Part II
Businesses are exposed
frixion and dryice
Despite the prosecution expert witness testimony that there was no evidence of the hijack and that it would be impossible not to leave any evidence, Caffrey's defense, which the jury accepted, was that the Trojan horse could have contained a wiping tool to erase any tell-tale traces of its existence.
During his testimony, Caffrey told the court that he thought dryice and frixion were "up themselves" and that he had visited one of their chatrooms on a dot-tv domain set up with stolen credit cards where they had demonstrated their expertise with Trojan horses, Zombies and denial of service tools.
dryice and frixion contacted silicon.com to put forward their side of the story and to warn how many businesses computer systems are inadvertently being hit as inexperienced script kiddies use them as hosts to fight denial of service battles with each other.
silicon.com first asked frixion about the claims against their chatroom and their sharing and demonstration of hacking and denial of service tools.
"We, and many other people, used to use a chatroom with a domain name that was purchased using stolen credit card details. However, the domain was not purchased by us, nor did we obtain the credit card details, this was all done way back in early 2000 by an individual we will not name, who very kindly pointed the sub domain irc.nerd.tv at our servers. At the time when we used this we had no knowledge of how the dot-tv domain was purchased, we only found out later," he wrote in an e-mail.
frixion said both he and dryice made hacking tools for their own use but that they were not for release to the general public and that they did not make denial of service tools – but he admitted having used denial of service tools already out there.
"Back in the mid-nineties, when we were just kids with a brand new 33.6k modems, there was an element of fun to loading up your out-of-band nuker, and watching someone disconnect, but this quickly becomes boring, and you move on," he said.
One of the pictures that emerged during the evidence presented in the trial was that of the intense rivalry between hackers using these chatrooms, which often resulted in people launching denial of service attacks to try and knock each other offline and gain kudos among their peers.
dryice said: "Some set up huge networks of 'zombie' bots, which would at their command launch a coordinated attack at a single focal point using the bandwidth of all of their host machines combined."
These kinds of attacks are unrelated to organized cybercrime gangs, which hold whole corporations to ransom and operate much more secretly than these script kiddies, he said.
But frixion said damage is being done to businesses that are unwittingly caught in the middle of the antics of these script kiddies. The hackers will scan for vulnerable IP addresses--many of which will be those of businesses--download exploits available from any number of underground websites and use the insecure machines to launch a denial of service attack on a rival.
The victim of the denial of service attack--who is likely to be another chatroom user--will then use different vulnerable IP addresses--which could be another unsuspecting business--as hosts to launch an attack back on the hijacked IP addresses that are trying to knock him or her offline.
"So in a very short space of time, multiple businesses can become involved in attacking each other. Most of them are probably used inadvertently," said frixion. "Many businesses probably think 'No one will target us' but what they don’t realize is that these people are not targeting specific organizations or individuals, they’re just incrementing a number, testing machine after machine to get whatever they can."
