US Charges Russian With Launching 2008 Amazon DoS Attack

The Seattle Times reports that Dmitry Olegovick Zubakha, "A Russian man believed to be behind cyberattacks on Seattle-based Amazon.com and other online retailers in June, 2008 has been arrested in Cyprus, says U.S. Attorney Jenny Durkan." Along with a partner, Sergey Vioktorovich Logashov (still at large), Zubakha apparently also undertook, and later bragged about, attacks on Priceline and Ebay. After extradition, he's expected to face trial in the U.S. for possession of illegal access devices, conspiracy, and aggravated identity theft.

Oops

[colinrichardday]

This could get ugly

Re:

[Anonymous Coward]

Really? Person commits crimes that are even crimes by Russian standards, and you guys get butthurt because he's actually going to be extradited to the country he committed the crimes against?

That's how extradition works, you tools. It's not only the US who engages in the practice.

where does he work?

[Anonymous Coward]

you don't suppose he's employed by that scum bag company that's always trying to shake down apple with the lame mac "viruses" do you?

Illegal access devices?

[tragedy]

What's an "illegal access device"? I always worry about the criminalization of tools.

Re:Illegal access devices?

[artor3]

It's legalese for a stolen credit card.

Re:

[Mashiki]

I thought it was pathping and tracert. Safe for another day.

Re:

[justforgetme]

What was wrong with the term "stolen credit card"?

Re:

[marcosdumay]

What was wrong with the term "stolen credit card"?

Anybody can understand it.

Re:

[geoffaus]

Will the US be charging him for having a device that might not have been illegal in the country where he had it? Surely if its illegal in Cyprus then he should be charged there with having it - not in the US Also he was charged with possession of 28,000 credit cards - does this mean that if he had emailed it to people they could then be charged with possession too?

Re:Illegal access devices?

[Anonymous Coward]

He had 15 cereal whistles.

Re:

[tragedy]

Did he also have a Drogan's Decoder Ring?

Re:

[Luthair]

I really wonder how 'possession' of something outside the US could be a crime.

Thank goodness

[Anonymous Coward]

Thank goodness we had a priceline negotiator to stop the attacks before it got too ugly.

Easily Misread

[Ranguvar]

"Charges Russian"? Not man, not woman?
I was sure at first that the U.S. was making claims of the country Russia, and so prepared for big shit to go down.

Hubris or Greed

[DarkOx]

Either Hubris or Greed seems to be the undoing of almost every high tech criminal that is actually caught. You'd think some of them would learn that lesson.

Really guys let me help you with this.

1. Hack site
2. Use stolen identities to flush corresponding bank accounts
3. SHUT THE *#*$(@) UP ABOUT IT
4. Profit

Notice there is no ??? step there. Everything after step 2 is simple really. The trick is take enough in step 2 that you don't need to repeat steps one and two again, and don't blab. If you complete one and two, and stop there you'll either be caught right away or very likely never caught at all.

Re:

[MRe_nl]

http://www.youtube.com/watch?v=Tl0LZsyi_tA [youtube.com]

Re:

[CanHasDIY]

Call me a troll or hater or whatever but please, when that same Russian man bought those illegal unmentioned stuff (I have not read TFA) from ebay, the us was just too happy to pocket the cash.

Heh, reminds me of something I heard on a Chris Rock standup rerun last night...

Drugs are illegal, but ATM machines are open 24 hours a day. 24 hours a day. For who? Who the fuck is it open for? Have you ever taken out $300 at four o'clock in the morning for something positive?

Re:

[santax]

Actually, once I took about 2000 euro's from an ATM at 4 o'clock in the morning to pay for my USA Fender that would arrive the next day. At that time, that was about 10 million US dollars! Give or take a few cents.

Re:

[santax]

Yeah in retrospect I must say, the G&L would have been even more bang for the buck, but to me the Fender is also a bit of a legacy. My guitar-hero's use or have used them for some of the greatest songs ever (Sultans of Swing!). Anyway, I agree, but the one I got is still a great instrument. So I'm not complaining :) (and she is surf-green!)

Re:

[tftp]

Have you ever taken out $300 at four o'clock in the morning for something positive?

I seldom use cash, but when I do I might leave it up to the last minute to obtain the money. When I go on a 420 mile road trip I will need some cash with me. If I depart early I might stop by the bank at 4am, or 5am - easily. The same applies if I go to a flea market, they open at 6am.

I would be far more suspicious of withdrawals at midnight or 1am. Very few people are out and about at that time. But 4 or 5am is already

Re:

[tftp]

If you have a specific joke in mind then it whooshed way above my head - I know nothing about drugs, cooking or road repairs. I specified the distance because that's what I saw on the odometer last time. I usually visit the same set of places and know the people there.

Cash may be needed in various places to pay for services, in case plastic is not accepted. The longer the trip the higher is the chance that you hit some sharp object on the road and need a tire patched up or replaced. Most farmers who coul

Where is the jurisdiction?

[BlueCoder]

Were these people on US soil when they performed these acts?

Am I the only US citizen that is concerned about this?

Is Saudi Arabia now able to extradite me because I read playboy?

Re:

[Anonymous Coward]

Were these people on US soil when they performed these acts?

Am I the only US citizen that is concerned about this?

Is Saudi Arabia now able to extradite me because I read playboy?

The servers were. That's the point, you can do harm to people in another country and that country's government can say...hey, we don't like that, and your government (or another's) may respond accepting or rejecting it.

You might be, but I doubt we'd be so lucky.

No, because they don't have jurisdiction. I suppose they might try, but they'd have to be extra stupid that way, and I doubt the US judge would be stupid enough, though Scalia seems to be losing his tenuous grasp on sanity so I suppose you'

Re:

[Charliemopps]

Well, in a lot of cases I'd agree with you. For example, if he hosted some content on his Russian site that's illegal here and then someone here downloaded it... our current justice department seems to think that's fair game and would go after him. That's obviously an overreach of our government. Same with wikileaks.

But in this case, this man alegedly used a computer network to attack, or hack, sites in the US. I'd liken it to someone using a remote controlled robotic arm to stab you. Even though they are i

Re:

[rtb61]

The real question here is the form and method of extradition. The US has managed quite effectively and beyond doubt to soil it's legal reputation overseas. The US legal process is felt to have more in common with third world countries and crime gangs, having been corrupted by lobbyists, politicians and corporations. Perhaps a more solid review of the extradition process (they seem to spew out any kind of bullshit with only limited evidence or proof), the court process (far too much intimidation of other pa

Re:Where is the jurisdiction?

[the eric conspiracy]

Why does being on US soil have anything to do with committing a crime against a US entity?

People commit crimes. You don't have to be on US soil to commit very nasty crimes against US interests. For example Osama bin Laden was never on US soil AFAIK.

Depending on the extradition treaties of the place they commit them from or later visit the US may or may not be able to bring them to trial. Sometimes the US may even use force of arms to bring such people to reckoning.

It's called being a sovereign power.

Obviously Cyprus is one of the places you don't want to visit after committing such a crime.

> Am I the only US citizen that is concerned about this?

No, but you are seriously in the minority.

> Is Saudi Arabia now able to extradite me because I read playboy?

Very unlikely since there is no extradition treaty between the US and Saudi.

Re:

[the eric conspiracy]

> But the US' "interests" range from draconian copyright laws to killing whoever they damn well please.

Draconian US copyright laws are not exclusively a US problem. Countries that don't resist them, especially in their extradition agreements are playing a part in this too.

Extradition treaties are a two way street. If you don't sign one the US can't extradite people from your country.

As far as killing whomever they want, that doesn't have anything to do with extradition treaties or copyright infringement.

Re:

[LazLong]

One might think that the jurisdiction is that in which the damage occurred. i.e. if the servers were in the US, that is where it lies. This is simply an international attack, the same as mailing a bomb from one country to the next.

There is a far too prevalent belief or ethic amongst the techno-educated from the former Soviet republics that it is their right to take advantage of whoever is 'stupid' enough to be vulnerable to their skills. This needs to come to an end. The Internet is not the cyber wild west.

Re:

[Nyder]

Were these people on US soil when they performed these acts?

Am I the only US citizen that is concerned about this?

Is Saudi Arabia now able to extradite me because I read playboy?

When Saudi owns on the only oil in the world, yes, the U.S.A. Government would hand you over in a second.

As it stands now, no, they won't. Give it another 10 years.

Re:

[westlake]

Were these people on US soil when they performed these acts?

In the simplest of cases, jurisdiction lies where the body falls.

Triggering your infernal device from across a state or international border is not a get out of jail free card.

Re:

[emt377]

Were these people on US soil when they performed these acts?

Am I the only US citizen that is concerned about this?

Is Saudi Arabia now able to extradite me because I read playboy?

If you upload porn to a server in Saudi Arabia, the UAE, and certain other places - yes, they could very well charge you and get you extradited. However, for political and crimes of a purely moral nature most dictatorships are smart enough to keep a low profile. And democracies tend not to criminalize moral behavior and certainly not political expression. For those sort of things autocracies tend to be more concerned with policing the moral and policial behavior of their own population than worrying abo

What the ... ?

[X.25]

Would Cyprus arrest creators of Stuxnet, on request from Iran, if those people would show up in Cyprus?

Re:What the ... ?

[artor3]

That's up to them. Countries have the right to determine whether or not to extradite someone accused of a particular crime. I don't know how else you could expect it to work.

Re:

[manu0601]

Would Cyprus arrest creators of Stuxnet, on request from Iran, if those people would show up in Cyprus?

They cannot, as the head of Stuxnet gang enjoys diplomatic immunity [nytimes.com] when traveling abroad.

Re:

[marcosdumay]

The interesting thing about diplomatic immunity is that it is up to the host country to observe it or not. Of course, not observing it will bring consequences, but the choice is always there.

Re:

[gl4ss]

they might. the only way to not would be for usa government to fess up that they were behind stuxnet, though even that might not help since stuxnet escaped to the wild. or maybe iran released it to the wild so that the stuxnet creators would end up as wanted criminals.

problem is you'd have to have some names first.

I don't think usa could pull "it was warfare" card here even, since collateral damage was all over the globe(and that they're not technically in war with iran). if they'd drone someone in finland

How much is that doggie in the window?

[pongo000]

I'm curious as to how much this operation cost the US taxpayer, and whether or not Amazon et. al. will be asked to foot the bill. I'm sure it's not a cheap operation to kidnap/extradite someone, fly them back to the US, put them on trial in front of a jury of non-peers, and house this sure-to-be convicted individual for an insane number of years.

Do I also get the same courtesy if I were to complain about the sustained DDOS attacks on the small network of servers I maintain?

Re:

[the eric conspiracy]

Since when is the victim supposed to pay for law enforcement to catch the perp?

> Do I also get the same courtesy if I were to complain about the sustained DDOS attacks on the small network of servers I maintain?

Hahahaha

Varying Relevancies

[Rotworm]

It's hard to see how his nationality is relevant if the nation is not involved.

Re:

[I_am_Jack]

It's information. A Russian was arrested in Cyprus for a crime allegedly committed against a US corporation on servers operating in the US. I'd say it's germain. When dealing with international law issues, nationality is important. If his nationality was then being used to somehow intimate that people from a particular country are criminals and thieves, then yes, I'd agree there was unnecessary bias.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion