Interview with a Professional DDoS Extortionist


Your daily selection of the hottest trending tech news!

According to Deep Dot Web (This article and its images were originally posted on Deep Dot Web September 3, 2018 at 01:33AM.)

– Who are you and what do you do?

My name obviously cannot be mentioned for obvious reasons, but I am a male between the ages of 25-35, living in Australia who enjoys extorting ponzi scheme websites in the crypto niche, BTC casinos, ICO’s and any other relevant cryptocurrency generating business that solely relies upon their website being online for their customers or victims to generate an income, via DDOSing.

– How did you get into the business of DDoS for extortion?

I have always been quite handy at getting what I want from people online for as long as I have used the internet, being a diagnosed narcissistic psychopath has many advantages online and offline. I was bored of the (legal) business I have been running for the past 5 years and decided to learn as much as possible regarding the art of knocking a website offline.

Literally all I did was do a quick Google search and came across a “booter/stresser” service by the name of booter.pw (no affiliation) who at the time (February/March) had quite the strong Layer 7 attack methods. To cut a long story short, I would enter cryptocurrency groups looking for scammers who had half of a brain enough to start a website to set up a ponzi scheme, wait until I found one that was generating ridiculous HYIP % for their “customers” then repeatedly knocking their site offline and subsequently threaten the ‘owner’.

– What kind of success’es you had?

What success I have had over the months has solely come down to my ability to extort via Facebook Messenger in real time with the intended victim, and the strength/power I was able to utilise from such services as the website I mentioned earlier, and nowadays with my own Botnet. The first month I extorted well over $27,000 AUD in 4-5 payments from 2 victims who ran a ponzi scheme & another pleb who still runs a bitcoin / crypto trading course based website.

– What diffrentiate you from the other ddosers that are currently in the market?

The fact I have brought my skills I have learned from committing crimes ‘in the streets’, and used this to excel at my criminal activities online. Think about it, (not all) but many, many people who think they’re internet bad men, or criminals online are nothing more than neckbeards, skids, palsy wheelchair children and none are prepared to do a days jail without snitching on their peers they associate with online.

If you’re going to commit crimes online, at least have a purpose. Don’t DDOS government sites, banks, and retarded places like this as you’ll only invite the long dick of the law into your life (and rectum) for absolutely no reason at all.. you cannot make money from stupid shit like this.. pick your targets intelligently, do the research.. no one gives a fuck about activism, and so forth… how the fuck does knocking some shitty .gov offline affect any government out there who has supposedly done their people wrong.. lol

– And on the more technical level, do you use some ddosing method that is not easily blockable by the victim?

Definitely. So without going into too much detail about the process I tend to use, but I’ll generally start off with checking for the login URL of a website I am planning to attack, i.e randomcryptoexchange.com/login.php. Within seconds of starting an attack the site will be struggling to stay online with 500,000 requests a second (on average) hitting it, most sites I target are behind CloudFlare and will then (or within 5-10 minutes) generally activate their UAM (CloudFlare’s Under Attack Mode – that annoying browser checking screen that loads for 5 seconds then directs you to the homepage of the site you wish to visit).

Once the UAM is activated, I will use a method referred to as JS-Bypass, using bots with regular browser requests that bypass the validation due to the fact they can run the javascript code and also store the cookies which allows the attack to bypass CloudFlare and hit the backend thus downing the website generally in around 60 seconds. This is enjoyable watching victims stress wondering what to do next… hilariously it takes up to a week or more for them to find out what rate-limiting is, and then to see their smart-ass responses and attempting taunts right before…

I hit them with that Smart Bypass 🙂

Essentially this attack method emulates real traffic/users, combats rate-limiting, allows you to set the browser, referrer and a bunch of other options which are quite handy.. the reason it’s called smart? Is because it literally decides whether to speed up, slow down and a number of other options I’ll leave out of this response, to decide how best to attack the target to achieve the desired results.

Usually only takes a few minutes and you can kiss your backend goodbye with this method. It’s a bypass method not only for CloudFlare, but also Incapsula, Blazingfast and so forth.

– You mentioned being repared to do a days jail, Have you been arrested or in prison before?

Yes, I’ve previously spent time in prison over 7 years ago, for a short period of time related to crimes of a violent nature, threatening to kill police etc.. young and dumb. Prison where I am from is not a deterrent – don’t get me wrong, it’s still a shit hole full of losers who are experts on everything but their own lives, but it’s nothing like you would imagine it to be on T.V or something ridiculous like that.

Going to jail any time soon for anything related to what we’re talking about is the furthest thing from my mind.

– What made you want to be interviewed about this?

I enjoy reading a lot about DDOS attacks, in the news and shit like that but the only usual stuff a normal person can come across and read is how some skids on Twitter DDOSed something like Proton Mail, or XboxLive servers on Xmas morning.. really lame shit.. I wanted to bring a different aspect to this industry.

– Have you targeted onion sites or DNM’s for extortion or had any success in that before?

I do find DDOSing things like onion sites and DarkNetMarkets as interesting, but I’m too caught up in clear-net targets to focus the required attention towards the darker sides of the internet.. nothing has actually ever interested me much about hitting a DNM.. something in my gut tells me it wouldn’t be such a smart idea… lol – make of that what you will.

– Anything else you want to add for the readers?

If you come across a DDOS extortionist and you’re a website owner / business owner.

Factor in a few things.. if you pay, you’ll pay again, trust me on that. If you don’t pay, I promise you that you will lose many more thousands, 10’s of thousands and easily hundreds of thousands of dollars worth of sales, customers, and whatever else you could lose from significant downtime for your website.. If you do come across this article – Think very carefully before you respond to an extortionist (If their English is broken or they sound retarded, ignore them) 90%+ chances are that the person on the other end of the threat is just some dumb skid and could barely knock the lid off of a beer bottle let alone your web-server, but if you do come across someone who has unlimited time and resources.. I wish you the best of luck!

|

  • Got any news, tips or want to contact us directly? Feel free to email us: esistme@gmail.com.

To see more posts like these; please subscribe to our newsletter. By entering a valid email, you’ll receive top trending reports delivered to your inbox.

__

This article and images were originally posted on [Deep Dot Web] September 3, 2018 at 01:33AM. Credit to Author and Deep Dot Web | ESIST.T>G>S Recommended Articles Of The Day.

 

Donations are appreciated and go directly to supporting ESIST.Tech. Thank you in advance for helping us to continue to be a part of your online entertainment!

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.