Man charged with attacking O'Reilly, Giuliani websites

A former college student has been charged with using the school's computer network to control a botnet and launch distributed denial-of-service (DDoS) attacks against websites belonging to Bill O'Reilly, Ann Coulter and Rudy Giuliani.

Mitchell Frost, 22, was charged with one count each of damaging a protected computer system and possessing unauthorised access devices, according to the U. S. attorney's office for the Northern District of Ohio.

While enrolled as an undergrad at the University of Akron, Frost used the school's computer network to establish a botnet of compromised computers across the United States and other countries, prosecutors said.

According to an indictment, Frost scanned the internet searching for vulnerable computer networks to access and gain control over.

Frost then used the botnet to initiate DDoS attacks that temporarily interrupted the operation of www.billoreilly.com, www.anncoulter.com and www.joinrudy2008.com, prosecutors said. The DDoS attacks caused each website to be knocked offline, resulting in damages exceeding US$5,000.

“My website, billoreilly.com, spends a lot of money building walls against hackers who try to destroy the enterprise,” O'Reilly said Monday on his Fox television show, The O'Reilly Factor. “The FBI did a great job investigating this cybercrime investigation, and we thank them very much.”

Frost also launched a DDoS attack against the university's computer server in March 2007, which caused the entire network to be knocked offline for approximately eight-and-a-half hours, investigators said. The attack cost the school US$10,000 to restore computer service.

In addition, Frost used compromised computers to spread malware that allowed him to collect sensitive information, including credit card numbers, CVV security codes, names, addresses, Social Security numbers and birth dates, according to prosecutors. University of Akron computer logs revealed that Frost chatted online with individuals about collecting, distributing and using stolen credit cards.

Federal investigators executed a forensic examination of Frost's computers which turned up 136 stolen credit card numbers and 2,923 usernames and passwords.

For the charge of damaging to a protected computer system, Frost faces up to five years in prison and a US$250,000 fine. Additionally, the possession of an unauthorised access device charge carries a maximum sentence of 10 years in prison and a fine of US$250,000.

No court date has been set.

See original article on scmagazineus.com