Feeds

Hacker cops to $70k botnet rampage

'I'll take 2 years in the clink'

Protecting users from Firesheep and other Sidejacking attacks with SSL

A 21-year-old American has admitted to using a potent botarmy to wage a relentless campaign of destruction on two volunteer websites as part of a scheme to punish the operators for behavior he thought was unfair.

Gregory C. King, of Fairfield, California, pleaded guilty Tuesday to two felony counts of transmitting code to cause damage to protected computers. King, an irascible hacker who used monikers including Silenz, SilenZ420 and Gregk707, faces a maximum of 20 years in federal prison and a fine of $500,000, although his plea agreement calls for him to spend two years behind bars and pay restitution to his victims. Sentencing is scheduled for September 3.

King's distributed denial-of-service (DDoS) attacks on CastleCops and KillaNet Technologies were so potent that the sites and their service providers sustained as much as $70,000 in damage, according to court documents. Unlike more sophisticated hackers who take pains to cover their tracks, King frequently taunted his victims in online chat rooms even as he flooded their servers with as much as 1 gigabyte of data per second.

"My good friend's ISP shut him over this fucking post," a user by the name of SilenZ wrote in a CastleCops forum in February 2007, just minutes before a DDoS attack brought it down. "I have the right to be angry."

Volunteers at CastleCops, a watchdog computer-security website, spent the next five days trying to deflect the assault.

King's DDoS activities date back to at least 2003, according to KillaNet owner Tami Quiring, when a 17-year-old King perpetrated an especially nasty electronic assault known as a smurf attack on her site. King struck at Quiring again in December of 2004, shortly after FBI agents had raided King's home.

King's arsenal included a 7,000-node botnet that he misappropriated from another bot herder, according to court documents. At times, he used his father's DSL connection to unleash the attacks. Other times, he launched them from a near-by Best Buy store or a McDonald's restaurant.

Upon learning of Tuesday's guilty plea, Quiring said she had "mixed feelings."

"We're glad that it's over but two years [sentence] after four years of hell, and the amount of money that his actions cost us, is somehow not equaling up," she said.

Quiring recounted the years she and her coworkers spent trying to insulate themselves from King's rampage. They tried befriending him, and when that didn't work, they spent countless hours working with law enforcement agencies to track him down and charge him.

Still, she said she feels something approaching satisfaction to know that her ordeal with King is over.

"We told Greg a long time ago that he was taking on the wrong people and I guess we proved it," she said. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.