Hackers Admit to Wave of Attacks
An Ohio computer hacker who served as a digital button man for a shady internet hosting company faces prison time after admitting he carried out one of a series of crippling denial-of-service attacks ordered by a wealthy businessman against his competitors.
In a deal with prosecutors, Richard "Krashed" Roby, 20, pleaded guilty in federal court in Toledo last month to intentionally damaging a protected computer, after launching a 2003 attack on an online satellite TV retailer that caused at least $120,000 in losses.
Jay Echouafni, the 38-year-old satellite TV mogul who allegedly ordered and funded the cyberhits, went on the lam last year, and remains a fugitive from a federal indictment out of Los Angeles.
In a related deal, 31-year-old Paul Ashley, former operator of the Foonet hosting service, admitted to recruiting three other computer intruders to carry out Echouafni's orders.
Until it was shuttered by an FBI raid last year, Ashley ran Foonet from a basement server room in his suburban Ohio home. The enterprise enjoyed a double-edged reputation for providing hosting that could stand up to distributed denial of service, or DDOS, attacks, even as it gave safe harbor to members of the computer underground drawn to the bulletproof service.
"Every script kiddy on IRC had a shell there," says Andrew Kirch, a security administrator for the Abusive Hosts Blocking List. "Spamming, hacking, phishing, DDOS networks -- you want to run scans for a large amount of IP space for prevalent Windows vulnerabilities? Set up there."