Turkish national charged for DDoS attacks with the WireX botnet

US authorities have indicted today a Turkish national for using a now-defunct malware botnet to launch distributed denial-of-service (DDoS) attacks against a Chicago-based multinational hospitality company.

Izzet Mert Ozek, 32, stands accused of using WireX, a botnet created using Android malware, to launch attacks against the Chicago multinational in August 2017.

Authorities said that Ozek’s attacks made the infected Android smartphones send large amounts of web traffic to the company’s public website and online booking service, causing servers to go down.

The charges were unveiled today in the Northern District of Illinois, according to a press release from the US Department of Justice.

Neither the official statement nor the official indictment [PDF] say if Ozek built the WireX botnet himself or if he rented it from a third party.

Created just a month before, in July 2017, the botnet quickly grew to a massive size of more than 120,000 bots after its author used malicious Android apps to infect Android smartphones.

Months after the devastating attacks carried out using the Mirai malware at the end of 2016, the cyber-security industry reacted with haste to kill this new threat while in its early stages.

Weeks after the attack on the Chicago multinational company took place, a coalition of security firms including Akamai, Cloudflare, Flashpoint, Google, Dyn, RiskIQ, and Team Cymru, worked together to trace WireX’s bots and backend infrastructure and then seize and take down its command and control systems [123].

WireX-bots
Image: Cloudflare

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.


Source: Recorded Future

Leave a Reply