# London Teen Charged in Connection with Massive Spamhaus DDoS Attacks



## MannDude (Jul 1, 2014)

Read more here: http://www.thewhir.com/web-hosting-news/london-teen-charged-connection-massive-spamhaus-ddos-attacks#vpsboard



> A London teenager has been charged with computer misuse, fraud and money laundering offenses in connection with the massive DDoS attack against anti-spam organization Spamhaus last year.
> 
> According to the UK’s National Crime Agency, the 17-year-old male was arrested in April 2013. Police seized a number of electronic devices at the time of the arrest.
> 
> The male (name withheld since he is a minor) was bailed to appear at Camberwell Green Youth Court on Monday.


Another example of playing stupid games and winning stupid prizes. Happy to see that there are consequences to such attacks being dished out. Wonder if the teen was a member of any of the community forums? (vpsB/LET/WHT)


----------



## ChrisM (Jul 1, 2014)

MannDude said:


> Wonder if the teen was a member of any of the community forums? (vpsB/LET/WHT)


Wouldn't surprise me if he is related to a provider who advertises on those forums.


----------



## KuJoe (Jul 1, 2014)

EDIT: Nevermind, I noticed the article said he was arrested in 2013.


----------



## drmike (Jul 1, 2014)

Me, I wonder if this lad is the same person that was railing against Spamhaus a week or two ago on LET.   Posted a semi-alright long post, but went off the rails (which I can sympathize with).

There was a thread labeling Spamhaus a criminal organization and someone posted it to Reddit.... oolala...

Just shows the slow moving arms of justice...


----------



## Flapadar (Jul 1, 2014)

drmike said:


> Me, I wonder if this lad is the same person that was railing against Spamhaus a week or two ago on LET.   Posted a semi-alright long post, but went off the rails (which I can sympathize with).
> 
> There was a thread labeling Spamhaus a criminal organization and someone posted it to Reddit.... oolala...
> 
> Just shows the slow moving arms of justice...


The arrest was carried out last April (2013) so that will be someone else. The person who made that post is likely the main operator of "stophaus".

I think I know who this guy is. I've cross checked the supposed most accurate address for him and it's 2.3 miles away from the court that he's set to appear at - his nearest court. Not going to post more details to avoid stirring the pot until I'm sure myself.


----------



## fixidixi (Jul 1, 2014)

to be honest i really hate spamhaus as they blacklist you in no-time and if you arent a big-shot (provider) you wont get an anwser from them EVER. ive been black-listed by them simply because ive sent newsletters to a huge number of accounts.. in the end ive payed for mailchimp...


----------



## D. Strout (Jul 1, 2014)

fixidixi said:


> to be honest i really hate spamhaus as they blacklist you in no-time [...] ive been black-listed by them simply because ive sent newsletters to a huge number of accounts


Where does SpamHaus even get it's info? End-user reports? Honeypot e-mail addresses?


----------



## drmike (Jul 1, 2014)

D. Strout said:


> Where does SpamHaus even get it's info? End-user reports? Honeypot e-mail addresses?


That's a good question....

I went looking... not a ton jumping out in search...

This one is vague, but long and good:

http://www.mailchannels.com/blog/2013/03/fifty-questions-for-spamhaus-with-our-answers/

TL;DR, honeypots and fake email accounts created precisely as baited traps.   They say they never use any email account ever used by any user.  So I assume the accounts may be identifiable to some degree, at least a subset of them that are too complex for anyone to use as email, involve nuts characters in certain order, etc.

They also mention newly issued IP ranges are demoted and scrutinized greater...


----------



## Flapadar (Dec 14, 2014)

Flapadar said:


> The arrest was carried out last April (2013) so that will be someone else. The person who made that post is likely the main operator of "stophaus".
> 
> I think I know who this guy is. I've cross checked the supposed most accurate address for him and it's 2.3 miles away from the court that he's set to appear at - his nearest court. Not going to post more details to avoid stirring the pot until I'm sure myself.


I've just got confirmation it was the guy I thought it was. Seth, the individual known for creating a cheat for Garry's Mod called SethHack. Article has his first name wrong. Plead guilty to all charges. 

http://krebsonsecurity.com/2014/12/spamhaus-cloudflare-attacker-pleads-guilty-to-computer-abuse-child-porn-charges/


----------



## rds100 (Dec 14, 2014)

MannDude said:


> Wonder if the teen was a member of any of the community forums? (vpsB/LET/WHT)


http://www.lowendtalk.com/profile/30059/superpilesos


----------



## Flapadar (Dec 14, 2014)

MannDude said:


> Wonder if the teen was a member of any of the community forums? (vpsB/LET/WHT)


https://www.webhostingtalk.com/member.php?u=392310


----------



## Steven F (Dec 14, 2014)

Why does the article title contain "child porn"?


----------



## TurnkeyInternet (Dec 14, 2014)

I wish there were far more severe consequences than just slaps on the wrist, maybe 6 months of suspended sentences etc for cyber crimes,  There really is little deterent, but its nice to see they got one fish.


----------



## Flapadar (Dec 14, 2014)

Steven F said:


> Why does the article title contain "child porn"?


Did a little digging and the author was going to mention the CP charges, but decided it wasn't really relevant to the article he wrote.

https://twitter.com/briankrebs/status/544167404386152448


----------



## Flapadar (Jan 9, 2015)

He's now been sentenced, however its not public record what he's been given. It looked like prosecution were pushing the money laundering side hardest rather than computer misuse or CP, judging by the court records.


----------



## HostAg (Jan 9, 2015)

I think they hired him for the government cyber division. I see the British using every asset they have.


----------



## William (Jan 9, 2015)

As far as i know Sven (the owner of Cyberbunker, "President of Republic Cyberbunker" and owner of Stophaus) is still in jail in Spain awaiting extradiction to the Netherlands (which is unlikely to happen as he seems to have Spanish citizenship)


----------



## Flapadar (Jan 9, 2015)

William said:


> As far as i know Sven (the owner of Cyberbunker, "President of Republic Cyberbunker" and owner of Stophaus) is still in jail in Spain awaiting extradiction to the Netherlands (which is unlikely to happen as he seems to have Spanish citizenship)


Wasn't Sven Spamdrew Stephens' partner in crime, with spamdrew being the main only face behind stophaus?


----------



## drmike (Jan 9, 2015)

TurnkeyInternet said:


> I wish there were far more severe consequences than just slaps on the wrist, maybe 6 months of suspended sentences etc for cyber crimes,  There really is little deterent, but its nice to see they got one fish.


I think they ought to sentence desktop terrorists to 6 months of hard labor followed by a bootcamp and after that perhaps they carrot dangle some government consulting / employment.   These lads all need some discipline and timeouts to do bigger worldview.


----------



## jarland (Jan 10, 2015)

More arrests for DDOS attacks please. In a world where the internet becomes so increasingly relevant to every day life, one person deciding to forcefully bend it to their will is not acceptable. Spamhaus tries to bend the internet to their will, but no one forces people to use them. A DDOS attack is designed to remove choice and force peoply to comply. It is extremely childish.


----------



## RTGHM (Jan 10, 2015)

jarland said:


> More arrests for DDOS attacks please. In a world where the internet becomes so increasingly relevant to every day life, one person deciding to forcefully bend it to their will is not acceptable. Spamhaus tries to bend the internet to their will, but no one forces people to use them. A DDOS attack is designed to remove choice and force peoply to comply. It is extremely childish.


I'm going to have to disagree with your statement here. Sure DDOS attacks are mostly childish, however you have to remember at one point in time they were ruled (I believe it was Germany) as a *legal* form of *protest* - now it's been misused and is no longer declared that, however in my mind I believe it can be used as a form of protest. Now law enforcement tries to regulate it, however I believe if it's for a good cause, then it shouldn't be illegal. For example, I wouldn't get mad if the NSA went offline as a form of protest against PRISM.


----------



## Flapadar (Jan 10, 2015)

RTGHM said:


> I'm going to have to disagree with your statement here. Sure DDOS attacks are mostly childish, however you have to remember at one point in time they were ruled (I believe it was Germany) as a *legal* form of *protest* - now it's been misused and is no longer declared that, however in my mind I believe it can be used as a form of protest. Now law enforcement tries to regulate it, however I believe if it's for a good cause, then it shouldn't be illegal. For example, I wouldn't get mad if the NSA went offline as a form of protest against PRISM.


My problem with that is - how many intermediary networks might be affected by such an attack? For example, Seth's attack this thread is about knocked LINX out for a while.



It's no good calling it protesting if there's tonnes of collateral damage.


----------



## RTGHM (Jan 10, 2015)

Flapadar said:


> My problem with that is - how many intermediary networks might be affected by such an attack? For example, Seth's attack this thread is about knocked LINX out for a few minutes.
> 
> 
> 
> It's no good calling it protesting if there's tonnes of collateral damage.


I don't believe collateral damage is a big issue to be quite honest.


----------



## Flapadar (Jan 10, 2015)

RTGHM said:


> I don't believe collateral damage is a big issue to be quite honest.


Once you are part of the collateral damage you might think differently... 

Unless of course, you like being woken up at 4AM by a "everything's down" alert, just because someone thought one of your clients was worth "protesting" against? I think you'd be a minority there though.


----------



## RTGHM (Jan 10, 2015)

Flapadar said:


> Once you are part of the collateral damage you might think differently...
> 
> Unless of course, you like being woken up at 4AM by a "everything's down" alert, just because someone thought one of your clients was worth "protesting" against? I think you'd be a minority there though.


Sure, I don't mind, that's just assuming the denial of service attack is large enough to pass through the filters I have in place.

We use OVH, Voxility to filter out unwanted trash.


----------



## jarland (Jan 10, 2015)

RTGHM said:


> I'm going to have to disagree with your statement here. Sure DDOS attacks are mostly childish, however you have to remember at one point in time they were ruled (I believe it was Germany) as a *legal* form of *protest* - now it's been misused and is no longer declared that, however in my mind I believe it can be used as a form of protest. Now law enforcement tries to regulate it, however I believe if it's for a good cause, then it shouldn't be illegal. For example, I wouldn't get mad if the NSA went offline as a form of protest against PRISM.


You can call it that if you want (and I recognize that you note the difference between misuse and what you see as appropriate use) but when you take away choices you're not protesting anymore, you're declaring war on that entity. Shutting off the electric grid, cutting cables, these could be forms of protest too if you wanted to call direct action against someone that forces them into a certain state without any choice from them or the consumers a protest. It does nothing to make it look any better. That's nothing like any protest I've ever been a part of or ever will be.


I mean a car bomb can be a protest, doesn't make it right and shouldn't be compared to a peaceful protest by any means. Non peaceful protest is, in my opinion, in opposition of a civilized culture. Because you disagree with someone is no reason to call it a right to force them to stop what they do.


If you feel so strongly about something that someone else is doing that you think you have a right to employ forceful tactics to stop them, we've had a word for that for centuries and its called war. We're just at a very unfortunate time in history where a kid with his mommy's credit card can do it. That it's easy and cheap doesn't make it right. That it has no body count is pretty much the only positive thing I can say about it, but still not enough to justify it.


----------



## drmike (Jan 10, 2015)

DDoS had a run as a protest method.  It was alright at the onset.  Now though, it's too disruptive, too often in disruptions and more common than someone threatening to come over and punch you in the mouth.

What is going to happen inevitably and should have already is infrastructure like these major networks, peer exchanges, etc. are going to fall under government regulation as  controlled critical infrastructure.  I mean much of it already is, was funded by, given government handouts for, monitored by, etc.

As much as I hate regulations, the internet really - the means of accessing it - is a utility.

As with most internet things, we have remained in the early Wild West stage far too long.

I'm all for protesting, activism, etc. DDoS does little big picture and collateral damage is way too messy.  No one has died from network mass failing, yet.   Hopefully no one ever does.   Protesting and activism are out in the street as the meat, not as a bunch of noisy bits flapping in the intertubes.  Posting to Twatter or Facecrook really is just about as useless.


----------



## Aldryic C'boas (Jan 10, 2015)

RTGHM said:


> I don't believe collateral damage is a big issue to be quite honest.


I don't like listening to your ignorance.  I'm going to protest by beating your face with a ceramic bat.  Don't worry about losing your teeth - it's just collateral damage, you don't mind.

You're the kind of tool that badly needs an ass whipping to build humility and perspective.  Maybe then you won't be so quick to judge something 'acceptable' so long as you're not affected.


----------



## RTGHM (Jan 10, 2015)

Aldryic C said:


> I don't like listening to your ignorance.  I'm going to protest by beating your face with a ceramic bat.  Don't worry about losing your teeth - it's just collateral damage, you don't mind.
> 
> You're the kind of tool that badly needs an ass whipping to build humility and perspective.  Maybe then you won't be so quick to judge something 'acceptable' so long as you're not affected.


The amount of times I've been ddosed is unreal, the amount of times I've had death threats against me is unreal.

Do you really think I even care anymore?


----------



## drmike (Jan 10, 2015)

Ald with the harsh papa ruler on some knuckles.

I don't think @RTGHM is in the riff raff group.   In my younger years I would have likely shortsighted in view continued to gaze upon DDoS as an interesting disruptive force for hacktivism.

It's like the person that decides to run down the road from the police, ahem innocently ignoring the lights somehow and barrels into or has the officer barrel into some poor traveler on the road.

Or it's the youngster who goes with his buddy to buy some pot and in the process the buddy gets robbed, shot and dies.

In both experiences, the fellow wasn't meaning death upon someone, but such did occur in his proximity and due to his actions.

My fear is and will eventually be proven / outcome that DDoS on a network or direct target is going to result in perhaps (ideally) unintentional loss of life.

I felt the same way about Stuxnet and other malwares intending on nesting inside controllers and apparatus.  Perhaps the malware could cause centrifuges to wobble out of control and cause heavens forbid a nuclear event.

Once we know things are possible and proof of concept has been launched, it's the permanent opening of Pandora's horrible box.  The genie no longer fits in the bottle and the ill intentions of such awareness lead to more horrors, misues and threats of virtual harm, which eventually will impact real life.

Collateral damage is unforgivable.   Scary ass military term.


----------



## raindog308 (Jan 10, 2015)

The idea that DDOS is a digital analog to a "sit in" is rather sketchy at best.  Regardless, sit ins and street protests are *obsolete*.

100 years ago, placards in the street was the only way to get your voice heard.

Today If you have a gripe or don't like something, you can speak on a platform in which billions can hear your voice: the Internet.  Put up a web site and you can speak as long and as eloquently as you wish.

Blocking traffic, marching with signs, etc. is just saying "I DEMAND YOU LISTEN TO ME" and you don't get to do that.


----------



## RTGHM (Jan 10, 2015)

drmike said:


> Ald with the harsh papa ruler on some knuckles.
> 
> I don't think @RTGHM is in the riff raff group.   In my younger years I would have likely shortsighted in view continued to gaze upon DDoS as an interesting disruptive force for hacktivism.
> 
> ...


Well if you think DDOS attacks will end life, swatters will.

Swatters dispatch SWAT teams ready for shoot, kill without thinking.


----------

