• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

EBay Attacker Pleads Guilty: WORM OVERLOADED HIGH-PROFILE SITES

Posted on: Thursday, 29 December 2005, 12:00 CST

By Michael Bazeley, San Jose Mercury News, Calif., San Jose Mercury News, Calif.

Dec. 29--An Oregon man has pleaded guilty to charges he used a computer worm to infect as many as 20,000 computers, which then attacked eBay.com and other Web sites two years ago.

Anthony Clark, 21, of Beaverton, Ore., entered his plea Tuesday afternoon in San Jose federal court. He was charged with intentionally damaging a protected computer. He will be sentenced in April and faces a maximum 10 years in prison and a $250,000 fine.

Clark and unnamed accomplices launched a "distributed denial of service" attack against eBay's auction Web site in summer 2003, automatically bombarding the site with massive amounts of fake Internet traffic in an attempt to cripple the company's network.

Clark, who used the alias "volkam" on Internet message boards, carried out the attack by using a worm program that hijacked thousands of personal computers. The worm instructed the computers to log in to an Internet Relay Chat server, where they waited for instructions from Clark, according to the U.S. Attorney's Office.

The U.S. Secret Service and the U.S. Attorney's Office Computer Hacking and Intellectual Property unit in San Jose investigated the case. The U.S. Attorney's Office would not comment on what Clark's motive for the attacks might have been.

"It's not that frequently that you see people successfully prosecuted for participating in these attacks," said Christopher Sonderby, chief of the CHIP unit. "They can be difficult to uncover."

Sonderby would not discuss how investigators tracked down Clark, or other details of the investigation. But Clark's name and "volkam" e-mail address appear together on at least one Internet message board where computer exploits are discussed. And "volkam" is credited on other message boards as the original author of a worm.

EBay declined to characterize the scope of the attack because the court is still investigating how much damage the site sustained to decide Clark's sentence. But a court document says the damage to eBay and others exceeded $5,000 over a one-year period. EBay would not say whether the attack affected the public's ability to use its site.

"I think the unique thing here is that we were able to trace it," said eBay spokesman Chris Donlay.

Clark's attorney did not return a call seeking comment.

Clark and his accomplices took advantage of an infamous vulnerability in Microsoft's Windows 2000, XP and NT operating systems that allowed attackers to gain full access to servers and desktop computers and execute malicious computer code. Microsoft divulged details of the problem, and a patch for it, in July 2003.

Nonetheless, attackers created several worms to exploit the vulnerability before computer users patched their software. The most famous worm, known as MSBlast or Blaster, rocketed around the Internet in August 2003, infecting tens of thousands of machines and causing Microsoft to shut down one of its Web sites in anticipation of being attacked.

In 2000, eBay's was among several high-profile commercial and government Web sites including Amazon.com and Yahoo that were hobbled by a widespread series of denial of service attacks.

Contact Michael Bazeley at mbazeley@mercurynews.com or (408) 920-5642, and read his blog at www.siliconbeat.com.

-----

Copyright (c) 2005, San Jose Mercury News, Calif.

Distributed by Knight Ridder/Tribune Business News.

For information on republishing this content, contact us at (800) 661-2511 (U.S.), (213) 237-4914 (worldwide), fax (213) 237-6515, or e-mail reprints@krtinfo.com.

NASDAQ-NMS:EBAY, NASDAQ-NMS:MSFT, NASDAQ-NMS:AMZN, NASDAQ-NMS:YHOO,

Source: San Jose Mercury News

More News in this Category