Feeds

Portrait of an (alleged) cyber bully as a young man

Accused CastleCops nemesis didn't get mad. He got bots.

The Essential Guide to IT Transformation

Alias: The Belgian Bean Farmer

According to CastleCops logs, the SilenZ account was activated by someone who used the email address silenz420@gmail.com and the MD5 value for his password matched the encryption string for "1fuckhead." CastleCops located the command and control for the offending botnet to an IP address that resolved to the domain name beanfarmer.be, a site that is registered to a Greg King, according to DNS records.

Previous IP addresses for the domain resolved to SBC IP addresses beginning with "71.132," the same initial digits for addresses frequently assigned to King when he was using his parents' DSL service.

Beginning in August of 2004, according to court documents, someone using the name Greg began a series of chats via IRC with people responsible for running myg0t, which bills itself as an online gaming authority. Greg said he was responsible for prior attacks on the myg0t website and then announced he would initiate new attacks on myg0t's IRC board as well.

Eventually, Greg said he would suspend the DDoS assault if officials posted an apology for "myg0t being the asses we are." Greg listed his email address as gregk707@yahoo.com.

Big Mac, Filet-O-Fish, Quarter Pounder, Botnet

After authorities seized King's computers in December 2004, he began using computers at the Solano County Library and a Best Buy store. According to evidence Quiring provided authorities, six of the attacks on KillaNet were carried out by someone accessing the library computers.

Someone using the alias SilenZ who chatted via MSN messenger with a KillaNet administrator later admitted to using McDonald's for an internet connection, then began discussing the FBI raid on his parents' house.

"I denied dong the attacks but told them where my botnets were," according to a log of the session. "I dont see what they expect, not like i robbed their house, i just took their server offline for a few hrs."

The web is also rife with posts, some of them abusive, from an individual who goes by the handle gregk707. This thread from the Fairfield High School AP Calculus Homepage, for example, contains a comment that repeats itself 13 times.

"My ip does happen to be logged, And u wont do shit," the May, 2005 post reads. "Can u ban me from posting? NOPE and do u know why? BECAUSE IT IS DYNAMIC, anytime i get off the internet it changes. SO ALL I HAVE TO SAY IS FUCK YOU HAVE A NICE DAY."

Herd Mentality

King acknowledged to The Reg that several years ago he maintained a botnet, which he says he stole after discovering the command and control center used by a bot herder. While the zombie network originally contained about 30,000 nodes, he only managed to take control of somewhere between 7,000 and 12,000 of them, he said. He surrendered the botnet when authorities searched his parents house in 2004, he said.

He confirmed that the email address gregk707@yahoo.com is his and also admitted to using the computers at the Solano County Library and Best Buy. But he declined to say exactly what he did with them, under advice from his attorney. He also declined to say if he's ever carried out a DDoS attack or discuss specific allegations contained in court documents.

"A lot of this was so long ago, I don't even remember it," he said.

Indeed, many of the alleged attacks occurred more than three years ago. But with signs that botnet herding and other types of cybercrime are only getting worse - the FBI, for example, recently logged its millionth bot-infected IP address - federal law enforcers want to send a message that online miscreants will be sought out and prosecuted.

"What bot herders or potential bot herders need to worry about is that even years after they do a DDoS attack they may wind up under arrest, long after they thought it was all over," said Matthew Segal, the assistant US attorney who is prosecuting King. "We do this to deter this kind of conduct and also because we believe in retributive justice." ®

If you have tips, story ideas or inside scuttlebutt about this or any other security-related story, please send them to Dan Goodin using this link.

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.