Home Security Man used DDoS to try and get Fairfax Media, others to remove articles

Man used DDoS to try and get Fairfax Media, others to remove articles

Man used DDoS to try and get Fairfax Media, others to remove articles Featured

A 32-year-old man from Seattle who was arrested for mounting a series of distributed denial of service attacks on businesses in Australia, the US and Canada, wanted articles about himself removed from various news sites, including Fairfax Media.

According to an FBI chargesheet filed in the US District Court for the Northern District of Texas (Dallas Division), Kamyar Jahanrakhshan tried to get articles removed from the Sydney Morning Herald, a site for legal articles known as Leagle.com, Metronews.ca, a Canadian news website, CBC in Canada and Canada.ca.

Ars Technica was the first to file a detailed report on the case; the arrest was reported by iTWire on 29 July.

The chargesheet, filed by FBI special agent Matthew Dosher, said Jahanrakhshan migrated to the US in 1991 and took US citizenship; he then moved to Canada about four years later and became a permanent resident there. He had a conviction for second degree theft in Washington state in 2005 and this was vacated in August 2011; he also had a 2011 conviction for fraud and obstruction in Canada. 

In each case, Jahanrakhshan, who was deported back to the US as a result of the Canada crime, launched DDoS attacks on the news websites and then contacted them.

The attacks on the Sydney Morning Herald took place in 2015 and 2016. The chargesheet said the Fairfax Media website was hosted at Quadranet and the servers located in California. One DDoS attack was brought to the attention of the FBI in Dallas in April 2015.

The chargesheet said between January and April 2015, Jahanrakhshan communicated with someone who had the initials DG at Fairfax Media, initially asking that two articles from September 2011 be taken down. When he was told that this would not be done, he offered to send A$500 to pay for the removal of the articles.

Jahanrakhshan continued to email Fairfax Media and became more aggressive in his approach, asking for the money to be returned if the articles were not going to be taken down.

In February 2015, Fairfax Media received an email from "Anonymous Hackers" claiming responsibility for the DDoS attacks on the website. The email said:

"We are responsible for all of the DDoS attacks incurred by many of the Fairfax Media websites during the past 11 days. You must be aware of them.

"Our demand to halt these attacks is simple and trivial.

"There are two articles that were published in one of your newspaper in 2011. They are concerning one of our colleagues.

"We are demanding their immediate Take Down. If you refuse a systematic DDoS attacks against Fairfax Media websites will ensue. On the other hand, if you comply and delete the subject articles from your archives, all attacks will be immediately halted.

"If you decided to comply, simply reply to this email and we will send you the subject URLs for deletion."

The chargesheet said the Australian Federal Police informed the FBI in September 2015 that Jahanrakhshan had stepped up his threats and was now sending faxes threatening bomb attacks. He threatened to "call in bomb threats to different places, including Courthouses in Vancouver".

The Sydney Morning Herald was hit by another DDoS in February 2016 and an email arrived from the "Anonymous Hackers" claiming responsibility.

On 23 February that year, an email with the subject line "SMH Digital is down again" arrived. It read as under:

"Hi Guys

"We just took down the SMH Digital once again. Your paying customers cannot login to read the SMH or other fairfax digital papers.

"You know what to do to restore services. TAKE THESE DOWN: 

"http://www.smh.com.au/business/conman-hit-three-australian-banks-in-credit-card-sting-20110907-1jxr4.html

"http://www.smh.com.au/business/canadian-conman-taps-banks-20110907-1jxtj.html

"http://www.bordermail.com.au/story/934572/canadian-conman-taps-banks/

"We won't stop our exploits against fairfax until these articles are removed."

A similar email was sent to Fairfax Media on 25 February.

The chargesheet outlined the approach made to the other news websites in similar detail. The methodology was similar and sought similar outcomes.

The AFP's announcement of the arrest of Jahanrakhshan gave his age as 37 and said he was arrested on 26 July.

He has been charged with transmission of a code or command and intentionally causing damage to a computer and is expected to face court on 14 August.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications