Brian Krebs of the blog Krebs On Security is on a roll. Last week he exposed the high school student behind botnet-for-hire site AsylumStresser.com, and this week it’s offline, even its Google cache wiped.
That’s one site that allows anyone to pay for a targeted denial service attack down. How many more to go?
Krebs is already on to number two: RageBooter.net has a lot in common with AsylumStresser. A similar layout and design. Dubious claims of legality (a quick check with the Securities and Exchange Commission turns up no actual registered corporation by the name of Ragebooter Productions, LLC, its alleged corporate parent). An identical business plan: On-demand DDoS attacks for rent, ostensibly for “stress testing” by site admins.
So what makes this one different? RageBooter’s administrator works for the FBI!
At least, that’s what 22-year-old Justin “PRIMALRAGE” Poland said, when Krebs interviewed him on Facebook chat. Poland, who subsequently declared the entire interview off-the-record, then blocked Krebs sanitized his Facebook profile and wiped the Rage Productions page entirely. Why? Well, in the interview, he had asserted that he worked for the FBI on Tuesdays at 1pm, and that the FBI had access to RageBooter and in fact was IP logging (i.e. identifying) all of RageBooter’s users.
Image via Brian Krebs/Justin Poland/Facebook
My service is a legal testing service. How individuals use it is at there [sic] own risk and responsibilitys [sic]. I provide logs to any legal law enforcement and keep logs for up to 7 days.I also work for the FBI on Tuesdays at 1pm in memphis, tn. They allow me to continue this business and have full access. The FBI also use the site so that they can moniter [sic] the activitys [sic] of online users.. They even added a nice IP logger that logs the users IP when they login.
This is akin to a hitman claiming to do “wet work for the CIA”—surely not an uncommon boast in that field—but then going on to claim that the CIA audited his client list, which would be somewhat of a disincentive to hiring a hitman.
At this point, Poland gave Krebs the name of his contact: Agent Lies.
Yes, really. “Agent Lies.”
Unsurprisingly, the Memphis FBI declined the opportunity to confirm or deny that they were working with Poland/RageBooter or that they had an “Agent Lies.” Joel Siskovic, an actual FBI agent in Memphis, told Krebs, “People come forward all the time and make claims they are working with us, and sometimes it’s true and sometimes it’s not.”
Since Rage Productions’ books are not public, it’s impossible to verify the effect all this has had on their bottom line, but it’s clear that while Justin Poland may not be much of a DDoS service marketer, he’s not a half-bad B-movie screenwriter.