ugh, that guy is at it again?
yes Carr, andris used to be a member of this forum but because of a really bad attitude, slander, and outright plagiarism, i banned him for life. the one and only member ever to be banned for life from here!
so i was reading an article today that made me think of our old buddy andris. it didn't occur to me at the time but remember when all the stuff was going down with him, we also suffered some denial of service. anyway, this article just seems so similar...
www.theverge.com/2018/12/10/18131024/ddos-attack-telescope-forum-cfaa-prisonWhen the FBI appeared at David Goodyear’s doorstep in August 2016, they started asking him about telescopes. The 42-year-old IT specialist and avid stargazer had frequented an astronomy forum called Cloudy Nights. Now, someone had taken the forum offline with a denial-of-service attack, and the evidence pointed to Goodyear.
Goodyear swore innocence at first, but after increasingly pointed questioning, he confessed. One of his accounts had been banned a couple of weeks ago, he said. In a sudden rage, he’d spammed the site with pornography, then posted its address on a site called HackForums.net, asking for someone to attack it. “I was just, like, what the frigg am I being banned for? I was just pissed,” he told his visitors — one from the Federal Bureau of Investigation and another from the Los Angeles Police Department. “I just went up in, just the heat of the moment.”
His visitors seemed mildly amused by the forum drama, and he chatted with them about his $100,000 telescope collection before they left. But one year later, Goodyear was arrested. In December 2018, he was sentenced to more than two years in prison for violating the Computer Fraud and Abuse Act.
It’s a sentence that even Goodyear’s victims don’t want him to serve. A single forum post was enough to direct a temporarily devastating attack on a small business, while federal computer crime laws meant that same post could now come with life-changing consequences.
Distributed denial of service (or DDoS) attacks are one of the simplest cyberattacks: they flood a site with huge amounts of traffic until it can no longer serve pages to real users. At a large scale, these attacks can be incredibly disruptive. The 2016 Mirai DDoS shut down large sections of the web, hijacking insecure smart devices to create an army of bots. Even at a smaller scale, they can cause real harm — like Goodyear’s request did to the owners of the Cloudy Nights forum.
Cloudy Nights is run by Astronomics, an Oklahoma-based company that sells telescopes and other astronomy gear. Vice president Michael Bieler estimates that the forum has around 115,000 registered users swapping advice, space photos, and opinions about telescopes. Bieler describes Cloudy Night as generally “a nice peaceful edge of the internet” where moderators have handed out fewer than a dozen lifetime bans in over 15 years of operation. Politics are prohibited except on a board for discussing light pollution laws.
"“Mods and admins can’t stop me!”"
On August 13th, someone named HawaiiAPUser posted a screenshot of a failed login attempt, indicating they’d been banned under another name. Below was a string of sexual insults and porn links. “Mods and admins can’t stop me!” the user wrote. “I think I will talk with my contacts and just D0S this site as well as A55stronomics,” an apparent reference to a denial-of-service attack.
The next day, Cloudy Nights and Astronomics’ website started getting overloaded with traffic, making the forums unreliable and keeping Astronomics.com almost completely offline. “We’re just a small family-owned business, and he shut us down essentially for two weeks,” Bieler tells The Verge. “I made zero income. It was almost nonexistent.”
As the attack continued, Bieler called the local police and a lawyer who told him to contact the FBI. “I was like, ‘Well, they’re going to laugh at me when I tell them someone got mad on a forum and has decided to take down my website,’” he says now. But at the time, he was deadly serious. Bieler told the agency that he was afraid his company would go out of business if the attacks continued, and that his father — the company’s founder — had gone to the hospital with cardiac problems from the stress. “It is literally killing him,” he wrote in an email.
Cloudy Nights’ moderators, meanwhile, had a good idea who was behind the attack. Goodyear had been a regular visitor until 2013 when he was banned for — as he put it — “mouthing off” to moderators. (Court documents paint a darker picture, saying he followed up with a threatening message “asking to fight” one of them.) He’d created several more accounts since then, and moderators kept banning them. HawaiiAPUser’s screenshot had a timestamp, so they checked which accounts had been active at that moment and whether other people had logged in from the same IP address. Goodyear’s old accounts came up.
On August 31st, the FBI and LAPD visited Goodyear’s house in El Segundo, California. Goodyear professed bafflement about why they’d come, claiming that he wasn’t behind the post. “I kind of washed my hands of this website,” he said, suggesting that an employee or a hacker might have used his network.
The agents threatened to start filing search warrants. “The FBI knows what they’re doing,” one warned ominously. “We caught Osama bin Laden, right? We can catch someone doing a DDoS.”
The argument apparently convinced Goodyear. “I did post that crap about hitting them. I also put on a hack forum, saying, ‘Hey, can you take down this site?’” he admitted. “I think that maybe it went further than what it should have.” But he insisted that he had no hacking expertise and hadn’t paid anyone for the attack. When asked whether he could make the attacks stop, he said he “didn’t know [the HackForum members] well enough.”
"“We caught Osama bin Laden, right? We can catch someone doing a DDoS.”"
It’s not totally clear how the DDoS campaign did end. According to a September 2016 screenshot of Goodyear’s HackForums.net account, the last time he logged in — at least under his original username — was August 29th. The last successful DDoS attempt was on August 30th, the day before Goodyear spoke to the FBI. The attackers may have stopped voluntarily after that, or they might have been stymied by Astronomics’ new defenses since Bieler had hired a cybersecurity expert to help.
In a press release, the Justice Department emphasized “the importance of deterring sophisticated cybercrimes, which are difficult to trace and therefore particularly important to punish.” But the way Goodyear described his crime was almost ridiculously unsophisticated. In his FBI interview, he said he’d searched Google for ways to get back at Cloudy Night. “I was looking for other ways to see if I could take them out, if I could hack... get a botnet or something.” He found HackForums.net, said “screw it,” and signed up.
Either way, a jury found Goodyear responsible for one count of “intentional damage to a protected computer.” A judge sentenced him to a $2,500 fine, $27,352 in restitution, and 26 months in prison.
Bieler had assumed the case was closed until the FBI arrested Goodyear a year later and summoned Bieler to court. He was shocked when he learned about the length of the sentence. He never wanted Goodyear to be imprisoned at all, let alone for two years. “Honestly, I think it’s extreme, what happened,” he says. “We actually asked in our letter [to the court] that he not get prison time. We just wanted him to stop attacking our website.”