Russian held over botnet attack on Amazon.com

Russian held over botnet attack on Amazon.com

Summary: A Moscow resident has been arrested in Cyprus on US charges of launching a DDOS attack on Amazon that overwhelmed the retailer's systems for days

SHARE:
TOPICS: Security, Amazon
7

A Russian man believed to have launched denial-of-service attacks against Amazon.com has been arrested in Cyprus, where he faces extradition to the US.

Dmitry Olegovich Zubakha was detained on an international warrant on Wednesday, the US Department of Justice said. He has been charged with crimes relating to allegations he launched two botnet-based distributed denial-of-service (DDoS) attempts against the online retailer in 2008.

Amazon
A man has been arrested in connection with DDoS attacks on Amazon.com. Image credit: Annette Shaff / Shutterstock.com

"Orders from Amazon.com customers dropped significantly, as legitimate customers were unable to access the website and complete their e-commerce transactions during the pendency of the attack," read an indictment unsealed in district court in western Washington on Thursday.

The Moscow resident is also thought to have tried to use the botnet to overwhelm systems at Priceline.com and eBay, and to have made hacking attempts using 15 or more unauthorised devices.

Zubakha is believed to have used the hacker names 'Eraflame', 'Dima-k17' and 'DDService'. According to prosecutors, he launched the first DDoS against Amazon with a co-conspirator, Sergey Viktorovich Logashov, at 10.23am PST on 6 June, 2008. The company managed to mitigate the attack at 2.55pm.

The botnet involved requested "large and resource-intensive web pages" on a magnitude of between 600 and 1,000 percent of normal traffic levels, according to the indictment. Amazon's servers were overwhelmed, prosecutors said.

A second, more prolonged attack was made against Amazon on 9 June at 10.06am. It continued for days, until Amazon managed to rectify the situation on 12 June.

During the attempt on Priceline.com, Logashov called the market comparison company to offer his services as an IT consultant, according to the indictment. The Moscow resident is thought to go by the hacker handle 'Jjoker'.

Zubakha is also charged with possessing credit card track data — the information on the magnetic strip — for more than 28,000 accounts. The data covers card numbers for Boeing Employees Credit Union (BECU) accounts.

"This defendant could not hide in cyberspace, and I congratulate the international law enforcement agencies who tracked him down and made this arrest," US attorney Jenny Durkan said in a statement.

The charges faced by Zubakha carry potential penalties of up to 10 years in prison and a $250,000 (£160,000) fine.

Topics: Security, Amazon

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Good...

    10 years from now the internet will be so different he won't remember how to hack it.
    johnsmith9875
  • Good!

    Anytime these creeps leave Russia they face arrest. And they'll eventually do that.
    CaviarBlack
  • Loss of life

    No way would I ever give up a citizen of mine to go rot in a jail,lose time from their lives,be sent to some prison full of people who rape children,kill people,ties with some of the most dangerous gangs,tortured by inmates just for hacking....I would try to find a spot where this guy can work..You can hack Amazon then you need a job not taken always from your family,leaving others to pay for them.....Sad to see Russia complying with U.S. NWO..Then breaking sanctions and buying Iran oil with Gold....breaking harsher laws than hacking....Wake up people one day your own kid might hack something with out your knowledge...Think he should spend the rest of his/her life in prison do ya? So many people wi this it's ok until it has something to do with me...Then I want people to listen
    donewntcrzy
    • Loss of Low Life

      I think 20 years in a Russian Gulag at hard labor sounds about right. It would make copy cat criminals think twice about what they are doing.
      Kurt Obermeier
      • The Russians don't care

        As long as their own domains aren't affected, they don't care what happens to the rest of the world.
        CaviarBlack
  • um what?

    people would listen if you made sense. Which you don't. How about you take English as a second language. Then get a grammar primer. Study it and get back to us. Christ that comment made my brain bleed.
    lj2009
  • Hacking is one thing but.....

    Hacking is one thing but doing damage is another. This guy should go to prison or else pay back every dollar he cost the company he hacked.

    donewntcrzy, Give your head a shake. This guy was doing damage.
    Rick Sos