Security // Risk Management
News
7/20/2012
08:47 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Amazon.com DDoS Attacker Busted In Cyprus

Attacker and accomplice allegedly also launched botnet-driven attacks against eBay and Priceline, then offered to fix the problem.

Federal authorities announced Thursday that a Russian man accused of launching distributed denial-of-service (DDoS) attacks against Amazon.com has been arrested in Cyprus.

Dmitry Olegovich Zubakha, 25, of Moscow, was busted Wednesday on an international arrest warrant after being indicted in federal court in May 2011 for launching two botnet-driven DDoS attacks against Amazon.com in June 2008, as well as for similar attacks against eBay and Priceline.

"Zubakha is alleged to have mounted a denial of service attack against Amazon on June 6, 2008 and again on June 9, 2008," according to federal prosecutors. "In both instances, the attacks disrupted the ability of customers to access the Amazon site for hours while the company attempted to deal with the attacks from a 'botnet' or web of connected computers."

Authorities said that Zubakha and an unnamed co-conspirator, also Russian, later took credit for their botnet-driven exploits on underground hacker forums. U.S. Attorney Jenny A. Durkan, who heads the Justice Department's cybercrime and intellectual property enforcement committee, branded the two Russian attackers as "cyber bandits."

[ Even Apple can't keep out hackers. See Apple In-App Store Hacked. ]

Authorities said they'd also traced 28,000 stolen credit card numbers to Zubakha, which they said had been used to commit identity theft.

"The investigation culminating in the arrest of Dmitry Zubakha by authorities in Cyprus was extremely complex," said James Helminski, special agent in charge of the U.S. Secret Service in Seattle, in a statement. "The apprehension of Zubakha is the result of a concerted effort by the Secret Service, the U.S. Attorney's Office for the Western District of Washington, and the Seattle Police Department. I would also like to commend Amazon.com for its forthrightness and assistance in dealing with this series of computer network attacks which had the potential to adversely impact the company's ability to serve its customers."

Why bother launching DDoS attacks against well-known online properties? According to authorities, the pair created problems which they then offered to solve, for a price. "In one instance a co-conspirator called a victim company, Priceline.com, and offered his services as a consultant to stop the denial of service attack," according to the related indictment, which was unsealed after Zubakha's arrest.

Prosecutors are seeking Zubakha's extradition from Cyprus to the United States so that he can stand trial on the charges. All told, he has been charged with conspiracy to intentionally cause damage without authorization to a protected computer, two counts of intentionally causing damage to a protected computer--resulting in a loss of more than $5,000--as well as possessing 15 or more unauthorized access devices, and aggravated identity theft over the stolen credit card data he allegedly possessed.

If convicted on all charges, Zubakha faces up to 37 years in prison and $750,000 in fines.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.