The Korean Times reports the arrest of a pair of hackers over the weekend on DDoS charges.
According to prosecutors, the pair, Lee and Park, operated a gambling website on behalf of a crime gang. In an effort to boost traffic to their own site, they used a 50,000-strong botnet to overload 109 rival sites during November and December 2010.
A botnet, of course, is a collection of malware-infected computers (often called “zombies“) which can remotely be instructed to initiate network-related activity. Sending spam is a common criminal task for which zombies are used; visiting targeted websites deliberately to waste their bandwidth is another.
Since most web requests look alike, distinguishing the web hits of malevolent time-wasters from those of potential customers can be tricky. Sites which don’t usually get a large number of simultaneous requests often aren’t built to sustain heavy load.
Prosecutors also allege that Lee, who runs a server rental company – ironically the sort of outfit to which many websites outsource their operation, assuming that cloud-style services are better placed to resist attacks – DDoSed a prospective customer in retaliation for not signing up with him.
Some simple warnings come out of this:
* Make sure your PC isn’t infected with malware. Otherwise, it might be aiding and abetting criminal activity. In most countries, you can’t yet be prosecuted for unknowingly having a zombified computer, but you may get cut off by your ISP – and quite rightly, too! The “offence” will be that you failed to act for the greater good of everyone else on the internet.
* If you’re flirting with joining the ranks of the cybervandal group Anonymous when it urges people to join in DDoS attacks, typically in an effort to deny free speech in an effort to protest the denial of free speech, don’t assume that you won’t get caught. And don’t expect much sympathy if you do.
* DDoSing a prospective customer is a high-risk sales technique.
3 comments on “Korean DDoS arrests – be warned, you can be caught”
How are these “zombies” installed on a
foreign computer ? what’s the common task and how can I
avoid it ? thanks
Computers get turned into a "zombie" (or part of a botnet) by becoming infected by a piece of malware. Ways in which your computer could become malware infected by opening a dangerous email attachment, or being tricked into clicking on a malicious link.
It's a good idea to be careful about what code you run on your computer, and ensure that it is kept up-to-date with anti-virus software and security patches.
Hmmm, I don't know what happened exactly prior to the DDoS attacks, but it must have been pretty bad for them to get arrested and make national news.