Korean DDoS arrests - be warned, you can be caught

Filed Under: Denial of Service, Law & order, Malware

The Korean Times reports the arrest of a pair of hackers over the weekend on DDoS charges.

According to prosecutors, the pair, Lee and Park, operated a gambling website on behalf of a crime gang. In an effort to boost traffic to their own site, they used a 50,000-strong botnet to overload 109 rival sites during November and December 2010.

A botnet, of course, is a collection of malware-infected computers (often called "zombies") which can remotely be instructed to initiate network-related activity. Sending spam is a common criminal task for which zombies are used; visiting targeted websites deliberately to waste their bandwidth is another.

Since most web requests look alike, distinguishing the web hits of malevolent time-wasters from those of potential customers can be tricky. Sites which don't usually get a large number of simultaneous requests often aren't built to sustain heavy load.

Prosecutors also allege that Lee, who runs a server rental company - ironically the sort of outfit to which many websites outsource their operation, assuming that cloud-style services are better placed to resist attacks - DDoSed a prospective customer in retaliation for not signing up with him.

Some simple warnings come out of this:

* Make sure your PC isn't infected with malware. Otherwise, it might be aiding and abetting criminal activity. In most countries, you can't yet be prosecuted for unknowingly having a zombified computer, but you may get cut off by your ISP - and quite rightly, too! The "offence" will be that you failed to act for the greater good of everyone else on the internet.

* If you're flirting with joining the ranks of the cybervandal group Anonymous when it urges people to join in DDoS attacks, typically in an effort to deny free speech in an effort to protest the denial of free speech, don't assume that you won't get caught. And don't expect much sympathy if you do.

* DDoSing a prospective customer is a high-risk sales technique.

, , , , , , ,

You might like

3 Responses to Korean DDoS arrests - be warned, you can be caught

  1. Manuel · 1728 days ago

    How are these "zombies" installed on a
    foreign computer ? what's the common task and how can I
    avoid it ? thanks

    • Computers get turned into a "zombie" (or part of a botnet) by becoming infected by a piece of malware. Ways in which your computer could become malware infected by opening a dangerous email attachment, or being tricked into clicking on a malicious link.

      It's a good idea to be careful about what code you run on your computer, and ensure that it is kept up-to-date with anti-virus software and security patches.

  2. Hmmm, I don't know what happened exactly prior to the DDoS attacks, but it must have been pretty bad for them to get arrested and make national news.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog