p=8462751&po...

And is it really necessary for Krebs to post private conversations about the 22 year old's depression? At what point is this even about security? Krebs's blog is starting to look more like tabloid journalism.
Personally I was disgusted by Krebs' level of tact in "researching" this entire article.
I don't understand how you can run a illegal service and use similiar pseudonyms and @gmail.com or @live.com e-mail addresses. Reminds of these excellent slides for opsec: http://slideshare.net/grugq/opsec-for-hackers

There are similiar services available as tor hidden service where you can pay with bitcoin.

But I really don't understand why would anyone use this? Is this some form of blackmailing for buisnesses that need to be online to generate money?

(comment deleted)