Delving further into the subject, Brian Krebs depicts a situation from his personal experience telling what bad things can happen if you screw with hacktivists.So, how did I get interested in the ‘noob persistent threat’, these DDoS services? Well, it started with a story that I wrote last fall about one booter service called absoBoot (see left-hand image). absoBoot, like all of these booter services, is advertised and chiefly marketed in a ‘noobtacular’ forum called Hack Forums. The story that I wrote about absoBoot noted that the guy who was running it is also running a similar service called TWBooter. It was created by a guy on Hack Forums named Orgy, a very big time seller there. The story noted that Orgy hadn’t been super-careful with safeguarding the privacy of his Whois information (see right-hand image). He really hadn’t even tried that hard to obfuscate who he was. It was all run by a 23-year-old kid from North Carolina named Robert Danielson. He’d been busted a few times for different things, as you can see here. I think the latest one was robbing a local policeman’s house of his firearms – again, noobtacular… But anytime you write about these guys on Hack Forums, they get their dander up, they get a little pissed off because they are very proud of the forum, they’ve got a lot tied up into it, a lot of investing. And they start, you know, lashing out at you a little bit. So, right after I wrote about this I started getting some anonymous threats, people sending me emails going: “Hey Krebs, watch your back – somebody is gonna swat your ass!” You guys know what swatting is? It’s when somebody calls in to your local police and pretends to be you and says there’s a hostage situation going on in your house and asks to send police right away. And usually, if you don’t answer the door they kick in your door, and all kinds of bad things can ensue after that. Well, I really didn’t want this to happen to me, so I reached out to my local police and I said: “Can you please send an officer out here, I want to file a police report?” And a guy came by, he was really nice; he had never heard of swatting before. But I said: “Look, if you get a call from somebody pretending to be me telling you about a hostage situation in my house – here’s my cell phone. Just freakin’ call me, okay? Don’t kick in my door.” They don’t reimburse you for that, by the way. I didn’t get swatted, at least not then. Fast forward to March of this year, I wrote a story about a service in the underground that was being used to pull credit reports on celebrities and public figures. The guy that did this – this is his site (see right-hand image) called Exposed.su – basically, he started posting the name, address, Social Security Number, mother’s maiden name, previous addresses, all this stuff – pretty much anything you can find in a credit report. He started posting it all on the site. He did this for Arnold Schwarzenegger, Kanye West, and a whole bunch of other guys. When he got bored with that, he started doing public figures like the First Lady of the United States, the Director of the FBI, the Director of the CIA. And a lot of people were like: “Holy crap! If they can get this information on the Director of the FBI, they can get it on anybody.” The story that I wrote said that now we’re talking about the right question here, because for every single one of you who lives in the United States, that information is for sale: for 5 or 10 bucks you can get it all. And I said: “This is one of the sites where you can get this information.” It was a site called ssndob.ru (see left-hand image). It’s no longer there, it’s at a different place. This is actually the account of the guy that set up Exposed.su. You can see he’s looking up Sarah Palin, Britney Spears and Tom Cruise; he actually looked up my information as well. So I wrote about this and I said: “Look, this is out there. This is probably how he’s doing it.” I didn’t know at the time that it was. And the next day I get an interesting email from my hosting provider (see right-hand image), and they’re like: “Hey Krebs, FYI, we got a letter, looks like it came from the FBI but it’s kind of not really all that official-looking. But they said you’re hosting illegal content on your site, so we had to take down your site.” I also got the same email forwarded to me from Prolexic, which is a DDoS mitigation service that actually protects my site from attacks which are happening more often than not; my site has been under attack most of the day today.
Read previous: Spy-jacking the Booters
Read next: Spy-jacking the Booters 3: Owner Profiles