Free Essay


In: Computers and Technology

Submitted By sucker28574
Words 568
Pages 3
In early February of 2000, several distributed-denial-of-service (DDoS) attacks were launched against some pretty big name sites; Yahoo, Amazon, Dell, E*Trade, CNN, and eBay to name a few. These attacks were executed by MafiaBoy through hijacked university networks. He remotely controlled these networks to carry out his attacks.
It was his sloppy work and bragging to others that got him caught. "One technician at University of California Santa Barbara, the site of one of Mafiaboy’s zombie networks, described Mafiaboy’s work as 'sloppy' and he 'left an obvious trail.' Investigators simply required the ability to analyze router logs of captured computers (at the University of California and University of Massachusetts) and thus trace the link back to other hacked machines and a Canadian Internet Service Provider (ISP), and provide a profile of the behavior of an account." (Genesko, 2006) It was quite funny though at first that he was not even considered a suspect even though he bragged on numerous occasions on Internet Relay Chat (IRC) channels. He was labeled as a script kiddie because he did not write his own exploits. He acquired the rootkit necessary to exploit the computer systems of the universities. This allowed him to plant the Denial of Service (DoS) programs on the infected computers which were then told to attack a site when he took control. This created a DDoS attack, which flooded internet web servers with too many requests for it to handle.
He was charged under subsections 342.1(1) (unauthorized use of computer) and 430(1.1) (mischief in relation to data) of the Criminal Code (R.S.C. 1985, c. C-46) by the Royal Canadian Mounted Police after being caught in April of 2000. He had entered a plea of not guilty and prosecutors spent over a year gathering evidence against the young man. Prosecutors were “willing to consider a plea agreement, but only if it includes some confinement.” (Johnson, 2000) In January of 2001, “the Montreal teen known by the online nickname MafiaBoy pleaded guilty to 57 of 67 charges,” (Chipello, 2001) that he was charged with. He said it was to move on but there was speculation that if he had went to trial, he would have to not only name names of others in the hacker communities, he would have to give up the scripts and exploits he used and he did not want to do that. He was sentenced “to eight months open custody, one year of probation, and a modest fine of $250 to be donated to the non-profit organization Sun Youth.” (Genesko, 2007)
MafiaBoy, later identified as Michael Calce, is “now a Montreal, Canada-based Internet security consultant,” (Gross, 2011) as of 2011 when interviewed by one of the sites he was able to successfully take offline; CNN. References
Chipello, C. (2001). Mafiaboy Admits to Most Charges Related to Attacks on Web Sites. Retrieved from
Genesko, G. (2006). FCJ-057 The Case of ‘Mafiaboy’ and the Rhetorical Limits of Hacktivism. Retrieved from
Genesko, G. (2007). Learning from Mafiaboy. Retrieved from
Gross, D. (2011). ’Mafiaboy’ breaks silence, paints ’portrait of a hacker’. Retrieved from
Johnson, K. (2000). Mafiaboy. Retrieved from…...

Similar Documents

Free Essay

Secutiry in Informatics

...txt, momind utilizatorii să-l deschidă. Până la apariţia sa, fişierele de tip text erau considerate fişiere sigure. Pe masura ce comerţul prin intermediul internetului a devenit din ce in ce mai popular, a crescut şi numărul de atacuri rău intenţionate.Hacking-ul în 2000 a crescut cu 79 la sută faţă de 1999,potrivit unui raport publicat de către FBI Computer Emergency Response Team (CERT). Chiar şi site-urile web de renume, cum ar fi Yahoo, America Online, eBay, şi au fost expuse ca fiind vulnerabile, costand firmele milioane de dolari şi subminand încrederea deja precară a cumpărătorilor on-line. În cele din urmă, unul dintre autorii cheie în multe dintre aceste atacuri, un băiat canadian de 16 ani care opera sub numele de Mafiaboy, a fost arestat, iar autorităţile au descoperit, de asemenea, ca el a fost cel care a atacat si reţelele de calculatoare de la Universităţile Harvard şi Yale. În timp eliberarii sale conditionate, băiatului i-a fost interzisă utilizarea Internet-ului sau a cumparaturilor de la magazinele care vindeau calculatoare; numai atunci când era supravegheat de un profesor la şcoală, el putea folosi un computer. Tendinţele şi analiştii in industrie sunt de parere ca eforturile propagatorilor nu se vor domoli. Anul trecut a fost sesizat primul virus destinat telefoanelor mobile şi tehnologiei Bluetooth. In prezent, 35% din PC-urile din SUA sunt infectate în timp ce în China şi India s-a atins un procent de 50%. Familiile de virusi 1.......

Words: 5182 - Pages: 21

Free Essay

Information Security Today

...of organization has information hole which can damage organisation privacy and cost millions. So it is very important to have organisation security in right hand and monitor employee, server data who is accessing what kind of information. A highly protected organisation always gives restricted access to the users. 4. Deliberate software attacks ANS: Deliberate software attack uses unauthorised software to attack the system. This software is called malicious software. It can damage the computer system. The most common type of software attacks are virus or worm attack, Trojan horses, back doors and logic bomb. Example: Prominent among the history of notable incidences of malicious code are the denial-of-service attacks conducted by Mafiaboy (mentioned earlier) on,,,,,, and These software-based attacks lasted approximately four hours, and are reported to have resulted in millions of dollars in lost revenue.9 The British Internet service provider Cloud nine is believed to be the first business “hacked out of existence” in a denial-of-service attack in January 2002. This attack was similar to denial-of-service attacks launched by Mafia boy in February 2000. (Whitman, M. E., & Mattord, H.J. 2012, p46). 5.Forces of nature Ans: Forces of nature can occur anytime and destroy the computer system as well as security. These threats are such as fires, floods, earthquakes, and lightning. Forces of nature......

Words: 1130 - Pages: 5

Premium Essay

Computer Security Management

...(cont.) 3) Denial of Service (DoS) attacker sends a large number of connection or information requests to a target target gets overloaded and cannot respond to legitimate requests in case of distributed DoS - DDoS, a coordinated stream of requests is launched from many locations (zombies) at the same time zombie: a compromised machine that can be commanded remotely by the master machine defence against DDoS requires coordinated actions by ISPs, organizations, software providers, etc. e.g. prevent spoofing, block (broadcast) requests, patch computers, user latest antivirus tools, etc. Attacks (cont.) zombie zombie target zombie zombie master Attacks (cont.) Example: Mafiaboy story - DDoS In 2000, a number of major firms were subjected to devastatingly effective distributed denial-of-service (DDoS) attack that blocked each of their e-commerce systems for hours at a time. Victims of this series of attacks included:, eBay,,,, ZDNet, and other firms. The Yankee Group estimated that these attacks cost $1.2 billion in 48 hours: $100 million from lost revenue $100 million from the need to create tighter security $1 billion in combined market capitalization loss. At first, the attack was thought to be the work of an elite hacker, but it turned to be orchestrated by a 15-year-old hacker in Canada. He was sentenced to eight months detention plus one year probation and $250......

Words: 4051 - Pages: 17

Premium Essay


... 224 Briney, Andy, 185 British Standard (Information Technology—Code of Practice for Information Security Management), 225 brownout, 58 asynchronous tokens, 339 asynchronous transfer method (ATM), 350 ATM. See asynchronous transfer method; automatic teller machine attachments, blocking, 250 attack(s). See also specific attacks; threats contingency planning and, 80 CSI/FBI survey data on, 290 described, 59 frequency of, 290–291 planning and, 57 profiles, 80, 88 risk management and, 60 types of, 40 vulnerabilities to, 378 attacks, by name. See also attacks; denial-of-service attacks brute force attacks, 59, 60, 338 buffer overflow attacks, 59 counterattacks, 98–99 identification and prioritization, 79–80 IP spoofing (land) attacks, 60 Mafiaboy attacks, 89 man-in-the-middle attacks, 60, 377 password attacks, 309 port-scanning attacks, 324 profile, 80 reported, 87 scenario development, 80–81 scenario end case, 81 social engineering attacks, 60, 362, 418–421 software, 58, 59 timing attacks, 60 war driving attacks, 359 B back doors, 58, 59 background checks, 412 backups, 91, 97, 226, 283, 285, 217 baselining, 253–255 Basic Input/Output System (BIOS), 282 bastion host, 348 BC plan. See business continuity plan BCP. See Business continuity planning behavior based IDPS, 356 behavioral feasibility, 320 types of leaders, 8–9 Index browsers, 206, 362, 374 Bruno, Angelo, 75 Bruno, Lee, 75 Bruno’s supermarket chain, 75 brute force attacks, 59, 60 BSPs. See best security......

Words: 229697 - Pages: 919

Premium Essay

Information Security

...individual or group designs and deploys software to attack a system. Most of this software is referred to as malicious code or malicious software, or sometimes malware. These software components or programs are designed to damage, destroy, or deny service to the target systems. Some of the more common instances of malicious code are viruses and worms, Trojan horses, logic bombs, and back doors. Prominent among the history of notable incidences of malicious code are the denial-of-service attacks conducted by Mafiaboy (mentioned earlier) on,,,,,, and These software-based attacks lasted approximately four hours, and are reported to have resulted in millions of dollars in lost revenue.9 The British Internet service provider Cloudnine is believed to be the first business “hacked out of existence” in a denial-of-service attack in January 2002. This attack was similar to denial-of-service attacks launched by Mafiaboy in February 2000.10 of IP constitutes a threat to information security. Employees may have access privileges to the various types of IP, and may be required to use the IP to conduct day-to-day business. Organizations often purchase or lease the IP of other organizations, and must abide by the purchase or licensing agreement for its fair and responsible use. The most common IP breach is the unlawful use or duplication of software-based intellectual property, more commonly known as software piracy.......

Words: 24411 - Pages: 98

Premium Essay


...arising from his DoS attack on CNN. Because he was a juvenile, his name can not be publicly disclosed, so he was called by his Internet pseudonym Mafiaboy. The Royal Canadian Mounted Police seized Mafiaboy's computer. CNN reported that Mafiaboy was granted bail, with the following conditions: "may only use computers under the direct supervision of a teacher." "prohibited from connecting to the Internet" prohibited from entering "a store or company where computer services or parts are sold." "barred from communicating with three of his closest friends." On 3 August 2000, Canadian federal prosecutors charged Mafiaboy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks on, eBay, Dell Computer,, and Yahoo. Mafiaboy had also attacked other websites, but prosecutors decided that a total of 66 counts was enough. Mafiaboy pled not guilty. In November 2000, Mafiaboy's bail was revoked, because he skipped school in violation of a court order. He spent two weeks in jail. In December 2000, Mafiaboy, now 16 y old, dropped out of school (after being suspended from school six times since the beginning of that academic year, and failing all of his classes except physical education), and was employed at a menial job. He was again granted bail. On 18 Jan 2001, Mafiaboy pleaded guilty to 5 counts of mischief to data and 51 counts of illegal access to computers. As part of a plea agreement between his......

Words: 7299 - Pages: 30

Premium Essay


...information are becoming more sophisticated and difficult to control. Hackers can use knowledge about their information and take advantage of the carelessness and understanding of the user to attack them and take away many properties of valuable information. Many cases have demonstrated, the consequences of the lack of security in the network are extremely hazardous. Sensitive information stolen can cause damage to individuals, organizations or nationals. A typical example is the MafiaBoy. Mike Calce known only by the name MafiaBoy by the law enforcement agencies of Canada has banned the media revealed his real name. May 2-2000, by 75 PC using over 52 different networks , Calce had held a denial of service attack (Denial - of - Service) massive knock of 10 consecutive website company, such as: Amazon, eBay, E*TRADE, DELL...No damage any official numbers are announced. Analysts estimated damage could reach $1.7 billion Canadian (Measured by value is now about $1.6 billion). There are many methods devised to solve the problem of information security. However, current approaches only stop at encouraging users to protect themselves by equipping the basics of network security. In addition, governments and agencies should make laws to punish the crime of violation information. The next issue that we know, the development of software applications requires the labor of the human mind, and create high-tech products have been paid properly by......

Words: 883 - Pages: 4

Free Essay

Yea Baby

...the CEO in a very profound manner whereas someone higher up would need more proof of your presence. 19. When more data is sent then the receivers buffer can handle this usually results in a non-buffer application memory being overwritten. If this were to happen on a webserver this could allow an attacker to run executable codes on the web server to either manipulate files immediately or create a backdoor for later use. Exercises 1. I believe this hacker falls into four major categories: deliberate acts of trespass, compromises to intellectual property, technical failures, and managerial failure. 2. Michael Demon Calce, also known as Mafiaboy, was a high school student from West Island, Quebec, who launched a series of highly publicized DDOS (denial-of-service) attacks in February 2000 against large commercial websites. Mafiaboy was caught because he left traces of evidence that lead to him he used one of the computers at a local university to launch an attack on CNN he also admitted in a chat room conversation that he was the one causing all the frenzy among the organizations. 3. The information on the protection page of the manual. 4. Was not able to search on this webpage. 5. People: Employees low awareness for information security. Internet Security: malware, spyware and Trojans Social engineering: The art of manipulating people in performing task to gain access to confidential information....

Words: 859 - Pages: 4

Free Essay

Timbuk2 Success in the Bag

...the Newscorp satellite pay to view encrypted SKY-TV service was hacked several times during an on-going technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which Newscorp did not have the copyright to allow.[23] On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and a copy of the virus spread via e-mail to other people. In February 2000, an individual going by the alias of MafiaBoy began a series denial-of-service attacks against high profile websites, including Yahoo!,, Dell, Inc.,E*TRADE, eBay, and CNN. About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computerssending pings in DDoS attacks. On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks. The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as "the baddest of the bad".[24] It offers web hosting services and internet access to all kinds of criminal and......

Words: 2869 - Pages: 12

Free Essay

The World of Cybercrimes

...split up into three different categories. Black hat hacker, white hat hacker and grey hat hacker. Not all hackers are necessarily bad. But let us break them down by the different types. A black hat hacker is the type of hacker that we hear about the most. There are many movies based on the black hat hackers. Black hat hackers are the “bad boys” of the hacking world. They are criminals that have found a way to make money by committing crimes against people on the internet. These crimes can be against individuals or companies. The main goal is to wreak havoc and disrupt lives. Some of the most well-known black hat hackers include Kevin Poulsen (Dark Dante), Albert Gonzalez, Vladimir Levin, Robert Tappan Morris, Michael Calce (MafiaBoy), David Smith, Adrian Lamo, George Hotz, Jonathan James (c0mrade), Gary McKinnon, and Steve Jobs. Kevin Poulsen aka Dark Dante hacked into the telephone lines of KIIS-FM, a radio station in Los Angeles, and won a brand new Porsche 944 along with other prizes. Poulsen was named “Hannibal Lecter of computer crime” by the FBI in the 1980’s. He went underground but was captured in 1991. He was sentenced to just over four years in prison. He is now a senior editor for Wired News and one of his articles explains how he helped to identify 744 sex offenders that had MySpace. Albert Gonzalez was a black hat hacker in every sense of the word. While most black hat hackers can turn it around and make a positive impact by helping the......

Words: 8856 - Pages: 36

Free Essay


...other hacking tools, like phishing, to steal people’s identity or sign them up for expensive services, which they reap the profits. However, some of these criminals do it for thrill of the chase. According the reading CompCriminal.doc there are two types of cybercriminals, the non-professional hacker and the professional hacker. Another form a cyber-attack called the DoS attack or denial-of-service. “The attack is designed to paralyze websites, financial networks and other computer systems by flooding them with data from outside computers.” (James, 2009). The first document case of a DoS attack was in 2000 by a 15-year old Canadian boy nicknamed “Mafiaboy”. This attack was against several e-commerce sites including and There have been several other hackers prior to “Mafiaboy”. Two of the notorious cybercriminals were Kevin Mitnick and Robert Morris. In 1982, Mitnick broke into the North American Air Defense Command’s computer system. Mitnick was arrested, and convicted for his cybercrimes 1989, which was the first time he was convicted. In 1988, Morris created an Internet worm, which halted almost all Internet activity. He claimed it was an experiment, which he lost control of, and was sentenced to probation and community service. With the use of the Internet to pay bills or shop, it has opened a window for cybercriminals to find a new way to steal your identity; this can cost you thousands of dollars in......

Words: 1009 - Pages: 5

Free Essay

Denial of Service Attacks in Network Security

...Denial of service attacks in Network security introduction and short history of DoS attacks: Denial of service attacks are one of the major threat to the modern computer networks.It has been said that first DDoS attack was launched in 1999 against the IRC server of university of minnesota which affected 227 systems and server was down for several days.Another DoS attack was documented in the week of feb 7 2000.A 15 year old canadian hacker named “mafiaboy” performed a series of DoS attack against some sites like ebay and amazon.Companies suffered from 1.7 billion of damage.After that it became the best way of hacking among cybercriminals. People used to perform these attacks for profits.Hackers will follow the procedures like mafiaboy and ask for the money.In 2005 ,it became more easy to implement those attacks ,a boy of 18-yr old named Farid Essabar developed a worm called MyTob which used to open a backdoor in Ms windows hosts and connect to the remote IRC server.The computer then used to wait for the commands from the servers.Farid was arrested for distributing the worm.This was surely not the last case.DDoS attacks were used to attack and money extortion. As name suggests Denial of Service aka DoS, it’s main objective is to make the system to deny the legitimate service requests. Basically DoS attacks are performed by exhausting the resources of the computer like processing power,network bandwidth,TCP connection and service buffers,CPU cycles and so on.Hackers......

Words: 2218 - Pages: 9

Free Essay


...preventative measures corporations, governments and other private institutions take to secure their data. (Harvey, 1985) Common Tools of a Hacker “To catch a thief, it takes a thief.” We’ve all heard it sometime in life likely. To first take the steps of understanding how to prevent hacking, we must familiarize ourselves with some of their tools. DDOS and DOS Attacks Denial of service attacks are a frequent occurrence on the internet. Often referred to as “DOS attacks”. DOS attacks are initiated by hackers sending packets, or bits of data, very repetitively to the victim’s computer until it is unable to communicate any other packets. (PBS, 2001) One such attack was executed against some big United States companies. On February 8th 2000, “MafiaBoy” or Michael Calce attacked sites such as Yahoo!, CNN, eBay, and E-Trade, with repeated DOS attacks. Even though he was only able to bring them down momentarily, it is a pretty big accomplishment given their security measures. (Gross, 2011) Trojan Horses Trojan horses are much like you would assume from ancient Greece and their history with the Trojan horse, they usually attach themselves to a program, or e-mail or even an alert on your iPhone, and unknowingly the user initiates a whirlwind of repercussions. Once installed the Trojan horse can control the computer without the victims’ knowledge, and often times, hide programs to run later causing further harm or malicious intent. One of the most renowned Trojan horse to date......

Words: 913 - Pages: 4

Movies - Dubs/Dual Audio | When You Should Spend the Holidays with Your Ex — and When You Shouldn't | Watch movie