Tag Archives: Nevada

Did Prolexic Fend Off Anonymous’s Sony Attacks?

Prolexic, a company that defends clients against Distributed Denial of Service (DDoS) attacks, says it has successfully combatted the “Largest Packet-Per-Second DDoS Attack Ever Documented in Asia”:

“Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced it successfully mitigated another major DDoS attack of unprecedented size in terms of packet-per-second volume. Prolexic cautions that global organizations should consider the attack an early warning of the escalating magnitude of similar DDoS threats that are likely to become more prevalent in the next 6 to 8 months.”

Although it describes the customer only as “an Asian company in a high-risk e-commerce industry” it could well be connected to the recent attacks on Sony by Anonymous. A piece by Sebastian Moss – The Worst Is Yet To Come: Anonymous Talks To PlayStation LifeStyle — in April quoted an alleged member of Anonymous called Takai as reacting to unconfirmed reports that Sony had hired Prolexic to defend itself (Sony Enlists DDoS Defense Firm to Combat Hackers):

“It was expected. We knew sooner or later Sony would enlist outside help”. Pressed on whether Anonymous would take out Prolexic, Takai showed confidence in the ‘hacktavist’s’ upcoming retaliation, stating “well, if I had to put money on it … I’d say, Prolexic is going down like a two dollar wh*** in a Nevada chicken ranch  ”. He did admit that the company “is quite formidable” and congratulated “them for doing so well”, but again he warned “We do however have ways for dealing with the ‘Prolexic’ factor”.

The website also quoted Anonymous members expressing frustration at the new defences, but that they appeared to be confident they would eventually prevail. That doesn’t seem to have happened.

Prolexic’s press release says the attacks had been going on for months before the client approached the company. The size of the attack, the company said, was staggering:

According to Paul Sop, chief technology officer at Prolexic, the volume reached levels of approximately 25 million packets per second, a rate that can overwhelm the routers and DDoS mitigation appliances of an ISP or major carrier. In contrast, most high-end border routers can forward 70,000 packets per second in typical deployments. In addition, Prolexic’s security experts found 176,000 remotely controlled PCs, or bots, in the attacker’s botnet (robot network). This represents a significant threat as typically only 5,000-10,000 bots have been employed in the five previous attacks mitigated by Prolexic.

It does not say why it considers the attack over, now gives any timeline for the attack. But if it is Sony, it presumably means that Anonymous has withdrawn for now or is preoccupied with other things. Prolexic, however, is probably right when it warns this is a harbinger of things to come:

“Prolexic sees this massive attack in Asia with millions of packets per second as an early warning beacon of the increasing magnitude of DDoS attacks that may be on the horizon for Europe and North America in the next 6 to 8 months,” Sop said. “High risk clients, such as those extremely large companies in the gaming and gambling industries in Asia, are usually the first targets of these huge botnets just to see how successful they can be.”

The Lego Scam

A man after my own heart: AP reports that a man has been arrested accused of stealing a truck full of Lego:

A 40-year-old man is behind bars, accused of stealing hundreds of thousands of dollars of a toy geared toward the 6-and-up crowd: Legos. To haul away the evidence, agents working for the U.S. Postal Inspector said they had to back a 20-foot truck to William Swanberg’s house in Reno, Nev., carting away mountains of the multicolored bricks.

Swanberg was indicted Wednesday by a grand jury in Hillsboro, a Portland suburb, which charged him with stealing Legos from Target stores in Oregon. Target estimates Swanberg stole and resold on the Internet up to $200,000 of the brick sets pilfered from their stores in Oregon as well as Utah, Arizona, Nevada and California.

When no one was looking, Swanberg switched the bar codes on Lego boxes, replacing an expensive one with a cheaper label, said Detective Troy Dolyniuk, a member of the Washington County fraud and identity theft enforcement team.

Target officials contacted police after noticing the same pattern at their stores in the five western states. A Target security guard stopped Swanberg at a Portland-area store on Nov. 17, after he bought 10 boxes of the Star Wars Millennium Falcon set. In his parked car, detectives found 56 of the Star Wars set, valued at $99 each, as well as 27 other Lego sets. In a laptop found inside Swanberg’s car, investigators also found the addresses of numerous Target stores in the Portland area, their locations carefully plotted on a mapping software.

Records of the Lego collector’s Web site, Bricklink.Com, show that Swanberg has sold nearly $600,000 worth of Legos since 2002, said Dolyniuk.

Interestingly, folk seemed to have been quite happy to deal with Swanberg on Bricklink.com. He’s been registered on the site since 2002, earning praise from more than 6,000 users, and getting complaints from only 11. He was still shipping up until the last minute: Eight folk posted praise about dealing with him on the day or after he’d been indicted. Only one person seemed to harbour doubts: That person wrote on November 19, four days before Swanberg was indicted: “Wish I knew where these came from…”

Actually, this kind of scam is well documented, and may be a copycat theft. Eagle-eyed readers may recall a piece I wrote a few months back about Douglas Havard, a phisher who was jailed in June for conspiracy to defraud and launder money. According to an earlier piece in the Dallas Observer Havard used to steal expensive Lego sets by switching price tags on Lego boxes. The only difference was that Havard was printing his own price stickers.

What is it with Lego that turns people into criminals?

More Options For Spam-Free Email

A couple of other options for email users looking to kill off spam, viruses etc.

Walla.com (thanks, Rob) is a free, 1 gigabyte thing with a very simple sign-up process.

Nevada-based Komodo (love the name, love the lizard) said yesterday (PDF file) its “unique email services are being tested internally starting this week”. This is a closely guarded “proprietary solution for email and the elimination of viruses and spam through a unique proprietary application”. Sadly you don’t get any more information than that.

And the name? “As a Komodo client, like the lizard of the same name, you are at the top of the food chain in an impenetrable high-security computing environment.” Ummm, sure.