– IRC News

All about Internet Relay Chat

Zotob-coders Locked Behind Bars

The coders of the Zotob worm have heard their sentence in a Moroccan court. Farid Essebar, a 19-year-old programmer got 2 years of prison, and his accomplish Achraf Bahloul 1 year. A third individual is awaiting sentence in Turkey.

The two got arrested just 2 weeks after the worm started to spread. The worm infected systems from companies like CNN, The Financial Times, ABC and The New York Times. Systems infected were used to collect credit card data and perform DDoS attacks. The systems were being controlled from IRC channels.

Three Years Jail for DDoSer

Christopher Maxwell, 21, of Vacaville, California, has been sentenced to jail for three years. IRC-Junkie reported about him being charged in february of this year.

Aside of the hospital other networks that were affected included the department of defense and a California school district.

He would rent out his network to perform DDoS attacks, and the infected machines earned him money with showing advertisements.

The judge showed little sympathy for Maxwell, calling him “incredible self-centered” with little regard for the impact of his actions on others. She also wanted Maxwell to be set as “deterrence for all those youth out there who are squirreled away in their basements hacking”.

Defense attorney Steve Bauer hoped for probation and community service. In his defense he argued that Maxwell had no prior criminal record and that he never had thought his bot would spread so far.

Bali Bomber used IRC to Promote Terrorism

Indonesian police arrested two Indonesian men, Agung Setyadi (31) and M. Agung Prabowo (24), after they learned they have been chatting on IRC with Imam Samudra who is awaiting execution for organizing the Bali terrorist attack.

How Imam Samudra has exactly been able to connect to the Internet is not made public, but it in the Indonesian press it is thought that a laptop and GSM phone have been smuggled into the prison. Such items are disallowed possessions for prisoners however, and it is also unclear how the guards have not noticed these items afterwards.

Agung Setyadi is the brother of Adhitya Triyoga, who has previously been arrested for terrorist activity. Agung Setyadi has been lecturing computer science and information technology at an Indonesian university. Police said that Imam Samudra asked Agung Setyadi to buy a laptop with stolen credit card information (commonly called carding) which he refused. Eventually Agung Setyadi sent money to Adhitya Triyoga which he used to buy the laptop. A prison guard has been used to deliver the laptop.

The two met on IRC channels #cafeislam or #ahlulsunnah. The other man arrested has been helping Agung Setyadi to build a website called This site provided information on how to prepare a terrorist attack.

It is unknown what the effects of this will be. Was Imam Samudra able to recruit new members? Did he maintained his old network? Parliament members have pressed for an independent investigation but it looks the government is not willing to start one.

One User Causes Networkwide ISP Ban on GameSurge

“At approximately 5pm PST today all BellSouth hosts were blocked due to inaction by their abuse department. We are currently working with BellSouth support to resolve this issue. Once BellSouth addresses our abuse complaints with them, we will remove the block on BellSouth hosts”, GameSurge admin Cradly announced on the networks’ website.

Major IRC networks are occasionally forced to GLine an entire ISP due to inactivity after abuse reports. This time however, it was a single user. “… it was an actual user who would persistently evade bans and G-lines” another GameSurge admin, Entrope, explained to IRC-Junkie.

Bellsouth is a dynamic ISP, making it hard to GLine a single user, as (s)he can simply reset his connection to gain a new IP.

After the network tried to contact Bellsouth to solve the problem and found no reply, they decided that a ban for the entire ISP was unavoidable. Entrope explains: “The ISP-wide G-line included a contact number for Bellsouth customers to call and let Bellsouth know that the lack of response was causing problems for them.  Once that happened, Bellsouth responded in an admirably quick time, and they have assured us that they will make appropriate efforts to resolve the problem.”

Within three hours after the GLine was put in place, Bellsouth replied and the GLine was removed. “Ideally, ISPs would respond to abuse reports without their users having to call in”, Entrope said.

Hacker 9 Years in Jail

23-year-old Brian Salcedo appealed against his sentence which was 9 years old, which the judge reconfirmed.

A fried of Salcedo detected an insecure wireless network while wardriving. Returning with Salcedo they were able to enter the network and modify software in such way that the two could gain creditcard information of customers of Lowe’s in Southfield, Michigan, USA. Salcedo was at that time in hist last month of probation of a 3 year period which he received for computer-criminality while being underage.

The two discovered that from the server gained access they were able to enter the main server of the company serving the whole country. Lowe however discovered the crack and warned the FBI. The FBI posted and noticed a car with antenna’s and went in for the arrest.

At that time, the malicious software only gained 6 creditcard numbers, of which the two haven’t seen a single one with their own eyes. Despite this, Brian Salcedo got convicted to 9 years of jail, the heaviest sentence ever against a cracker. The sentence is especially remarkable as other crackers who were responsible for far more damage got much lighter sentences.

The judge however did not based the sentence on what damage they had done, but what damage they could have done.

Salcedo appealed against this sentence, and now has lost. He can at the earliest be released in May 2011. His friend was sentenced to 26 months in jail.