Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; FeaturedPageWidget has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/plugins/featured-page-widget/featured-page-widget.php on line 34

Deprecated: Function create_function() is deprecated in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/plugins/featured-page-widget/featured-page-widget.php on line 649

Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/functions/media.php on line 666

Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/functions/media.php on line 671

Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/functions/media.php on line 684

Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/functions/media.php on line 689

Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/functions/media.php on line 694

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Widgets has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-widgets.php on line 10

Deprecated: The called constructor method for WP_Widget class in FeaturedPageWidget is deprecated since version 4.3.0! Use __construct() instead. in /home/happehth/public_html/www.israeliworlddomination.com/wp-includes/functions.php on line 6031

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Search has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-search.php on line 9

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Follow_Twitter has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-twitter.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Category_Posts has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-query-posts.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Featured_Posts has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-featured-posts.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Google_Translator has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-translator.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Subscription has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-subscription.php on line 20

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Flickr has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-flickr.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Query_Users has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-query-users.php on line 10

Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Suffusion_Child_Pages has a deprecated constructor in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/themes/suffusion/widgets/suffusion-child-pages.php on line 10
Yardin Bidani And Itay Huri Arrested For Selling DDOS Attacks Over The Past Few Years For $618,000 – Israeli World Domination
Sep 122016
 

After security journalist Brian Krebs exposed the DDoS-for-hire service, vDOS, and the alleged owners of the service Yarden Bidani and Itay Huri were arrested, a massive attack was launched against the Krebs on Security site.

Last Thursday, Krebs wrote about vDOS and the two 18-year-old Israeli hackers, running the DDoS attack service. In the past two years, the duo launched over 150,000 attacks and made at least $618,000. vDOS had been hacked and Krebs had obtained a copy of the vDOS database.

vDOS had paying subscribers with the cost depending upon how many seconds the DDoS attack lasted. Krebs reported, “In just four months between April and July 2016, vDOS was responsible for launching more than 277 million seconds of attack time, or approximately 8.81 years’ worth of attack traffic.”

Shortly after Kreb’s investigative article started hitting the news, Yarden Bidani and Itay Huri were arrested by Israel police in connection with an FBI investigation into the DDoS-for-hire service. After the two handed over their passports, they were released on bond, placed on house arrest and banned from using any electronic communications for 30 days.

The Marker, an Israeli news site, reported yesterday that both men had been arrested. They have since been released on $10,000 bonds and placed under house arrest. Their passports have been taken away and they are forbidden from accessing the internet or any other telecommunications equipment for 30 days.

On Friday, the Krebs on Security site was hit with a “heavy and sustained denial-of-service attack, which spiked at almost 140 Gbps.” Krebs added, “A single message was buried in each attack packet: ‘godiefaggot’.”

Firm launched BGP hijacking attack against vDOS

Also on Friday, vDOS – which had a minimum of four servers hosted in Bulgaria – went offline. The reason for this, according to Krebs, was a BGP hijacking attack launched by BackConnect Security. The company offers “advanced DDoS protection services.” You can theoretically “watch a replay” of the attack, according to commenters on Krebs’ article.

Bryant Townsend, CEO of BackConnect Security, confirmed it was behind the attack, telling Krebs that it had been attacked and vDOS had claimed credit.

“For about six hours, we were seeing attacks of more than 200 Gbps hitting us,” Townsend said. “What we were doing was for defensive purposes. We were simply trying to get them to stop and to gather as much information as possible about the botnet they were using and report that to the proper authorities.”

CloudFlare dumped vDOS logs

Then on Friday evening, CloudFlare – which vDOS had been hiding behind – released vDOS attack logs from April through July 2016. Although vDOS had been operating since September 2012, a good portion of the logs had likely been wiped.

Regarding the logs released by CloudFlare, Krebs reported:

The file lists the vDOS username that ordered and paid for the attack; the target Internet address; the method of attack; the Internet address of the vDOS user at the time; the date and time the attack was executed; and the browser user agent string of the vDOS user.

vDOS operators had bad OPSEC

The two Israeli hackers were lax about OPSEC and protecting their identities. The organization refused to attack Israeli sites in their “home country.” They published a technical paper (pdf) on DDoS attack methods with Huri using his real name and Bidani using a Gmail address which linked back to being a vDOS administrator.

Additionally, Bidani – aka “AppleJ4ck” – had discussed DDoS attacks on Facebook. Huri’s phone number was used for the vDOS site registration records and for receiving text messages when a vDOS customer opened a support ticket. Based on details revealed during the hack of vDOS, support emails were set to be forwarded on to two email addresses: itayhuri8@gmail.com and raziel.b7@gmail.com. Huri, aka P1st, had planned to join the Israel Defense Forces; if that is still the plan, then he’ll surely learn better OPSEC.

I highly recommend reading both of Krebs’ articles: Alleged vDOS Proprietors Arrested in Israel and Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years. The attacks may still be ongoing against Krebs’ site as there were times when it was unreachable.

 Posted by at 5:48 pm

Sorry, the comment form is closed at this time.


Notice: Undefined index: disable_backlink in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/plugins/yd-recent-posts-widget/inc/yd-rpw-display.inc.php on line 79

Featuring Recent Posts WordPress Widget development by YD


Notice: Undefined index: disable_backlink in /home/happehth/public_html/www.israeliworlddomination.com/wp-content/plugins/yd-recent-posts-widget/inc/yd-rpw-display.inc.php on line 81