Feeds

Hacker cops to $70k botnet rampage

'I'll take 2 years in the clink'

High performance access to file storage

A 21-year-old American has admitted to using a potent botarmy to wage a relentless campaign of destruction on two volunteer websites as part of a scheme to punish the operators for behavior he thought was unfair.

Gregory C. King, of Fairfield, California, pleaded guilty Tuesday to two felony counts of transmitting code to cause damage to protected computers. King, an irascible hacker who used monikers including Silenz, SilenZ420 and Gregk707, faces a maximum of 20 years in federal prison and a fine of $500,000, although his plea agreement calls for him to spend two years behind bars and pay restitution to his victims. Sentencing is scheduled for September 3.

King's distributed denial-of-service (DDoS) attacks on CastleCops and KillaNet Technologies were so potent that the sites and their service providers sustained as much as $70,000 in damage, according to court documents. Unlike more sophisticated hackers who take pains to cover their tracks, King frequently taunted his victims in online chat rooms even as he flooded their servers with as much as 1 gigabyte of data per second.

"My good friend's ISP shut him over this fucking post," a user by the name of SilenZ wrote in a CastleCops forum in February 2007, just minutes before a DDoS attack brought it down. "I have the right to be angry."

Volunteers at CastleCops, a watchdog computer-security website, spent the next five days trying to deflect the assault.

King's DDoS activities date back to at least 2003, according to KillaNet owner Tami Quiring, when a 17-year-old King perpetrated an especially nasty electronic assault known as a smurf attack on her site. King struck at Quiring again in December of 2004, shortly after FBI agents had raided King's home.

King's arsenal included a 7,000-node botnet that he misappropriated from another bot herder, according to court documents. At times, he used his father's DSL connection to unleash the attacks. Other times, he launched them from a near-by Best Buy store or a McDonald's restaurant.

Upon learning of Tuesday's guilty plea, Quiring said she had "mixed feelings."

"We're glad that it's over but two years [sentence] after four years of hell, and the amount of money that his actions cost us, is somehow not equaling up," she said.

Quiring recounted the years she and her coworkers spent trying to insulate themselves from King's rampage. They tried befriending him, and when that didn't work, they spent countless hours working with law enforcement agencies to track him down and charge him.

Still, she said she feels something approaching satisfaction to know that her ordeal with King is over.

"We told Greg a long time ago that he was taking on the wrong people and I guess we proved it," she said. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.