Security Market Segment LS
Thursday, 03 August 2017 07:17

Man used DDoS to try and get Fairfax Media, others to remove articles Featured

By

A 32-year-old man from Seattle who was arrested for mounting a series of distributed denial of service attacks on businesses in Australia, the US and Canada, wanted articles about himself removed from various news sites, including Fairfax Media.

According to an FBI chargesheet filed in the US District Court for the Northern District of Texas (Dallas Division), Kamyar Jahanrakhshan tried to get articles removed from the Sydney Morning Herald, a site for legal articles known as Leagle.com, Metronews.ca, a Canadian news website, CBC in Canada and Canada.ca.

Ars Technica was the first to file a detailed report on the case; the arrest was reported by iTWire on 29 July.

The chargesheet, filed by FBI special agent Matthew Dosher, said Jahanrakhshan migrated to the US in 1991 and took US citizenship; he then moved to Canada about four years later and became a permanent resident there. He had a conviction for second degree theft in Washington state in 2005 and this was vacated in August 2011; he also had a 2011 conviction for fraud and obstruction in Canada. 

In each case, Jahanrakhshan, who was deported back to the US as a result of the Canada crime, launched DDoS attacks on the news websites and then contacted them.

The attacks on the Sydney Morning Herald took place in 2015 and 2016. The chargesheet said the Fairfax Media website was hosted at Quadranet and the servers located in California. One DDoS attack was brought to the attention of the FBI in Dallas in April 2015.

The chargesheet said between January and April 2015, Jahanrakhshan communicated with someone who had the initials DG at Fairfax Media, initially asking that two articles from September 2011 be taken down. When he was told that this would not be done, he offered to send A$500 to pay for the removal of the articles.

Jahanrakhshan continued to email Fairfax Media and became more aggressive in his approach, asking for the money to be returned if the articles were not going to be taken down.

In February 2015, Fairfax Media received an email from "Anonymous Hackers" claiming responsibility for the DDoS attacks on the website. The email said:

"We are responsible for all of the DDoS attacks incurred by many of the Fairfax Media websites during the past 11 days. You must be aware of them.

"Our demand to halt these attacks is simple and trivial.

"There are two articles that were published in one of your newspaper in 2011. They are concerning one of our colleagues.

"We are demanding their immediate Take Down. If you refuse a systematic DDoS attacks against Fairfax Media websites will ensue. On the other hand, if you comply and delete the subject articles from your archives, all attacks will be immediately halted.

"If you decided to comply, simply reply to this email and we will send you the subject URLs for deletion."

The chargesheet said the Australian Federal Police informed the FBI in September 2015 that Jahanrakhshan had stepped up his threats and was now sending faxes threatening bomb attacks. He threatened to "call in bomb threats to different places, including Courthouses in Vancouver".

The Sydney Morning Herald was hit by another DDoS in February 2016 and an email arrived from the "Anonymous Hackers" claiming responsibility.

On 23 February that year, an email with the subject line "SMH Digital is down again" arrived. It read as under:

"Hi Guys

"We just took down the SMH Digital once again. Your paying customers cannot login to read the SMH or other fairfax digital papers.

"You know what to do to restore services. TAKE THESE DOWN: 

"https://www.smh.com.au/business/conman-hit-three-australian-banks-in-credit-card-sting-20110907-1jxr4.html

"https://www.smh.com.au/business/canadian-conman-taps-banks-20110907-1jxtj.html

"https://www.bordermail.com.au/story/934572/canadian-conman-taps-banks/

"We won't stop our exploits against fairfax until these articles are removed."

A similar email was sent to Fairfax Media on 25 February.

The chargesheet outlined the approach made to the other news websites in similar detail. The methodology was similar and sought similar outcomes.

The AFP's announcement of the arrest of Jahanrakhshan gave his age as 37 and said he was arrested on 26 July.

He has been charged with transmission of a code or command and intentionally causing damage to a computer and is expected to face court on 14 August.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Web Analytics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments