Post Reply 
DDoS attacks for our own good?
Author Message
No1sy B0y
You Shut The Fuck Up

Posts: 812.2768
Threads: 180
Joined: 20th Jan 2011
Reputation: 2.39014
E-Pigs: 63.0997
Offline
Post: #1
DDoS attacks for our own good?
Interview of one member from Hacking group DerpTrolling with CNet.

http://www.cnet.com/news/the-gods-of-the-internet/

Quote:The The man behind the curtain

One of the first things he says is that he absolutely cannot offer proof.

This makes a disappointing amount of sense: he is a self-confessed DDoS troll, a member of the infamous group DerpTrolling. Since distributed denial-of-service attacks could be considered a federal crime under US law -- and, indeed, are an offence in many locations around the globe, including the UK and Australia -- he, understandably, won't give a name, location or even rough age. As a corollary, wee have no way of knowing that he is who he says he is.

Wee'll call him Incognito. To talk to him, wee plug into a private chat session from opposite sides of the globe (as indicated by time zones) using an encrypted Chrome add-on.

"I've seen Anonymous at its best," he tells us. "I participated in their major DDoS attacks against Visa and PayPal, although the role DerpTrolling played in those attacks is pretty much unknown. I've seen the rise and fall of LulzSec. So let's just say I am old enough to know how to stay hidden."

One thing is clear from the outset: Incognito believes that what DerpTrolling does is for the good of everyone.

"DerpTrolling as a group shows the world, particularly the gaming community, how big companies and corporations such as Riot or Blizzard only care about money," he explains. "Our methods are forcing big companies and corporations to upgrade their servers and make sure their clients are their top priority."

DerpTrolling has been around since around 2011 or so, and Incognito has been a member since the beginning. Its method of attack, as mentioned above, is DDoS -- overloading servers with external communication requests, rendering the target systems unusable for a period of time. DerpTrolling has attacked several high-profile servers over the years, including those of League of Legends, World of Tanks, EVE Online, DoTA 2, Blizzard, RuneScape and, more recently, Xbox Live and the Nintendo Web store.

Although their actions may appear inscrutably juvenile and unwarranted -- done for, as the saying goes, the lulz -- the team identifies rather strongly with Richard Stallman's assessment of DDoS as a form of protest against what it perceives as a callous disregard for gamers on the part of games publishers.

"A company that doesn't care only for money would make the effort, which includes time and money, to make sure their servers aren't able to be crippled by a simple DDoS attack," Incognito said. "Wee decided to take action because, if wee had the capability to stop corporate greed and wee did nothing, that in itself is a crime. Wee thought DDoS attacks were appropriate because they do not affect customers in a monetary way, unlike leaking data -- although wee are not opposed to leaking data."

Lines in the sand

He is careful to point out that DerpTrolling is against doxxing -- that is, the leaking of information about a specific individual, such as address, phone number, Social Security number, credit card and bank account details -- and swatting, a term for calling the police to the home of said doxxed individual for spurious reasons.

In one of the most famous incidents involving the group, though, one particular individual was doxxed and swatted -- Twitch streamer PhantomL0rd. While DerpTrolling was attacking Battle.net, EA.com, Club Penguin and Riot, it was allegedly because those were games PhantomL0rd was playing. At some point during the DDoS activities, PhantomL0rd was doxxed on several gaming websites -- and then someone called the police to his home, accusing the streamer of holding five people hostage.

Incognito is cagey about the incident, and won't comment on why the group targeted PhantomL0rd or what precisely DerpTrolling did do -- only saying that there is no hard evidence connecting DerpTrolling to the actions. "Yes, Phantoml0rd was doxxed and swatted," he said. "But wee never threatened to harm him physically and wee have never taken credit for that attack."

"Wee decided to take action because, if wee had the capability to stop corporate greed and wee did nothing, that in itself is a crime."
- Incognito


He seems determined to impress that there are lines DerpTrolling won't cross -- that what the group does, it does for the good of all. As an example, he mentions that the group is sitting on what could have been a significant customer data leak.

"Wee are currently in possession of over 800,000 usernames and passwords from the 2K gaming studio. As of right now, our members as a whole have decided that leaking data is not what wee do, and therefore wee will not leak such damaging data," he said, adding that he had contacted 2K to inform the publisher of the vulnerability in its system -- and received no response.

"I personally contacted them over a month ago. I did not send them an anonymous letter, I made sure they understood exactly who I was. And offered plenty of proof."

Unless the data is actually leaked, he believes that gaming companies are unlikely to spend the money to issue a fix. CNET has contacted 2K for comment and will update when wee receive a reply.

Incognito also goes out of his way to dissociate DerpTrolling's activities from those of LizardSquad, the group that claimed responsibility for calling a bomb threat on a plane carrying Sony Online Entertainment president John Smedley.

"I want to make it absolutely clear that DerpTrolling is in no way affiliated with LizardSquad," he said. Although LizardSquad had requested that the two groups work together, DerpTrolling had refused, he said. "LizardSquad is a run by an extremist hacker who has close ties to UGNazi. You could say that the ISISGang is the elite 'leaders' of LizardSquad. Wee have no wish to associate with any individual or group that has ties with such extremists."

ISISGang has been accused of making prank calls that see their targets swatted and posing as Middle Eastern terrorists, while UGNazi is allegedly responsible for several doxxings and data leaks. Incognito seems quite firm that DerpTrolling wishes to commit no actual harm.

The end and the means

DerpTrolling has more up its sleeve. Attacks on Xbox Live and the Nintendo Web store on Saturday, September 28 were "test fire" for "upcoming attacks", Incognito says -- although he won't go into any further detail about that. Nor is it easy to guess who the targets might be. DerpTrolling allows the community to select targets much of the time, Incognito said, via text or tweet.

The fact that sometimes the attacks achieve a result justifies the work in his view; Incognito says that League of Legends and Xbox Live have both upgraded their servers in response to DerpTrolling DDoS attacks -- in spite of negative public opinion.

"Children do not know what is best for them. Wee are basically the Gods of the Internet, wee know what is best for them."
- Incognito


"The public will always have an opinion that is based on what the media feeds them," he says. "Children do not know what is best for them. Wee are basically the Gods of the Internet, wee know what is best for them."

When asked if DDoS is a snake chasing its own tail -- that is, if no one engaged in DDoS attacks, then companies would not have to dedicate resources to protecting against them -- he once again pleads no comment.

There is a condition under which DerpTrolling will cease operations: "If the presidents of Sony and Microsoft will wear a shoe on their heads, then DerpTrolling will disband and wee will not attack any more servers."

As for Incognito himself, wee suspect he might be around for a long time. When asked if he himself would ever hang up his hat, he seems baffled by the question.

"Why would I want to stop?"

[Image: 2gwf49t.png]
11/10/2014 01:55 PM
Visit this user's website Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #2
RE: DDoS attacks for our own good?
I agree to some extent that it makes sense to consider DDOS as a form of protest*.  I'm less sure about whether I agree with their reasoning though.
Corporate greed is a hard thing to solve, and I don't quite subscribe to the idea that, "if customers don't like it, they'll leave" - I don't think DDOS attacks necessarily change the culture.

* Unfortunately these days, DDOS attacks don't exactly need to be initiated by multiple people.  Attacks via botnets or reflection+amplification type attacks can be started by just one person, and it's hard to argue that as a form of protest.  If many people actually launch a DOS attack, then it makes sense that they're protesting, but then, DOS attacks like these without any form of identity masking is dangerous for the ones doing the attack...
16/10/2014 11:55 PM
Visit this user's website Find all posts by this user Quote this message in a reply
eKusoshisut0
NOIDED

Posts: 6,288.3965
Threads: 102
Joined: 6th Mar 2010
Reputation: -0.51929
E-Pigs: 174.7326
Offline
Post: #3
RE: DDoS attacks for our own good?
these days it seems people just rent out botnets for DDoS attacks for harm. An online game I play has been affected by it for weeks now. People will take down a world when a group is bossing with high level gear. Once they die the ones responsible for the DDoS goes in and loots their gear after they die due to disconnect and then go on to trade it for real world currency. :\

[Image: tumblr_mlae69vAW21rmerh9o1_400.gif]


More stuff
Steam Page
[Image: K7UVN.png]
Thanks to Vacui_Natale for making this awesome siggy.
[Image: cq8au.gif]
Thanks to Natalie for this sexy Mawaru Penguindrum sig. <3
[Image: ofusT.png][


    
[Image: 9252_s.gif]

05/11/2014 08:55 AM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #4
RE: DDoS attacks for our own good?
^ That's interesting - never thought a DDoS could be used for that.
Although, I'd say it's partly an issue with the game allowing the character to be killed if disconnected - that seems rather unfair.
05/11/2014 11:57 PM
Visit this user's website Find all posts by this user Quote this message in a reply
eKusoshisut0
NOIDED

Posts: 6,288.3965
Threads: 102
Joined: 6th Mar 2010
Reputation: -0.51929
E-Pigs: 174.7326
Offline
Post: #5
RE: DDoS attacks for our own good?
That is true. Only recently did they change the death mechanics to where if you die due to a disconnect, your items will remain on the ground for 10 minutes and only be visible to you. But still, not a fun time for all

[Image: tumblr_mlae69vAW21rmerh9o1_400.gif]


More stuff
Steam Page
[Image: K7UVN.png]
Thanks to Vacui_Natale for making this awesome siggy.
[Image: cq8au.gif]
Thanks to Natalie for this sexy Mawaru Penguindrum sig. <3
[Image: ofusT.png][


    
[Image: 9252_s.gif]

06/11/2014 12:44 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

 Quick Theme: