14 DAY TRIAL // It’s not news to anyone that’s been following the work of security expert and journalist Brian Krebs that his website is often targeted with distributed denial-of-service (DDOS) attacks. However, a group of irritated cybercriminals have taken things even further.
On Wednesday, Krebs published a report on a website called ssndob.ru which sells access to customer credit report for small amounts of money. Following the publishing of the article, his website came under attack.
The website is protected by DDOS mitigation solutions provider Prolexic, so the attackers sent a fake FBI notice to the company, urging it to stop offering service to krebsonsecurity.com.
Prolexic determined that the letter was a hoax and forwarded a copy to Krebs. A call to the FBI confirmed the fact that it was nothing more than a scam. However, the story doesn’t end here.
The cybercriminals also made a call to 911 from a spoofed number matching the one of the journalist. The caller, claiming to be Krebs, said a Russian broke into his house and shot his wife.
Law enforcement representatives of the Fairfax County Police attempted to call Krebs, but he was busy cleaning up the house for a party so he didn’t answer the phone. That’s when authorities decided to pay him a visit.
Coincidentally, when police arrived at the house, Krebs was about to peel off a piece of plastic tape from the front door.
“When I opened the door to peel the rest of the tape off, I heard someone yell, ‘Don’t move! Put your hands in the air.’ Glancing up from my squat, I saw a Fairfax County Police officer leaning over the trunk of a squad car, both arms extended and pointing a handgun at me,” Krebs wrote in a post describing the incident.
“As I very slowly turned my head to the left, I observed about a half-dozen other squad cars, lights flashing, and more officers pointing firearms in my direction, including a shotgun and a semi-automatic rifle,” he explained.
“I was instructed to face the house, back down my front steps and walk backwards into the adjoining parking area, after which point I was handcuffed and walked up to the top of the street.”
Krebs explained to the officers on site that he filed a report six months earlier explaining that this might happen, after he received threats in response to another article he wrote.
Later, the expert determined that the attackers had used a service called booter.tw to launch the DDOS attack against his site. Interestingly, the same service was used a few hours ago to launch a similar attack against Ars Technica, the publication that first published Krebs’ story.