14 DAY TRIAL // Law enforcement authorities in the US and the Netherlands have arrested two 19-year-old teenagers on suspicion on launching massive DDoS attacks as part of the Lizard Squad and PoodleCorp hacking crews.
The two are Zachary Buchta of Fallston, Maryland, and Bradley Jan Willem van Rooy of Leiden, the Netherlands, but they were mostly known for their online monikers.
Officials say Buchta was the man behind the "fbiarelosers," "pein," "xotehpoodle," and "lizard" Twitter accounts, while Van Rooy operated the "Uchiha," "UchihaLS," "dragon,” and "fox" personas.
Both suspects were arrested last month
Both are now under custody in their countries after authorities arrested them at the end of September on charges of conspiracy to cause damage to protected computers.
Officials say that Buchta and van Rooy operated the shenron.lizardsquad.org, lizardsquad.org, stresser.poodlecorp.org, and poodlecorp.org websites, which offered DDoS-for-hire services.
The investigation into the group didn't start because of these websites, but because of the phonebomber.net service, which allowed anyone to purchase on-demand harassment phone calls.
In one case, a victim from the US state of Illinois received threatening phone calls every hour for 30 days. The message was:
“ Better look over your [expletive] back because I don’t flying [expletive] if we have to burn your [expletive] house down, if we have to [expletive] track your [expletive] family down, we will [expletive] your [expletive] up [expletive]. ”
Authorities looking into the website's operation soon discovered ties to other websites operated by the Lizard Squad and PoodleCorp groups. PoodleCorp is a new name adopted by Lizard Squad in the summer of 2016.Lizard Squad founder still at large
According to the US Department of Justice, the two 19-year-olds had another two accomplices, one named "Chippyshell," Lizard Squad's founder, and the second, called "AppleJ4ck," the owner of the vDos service, who was arrested in Israel last month.
Buchta and van Rooy are the fourth and fifth persons detained for ties with the Lizard Squad hacking crew. Previously police arrested two teens in the UK and one man in Finland. Authorities only questioned the two UK teens, while the Finnish man received a suspended prison sentence.
Lizard Squad is tied to hundreds of DDoS attacks, usually against gaming companies, which group members brazenly advertise on Twitter.
The PoodleCorp botnet backend panel leaked online this summer. The botnet was coded on top of the vDos API and helped investigative journalist Brian Krebs expose the vDos service, which eventually led to AppleJ4ck's arrest.
Buchta and van Rooy face up to ten years in prison for their crimes. Below is the affidavit filed in a US court in Chicago, which contains private Twitter and Jabber conversations between the four suspects.