A 21-year-old hacker who was responsible for a series of distributed denial of service (DDOS) attacks against several big tech companies including Google and Microsoft-owned Skype has been sentenced to two years of prison last week. Alex Bessell from Liverpool admitted to running a ‘Deep Web’ business called Aiobuy through which he illegally earned more than $700,000 by selling about 9,000 malicious IT products including remote administration tools, Botnets, crypters, and booter access solutions.
According to West Midlands detectives, Aiobuy had over 26,000 paying customers who made about 35,000 purchases through the Dark Web business. The hacker also exploited at least 9,000 ‘zombie’ computers with which he launched DDoS attacks against Google, Skype, and Pokemon GO. In July 2016, the servers of the popular augmented reality mobile game crashed a couple of times, with a cyber hacking group called PoodleCorp later claiming that it was responsible for the attack, though Niantic did not confirm the allegation. Shortly after the hacking group made that claim, another group known as OurMine announced that it was behind other instances of DDoS attacks against Pokemon GO's servers, rendering the location-based game useless for millions of players worldwide. It's not immediately clear whether Bessell's malware tools were used to orchestrate all DDoS attacks on Pokemon GO servers but the hacker is believed to have sold his malware tools to those groups. DDoS attacks are meant to overwhelm a server with a huge amount of traffic from multiple sources to the point that it can no longer handle the traffic flow, causing it to crash and render whatever service it was hosting unusable.
West Midlands authorities noted that the case was one of the largest cybercrime prosecutions in the county's history, with Bessell offering malicious tools for any hacking group that wanted to execute DDoS attacks across the web. The hacker also pilfered around 750 usernames and passwords using his botnet. DDoS is presently one of the biggest cyber threats on the Internet and it does not discriminate against its potential targets, which include the Android platform. Last August, Google removed around 300 apps from the Play Store for secretly turning devices into WireX botnet members used for conducting DDoS attacks against several major content providers and delivery networks.