Almost a year after the self-styled “gray hat” ZZb00t first launched DDoS attacks on predominantly German and British companies, the lone perpetrator has been sentenced before the criminal court in Bielefeld. The court imposed a suspended sentence of one year and ten months against the IT specialist from Voerde at Lower Rhine, the German eCommerce blog Wortfilter.de reported.
The German citizen had attacked renowned large international organizations with DDoS attacks over a period of four weeks. International logistics providers, the marketplace eBay as well as numerous online shops and IT service providers were counted among his victims. In some cases, the downtimes extended over hours and disclosed critical interfaces. The business customer portals at several logistics providers, by means of which online retailers issue orders and can print shipping labels, collapsed. So far the companies attacked have not, however, demanded any compensation, according to wortfilter.de.
The “former IT Security Consultant” commented on his attacks using the Twitter handle @ZZb00t. He documents the attack preparations and downtimes in more than 300 tweets. Furthermore, he also explained the motives for his actions to his wide audience: criticism of the IT security strategies of companies and the lack of an awareness for their responsibility vis-à-vis customers. This did not stop him from demanding bitcoin from individual companies to get him to stop the attacks.
Most of the companies attacked had several hours to prepare for the attacks. Nonetheless, as a rule they were severely impacted due to the technically sound and stubborn attacks. In its Link11 Insights Report on ZZb00t, the Link11 Security Operation Center analyzed the weak points that were attacked and the DDoS tools used. In addition, the report traces the chronological sequence of this unparalleled wave of DDoS attacks and extortion, which only ended with the arrest of the perpetrator on May 23, 2017.
ZZb00t is already the second big DDoS criminal to be made accountable before a German court within 12 months. In July 2017 the Regional Court of Cologne also imposed a suspended sentence against a hacker. Born in London, Daniel K. had tried to infect millions of telecommunication routers in Germany and the United Kingdom for his Mirai botnet at the end of November 2016. In January 2017 he blackmailed the British Lloyds Bank with DDoS attacks. In February 2017 German and British agents were able to arrest him at the airport in London.
Detailed analyses and background information from Link11 on ZZb00t, one of the most dangerous DDoS attackers in Germany. Now as a download!