news
Second arrest in response to DDoS attack on Spamhaus
The Spamhaus Project again offers congratulations and thanks to the law enforcement community in the matter of the massive Distributed Denial of Service (DDoS) attack perpetrated against our systems in March 2013 by a Russian-based anti-Spamhaus group calling themselves 'Stophaus', consisting of several individuals with grievances against Spamhaus for naming and blocklisting their cybercrime hosting enterprises, spam and botnet operations. This time we offer our congratulations and thanks to the UK's National Cyber Crime Unit (NCCU), the cybercrime arm of the National Crime Agency (NCA). In a statement released on 27 Jun 2014, the NCA announced:
"A 17 year old male from London has today been charged with computer misuse, fraud and money laundering offences following a National Crime Agency investigation. He was arrested in April 2013 after a series of distributed denial of service (DDoS) attacks which led to worldwide disuption of internet exchanges and services. On his arrest officers seized a number of electronic devices."
This was the first formal announcement of the arrest. The actual arrest occurred in 2013, shortly after the arrest of a Dutch national living in Spain. That individual has been charged by the Dutch Public Prosecution Service for leading and orchestrating the DDoS attack. That criminal case is proceeding to trial through the Dutch legal system.
At the time, the record-breaking attacks were initially directed at Spamhaus infrastructure such as websites, mailservers and nameservers. Then, over the course of the following two weeks, the attacks escalated to targeting Spamhaus' supporting networks and services including various Internet exchanges. While the DDoS caused disruptions to our website, our hosts and DNS partners, the worldwide distribution of the Spamhaus anti-spam data that now protects over 2.2 billion mailboxes was never interrupted.
With two of the attackers now charged and awaiting trial, Spamhaus has hopes that the other conspirators, consisting of two United States nationals, two Russians and a Chinese national will also soon be charged. Several more spammers and cybercrime-involved server hosting company owners were peripherally involved and at this time most have been identified by both Spamhaus and law enforcement.
Further reading:
London schoolboy secretly arrested over 'world's biggest cyber attack' @London Evening Standard
London Youth Charged With Spamhaus DDoS Attack @Info-Security
Spamhaus suffers largest DDoS attack in history – entire internet affected @Info-Security
London Internet Exchange hit by suspected DDoS attack @ComputerWeekly
Conversations with a Bulletproof Hoster @Krebs on Security