Re: Hypothesis regarding recent DDoS attacks from Hadi Nahari on 2014-12-31 (public-web-security@w3.org from December 2014)

From: Hadi Nahari <hnahari@nvidia.com>
Date: Wed, 31 Dec 2014 22:29:23 +0000
To: Zijyfe Duufop <zdoofop@gmail.com>
CC: Colin Gallagher <colingallagher.rpcv@gmail.com>, public-web-sec. <public-web-security@w3.org>
Message-ID: <F7E36B56-0C80-409A-8F17-BC6640AE9815@nvidia.com>

Apparently one of them is already apprehended in the U.K. per Krebs:

http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/

-Hadi

On Dec 31, 2014, at 12:32 PM, Zijyfe Duufop <zdoofop@gmail.com<mailto:zdoofop@gmail.com>> wrote:

probably should be clearer:
[https://pbs.twimg.com/profile_images/543970950778482688/1QmVdutQ_bigger.jpeg] Michael Nieves @virus <https://twitter.com/virus>

These @LizardMafia<https://twitter.com/LizardMafia> chumps ripped their "stresser" code from http://titaniumstresser.net <http://t.co/BlL1YZSzXz> #LizardSquad<https://twitter.com/hashtag/LizardSquad?src=hash> #LizardMafia<https://twitter.com/hashtag/LizardMafia?src=hash>

On Wed, Dec 31, 2014 at 3:17 PM, Zijyfe Duufop <zdoofop@gmail.com<mailto:zdoofop@gmail.com>> wrote:
update: It appears I was mostly correct: titaniumstresser.net<http://titaniumstresser.net>

On Sun, Dec 28, 2014 at 6:21 PM, Zijyfe Duufop <zdoofop@gmail.com<mailto:zdoofop@gmail.com>> wrote:
Oh, my mistake. In my first message I didn't mean new tech as in gadgets, more like an app or program with the specs I gave. If I am correct, all we would have to do would be to find this new website/program/app and destroy it. I know it's a lot easier said than done, but I thought I'd put it out there.

On Sun, Dec 28, 2014 at 6:16 PM, Zijyfe Duufop <zdoofop@gmail.com<mailto:zdoofop@gmail.com>> wrote:
I'm not sure I understand. You started off with saying they are easy enough already and then went off on a tangent.

On Sat, Dec 27, 2014 at 11:25 PM, Colin Gallagher <colingallagher.rpcv@gmail.com<mailto:colingallagher.rpcv@gmail.com>> wrote:

You're not missing much. I bet you have already seen the Norse visualizations. What's bothersome is these attacks are so easy to pull off that it's not even a "man-children" or "internet of things" attribution. So the cost of association of a person or a group with a non-event becomes so low that the fruit is lower hanging for most Tor devs to let players keep playing them for attention that comes to Tor, rather that focusing on silently addressing node and certificate authority issue problems. Which they are, but with a sort of exaggerated sense of denial about the ongoing attacks.

Watch and get free entertainment as some dude from Mega throws bazillions of credits around to "MAKE IT STOP" and then the hacks resume again after money is received. Sad.

As I've pointed out before the reason I wouldn't agree to participate in Web Payments group or its conf calls was the ludicrous CLA which in many ways literally said, "If you call in, all your ideas are belong to us forever." Kind of like .... SONY

so obv I never called in.

Basically:
These firms / nonprofits (often tainted by too much exposure to the infobleedment industry, eg Sony, Mega, Tor, etc) release funds to keep the hacks going a bit longer. To get attention in a market that is getting tougher (hell, look at slur.io<http://slur.io>'s model - and they'll be gone soon because they don't publish keys for gpg etc). The cybercybercyber attacks (past few days mostly between US, China, with Russians watching and eating popcorn according to NORSE) made ppl run around in circles in low places, like Hollywood, White House, and a local garbage incinerator.

I love my privacy (even tho I am contacting you today via gmail) but for serious comnunications I use open source and serious crypto, not this stuff.

Ok ciao... happy new year

On Dec 27, 2014 4:35 PM, "Zijyfe Duufop" <zdoofop@gmail.com<mailto:zdoofop@gmail.com>> wrote:
Something occured to me recently:

As you know, there has been a rash of DDoS attacks on pretty much everything from XBox to North Korea. From what I understand, different hacker groups are claiming responsibility for nearly every single attack.

Now, it occurs to me that the possibility that a bunch of hackers starting to form groups at around the same time is highly unlikely. However, there is another interesting, and more likely explanation: new tech.

This tech would have to make DDoS so easy, your grandmother could do it. It would have to be affordable, reliable, adaptable, and known throughout the hacker community, but not necessarily to the general public. It would have to be run through a server in such a way that not one of the attacks used can be linked. And, most importantly, it would have to be intelligent enough to find a weak link in the destination and exploit it. If I am correct, then man-children in basements everywhere are trying to glorify themselves by taking down high profile targets and then boasting about it in a way that makes them seem bigger than they are.

Am I completely wrong? Am I missing something? Is this not even news? Why do I feel like this is too obvious?

-----------------------------------------------------------------------------------
This email message is for the sole use of the intended recipient(s) and may contain
confidential information. Any unauthorized review, use, disclosure or distribution
is prohibited. If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.
-----------------------------------------------------------------------------------

Received on Wednesday, 31 December 2014 22:30:04 UTC