Stupid hacker tricks: The folly of youth

Tech-savvy delinquents set the Net aflame with boneheaded exploits that earn them the wrong kind of fame

Authorities were able to clearly identify Essebar as the author of the worm; not only had he signed it with the words "by Diabl0" buried in the source code, but he'd written the worm using Microsoft's Visual Studio, which embeds information about the computer on which the code is written into the compiled program -- in this case, the directory path "C:\Documents and Settings\Farid." D'oh!

When Moroccan cops seized his computer, Essebar had formatted the hard drive. Forensic specialists helped recover the source code, which had not been completely wiped clean from the drive. In contrast, Turkish authorities had a more difficult time establishing evidence against Ekici because he'd physically removed and thrown out his hard drive days earlier.

Lessons learned: If you don't want to draw attention to yourself, avoid targeting major media organizations with your poorly designed malware attacks. Always throw out your hard drive that contains all the source code and evidence of your criminal malware creations before the cops arrive. Name your account on your malware creation computer something innocuous, like "user." Also, neither Turkish nor Moroccan prisons are places you want to be. Ever.

When the DDoS ain't stoppin' expect the cops to come knockin'

Perps: Ivan Maksakov, Alexander Petrov, and Denis Stepanov

Status: All three are guests of the Russian penal system, sentenced to eight years at hard labor and a 100,000 ruble fine

Dossier: Looking to make a little extra money while at college in 2003, Ivan Maksakov, then 22, devised an inventive, entrepreneurial scheme that probably sounded good at the time: He created a botnet to engage in DDoS (distributed denial-of-service) attacks and then blackmailed online gambling sites based in the UK, threatening to take the sites down during major sporting events.

However, Maksakov -- a student at the Balakov Institute of Engineering, Technology, and Management -- couldn't anticipate that the Russian government, looking to demonstrate its resolve in dealing with cybercriminals, would make an example of him.

The botnet, based in Houston, was directed to launch DDoS attacks against the UK-based bookmaking Web sites and online casinos only if Maksakov's demands weren't met. According to Russian news reports, Maksakov, along with co-conspirators Alexander Petrov and Denis Stepanov, attacked nine Web sites from the US autumn of 2003 until the US spring 2004. The sites were initially attacked for a short time, before a ransom demand was e-mailed.

In one example, the attacks crippled a site run by Canbet Sports Bookmakers during the Breeders' Cup horse races, costing the firm US$200,000 for each day it was offline. But even when the firm paid a US$40,000 ransom to a Western Union account in Riga, Latvia, the attacks continued.

Authorities allege that the attacks for which the trio were convicted cost the UK-based Web site operators upward of US$4 million, not including an additional US$80 million the companies paid out for additional bandwidth and security hardware designed to thwart DDoS attacks. Charges weren't filed for 54 similar attacks the group is alleged to have engaged in, affecting companies in 30 other countries.

Britain's intelligence services tracked the IP address used to send commands to the botnet to Maksakov's home computer. When the British government provided the information to the Russian Federation's Interior Ministry, the three were arrested. Authorities say at least 13 others who have not been arrested were involved in the scheme, including 10 people working as "money mules" in Riga, two other cyberattackers in Kazakhstan, and one more in Russia.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Andrew Brandt

Show Comments


Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >


Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >


HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >


Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?