Network News

X My Profile
View More Activity

Hired Internet Gun Sentenced to Two Years

A 31-year-old Ohio man thought to be one of the first U.S. citizens convicted of contracting to organize crippling attacks against commercial Web sites has been sentenced to two years in prison for his crimes.

Paul Garrett Ashley was ordered by a federal judge last month to spend two years in the clink for his role in creating for hire the "DDoS Mafia," a group of young hackers who used thousands of hacked home computers to launch a series of distributed denial of service (DDoS) attacks in 2003 that knocked out several targeted commercial Web sites. A copy of his sentencing order is here (PDF).

Ashley was allegedly hired to organize the attacks by one Jay Echouafni, at the time the chief executive officer of Sudbury, Mass- based Orbit Communication Corp.. According to the FBI, Echouafni hired Ashley to flood his competitors' Web sites with so much junk traffic that they would no longer be able to accommodate legitimate visitors. The attacks worked as planned -- a little too well, as it turned out: The assaults also temporarily blocked access to more high-profile sites including Amazon.com and the Department of Homeland Security, resulting in more than $2 million in losses, according to the government.

Following his indictment on five counts of aiding and abetting computer intrusion and conspiracy, Echouafni fled the country and is now listed among the FBI's most-wanted fugitives.

The entire case was chronicled in an engaging piece by Kevin Poulsen, formerly a reporter for SecurityFocus.com. Here are some details of the FBI's allegations in a snippet from that article:

"Echouafni allegedly paid Ashley $1,000 to snuff out two competing websites that he claimed had stolen some of his content and were staging DDoS attacks against his company.

"Ashley in turn used his connections in the underground, and in at least one case the promise of free CIT/FooNet server, to recruit three associates to do the dirty work: Joshua Schichtel, Jonathan Hall, and Lee Walker, known online as 'Emp,' 'Rain' and 'sorCe' respectively. Each of the three apparently had sizable 'botnets' at their disposal, meaning they could each command thousands of compromised PCs to simultaneously attack a single host -- Walker alone had control of between 5,000 and 10,000 computers through a customized version of the Agobot worm, according to the FBI affidavit. Schichtel's network of 3,000 zombies was more modest, and he quietly subcontracted the job to Richard 'Krashed' Roby, who allegedly took the assignment in exchange for a free shell account."

Roby pleaded guilty to his role in the attacks last year, and is currently serving an 18-month prison sentence.. Read more of the 2004 SecurityFocus piece here.

By Brian Krebs  |  May 1, 2006; 3:07 PM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Two New IE Flaws Found
Next: A Time to Patch III: Apple

Comments

i helped put these guys away. i wish sorce would hurry up and go to jail soon too. he is the one who ddosed me. setient@hotmail.com if you want to talk to me about it more.

Posted by: setient | June 15, 2006 11:16 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company