Pirate Posted November 1, 2018 Share Posted November 1, 2018 Chuck got hacked with a DOS and he's not happy. He has already contacted authorities and is going ahead with a civil lawsuit against the hackers for all the business lost. 1000 computers were used against him. Good luck with that chuckles This guy is a load of fun to read. Link to comment Share on other sites More sharing options...
Dick Pontoon Posted November 1, 2018 Share Posted November 1, 2018 But is he going to have a Hacking Sale to commemorate? Link to comment Share on other sites More sharing options...
Pirate Posted November 1, 2018 Author Share Posted November 1, 2018 3 minutes ago, Pontoon said: But is he going to have a Hacking Sale to commemorate? He extended his Halloween Code Word Sale. Next it will be the Hacking Legal Fund. Suing Russia is expensive Link to comment Share on other sites More sharing options...
Fan Boy Posted November 1, 2018 Share Posted November 1, 2018 Chunk of the mile high comics, I presume, you are talking of? What’s the story about him and the DOS hacking thing? Link to comment Share on other sites More sharing options...
BlowUpTheMoon Posted November 1, 2018 Share Posted November 1, 2018 19 minutes ago, Pirate said: Chuck got hacked with a DOS and he's not happy. Link? Link to comment Share on other sites More sharing options...
BlowUpTheMoon Posted November 1, 2018 Share Posted November 1, 2018 Mile High Comics Website Attacked - HALLOWEEN Codeword Extended Howdy! I thought that you might like to know that someone tried to put us out of business on Monday. Right after my newsletter was released in which I urged everyone to please try to find the time to vote in next Tuesday's election, our server began experiencing a flood of false information requests in what is called a "Denial of Service" attack. Over 1,000computers were used in this coordinated effort to overwhelm our incoming Internet "pipe", and the internal computing capacity of our servers. Vote poster If you tried to access our website on Monday evening, Tuesday, or Wednesdaymorning, you would have seen that this attack was successful, as our website was totally unavailable. Blessedly, the tech professionals at our Internet Service Provider have dealt with this craziness before with some of their other clients, and knew how to remedy the problem. They are also very well connected with the law enforcement community, so we are optimistic that the perpetrator will be identified, and eventually charged with a Federal crime. Given that our business was harmed significantly, we will also file a civil suit. Interfering with Interstate Commerce is a truly unwise thing for someone to do. KobaltDog and ADAMANTIUM 1 1 Link to comment Share on other sites More sharing options...
Popular Post Aweandlorder Posted November 1, 2018 Popular Post Share Posted November 1, 2018 I used to get Denial Of Service from Chuck back in the 80s. Only back then it was called Out Of Stock shortboxed, Ken Aldred, Readcomix and 4 others 6 1 Link to comment Share on other sites More sharing options...
bc Posted November 1, 2018 Share Posted November 1, 2018 A Distributed Denial of Services (DDOS) took his site out for 3 days? The ISP must have some old gear/software as this kind of attack is readily known and can be mitigated/prevented in numerous ways. This isn't a "hack" as no data was breached (at least that has not been mentioned). It simply stops others from accessing a web site by flooding it with requests. Someone must be very unhappy with Mile High to coordinate a 1000 device DDOS campaign against them, maybe the Code Word didn't work for them? Or was it the Russians???? Stronguy and RockMyAmadeus 2 Link to comment Share on other sites More sharing options...
1Cool Posted November 1, 2018 Share Posted November 1, 2018 Was it really an issue since no one was trying get into his web site over those three days? roach04 1 Link to comment Share on other sites More sharing options...
Jeffro. Posted November 1, 2018 Share Posted November 1, 2018 Well, I guess this is a legitimate complaint from Chuckles unlike when he claimed he was a victim of Hurricane Sandy. Link to comment Share on other sites More sharing options...
theCapraAegagrus Posted November 1, 2018 Share Posted November 1, 2018 (edited) I call BS. What is his verification for "over 1,000 computers" being used..? Does he also work for or know the Attorney General? How can he be so certain that they'll be charged with a Federal Crime..? This guy's stuff stinks real bad. I'm not convinced in the slightest. He must've paid his internet bill late and needed a few days to make the ISP whole. Loser. Edit: Also, is he calling the information being requested false, or the inquiries being false? Because neither of these are true. This guy doesn't know anything about computers, networks, information, or life... Edited November 1, 2018 by TwoPiece Questions raised. Link to comment Share on other sites More sharing options...
bc Posted November 1, 2018 Share Posted November 1, 2018 15 minutes ago, TwoPiece said: I call BS. What is his verification for "over 1,000 computers" being used..? Does he also work for or know the Attorney General? How can he be so certain that they'll be charged with a Federal Crime..? This guy's stuff stinks real bad. I'm not convinced in the slightest. He must've paid his internet bill late and needed a few days to make the ISP whole. Loser. Edit: Also, is he calling the information being requested false, or the inquiries being false? Because neither of these are true. This guy doesn't know anything about computers, networks, information, or life... A competent ISP would have firewall/ADC logs of the source IP addresses performing the DDOS attack . Those addresses could be easily counted to get an idea of the magnitude. This is not meant to justify his statement or the other questions you raise. Link to comment Share on other sites More sharing options...
WolverineX Posted November 1, 2018 Share Posted November 1, 2018 Poor guy. Senormac 1 Link to comment Share on other sites More sharing options...
N e r V Posted November 1, 2018 Share Posted November 1, 2018 Paging Robert Mueller... Link to comment Share on other sites More sharing options...
N e r V Posted November 1, 2018 Share Posted November 1, 2018 30 minutes ago, TwoPiece said: I call BS. What is his verification for "over 1,000 computers" being used..? Does he also work for or know the Attorney General? How can he be so certain that they'll be charged with a Federal Crime..? This guy's stuff stinks real bad. I'm not convinced in the slightest. He must've paid his internet bill late and needed a few days to make the ISP whole. Loser. Edit: Also, is he calling the information being requested false, or the inquiries being false? Because neither of these are true. This guy doesn't know anything about computers, networks, information, or life... 9 minutes ago, bc said: A competent ISP would have firewall/ADC logs of the source IP addresses performing the DDOS attack . Those addresses could be easily counted to get an idea of the magnitude. This is not meant to justify his statement or the other questions you raise. I’m sure he’d tell both of you “many people are saying this...” Link to comment Share on other sites More sharing options...
revat Posted November 1, 2018 Share Posted November 1, 2018 3 minutes ago, bc said: 23 minutes ago, TwoPiece said: I call BS. What is his verification for "over 1,000 computers" being used..? Does he also work for or know the Attorney General? How can he be so certain that they'll be charged with a Federal Crime..? This guy's stuff stinks real bad. I'm not convinced in the slightest. He must've paid his internet bill late and needed a few days to make the ISP whole. Loser. Edit: Also, is he calling the information being requested false, or the inquiries being false? Because neither of these are true. This guy doesn't know anything about computers, networks, information, or life... A competent ISP would have firewall/ADC logs of the source IP addresses performing the DDOS attack . Those addresses could be easily counted to get an idea of the magnitude. This is not meant to justify his statement or the other questions you raise. I don't mean to sound too dumb OR too smart with this question, but isn't it somewhat common practice for sophisticated people trying to perpetrate internet 'attacks' to rout those attacks through multiple ISP's to obfuscate the true source of the attack? I think some ISP's or computers might be 'used' without the knowledge of the people using those ISP's. I'm not sure if this goes to Chuck's point or anyone else's. I don't think it was like 1,000 people sitting at 1,000 individual computers purposefully trying to take Chuck down, but it does seem possible that 1,000 computers were 'used', depending on the definition. And there's also a high percentage chance that Chuck did not completely understand the explanation given him AND that he utilized some hyperbole/embellishment. If I were him, I would not have commented even this much, for fear of publicly misstating some material fact, therefore hurting my chances in the lawsuit/prosecution to follow. My statement would have been this: "Our Milehigh website was the victim of a cyberattack, which left our servers and website down for XXXX time. We are happy and relieved to tell you that we are back online now, and ready help you, our loyal customers, get the comic books you need. We want to thank our ISP providers and law enforcement for their hard work to get our business online again. We will pursue all civil and criminal action against the perpetrators of this vicious attack. We want to make it very clear that at no point was the personal or financial information of any of our customers vulnerable during this cyberattack (if this is true). Again, thanks for your patience, your kind words, and thank you for choosing to shop with Milehigh." B2D327, STORMSHADOW_80 and lighthouse 3 Link to comment Share on other sites More sharing options...
Dick Pontoon Posted November 1, 2018 Share Posted November 1, 2018 4 minutes ago, revat said: I don't mean to sound too dumb OR too smart with this question, but isn't it somewhat common practice for sophisticated people trying to perpetrate internet 'attacks' to rout those attacks through multiple ISP's to obfuscate the true source of the attack? I think some ISP's or computers might be 'used' without the knowledge of the people using those ISP's. I'm not sure if this goes to Chuck's point or anyone else's. I don't think it was like 1,000 people sitting at 1,000 individual computers purposefully trying to take Chuck down, but it does seem possible that 1,000 computers were 'used', depending on the definition. And there's also a high percentage chance that Chuck did not completely understand the explanation given him AND that he utilized some hyperbole/embellishment. Or possibly even complete and utter fabrication. Link to comment Share on other sites More sharing options...
theCapraAegagrus Posted November 1, 2018 Share Posted November 1, 2018 (edited) 6 minutes ago, revat said: I don't mean to sound too dumb OR too smart with this question, but isn't it somewhat common practice for sophisticated people trying to perpetrate internet 'attacks' to rout those attacks through multiple ISP's to obfuscate the true source of the attack? I think some ISP's or computers might be 'used' without the knowledge of the people using those ISP's. I'm not sure if this goes to Chuck's point or anyone else's. I don't think it was like 1,000 people sitting at 1,000 individual computers purposefully trying to take Chuck down, but it does seem possible that 1,000 computers were 'used', depending on the definition. And there's also a high percentage chance that Chuck did not completely understand the explanation given him AND that he utilized some hyperbole/embellishment. If I were him, I would not have commented even this much, for fear of publicly misstating some material fact, therefore hurting my chances in the lawsuit/prosecution to follow. My statement would have been this: "Our Milehigh website was the victim of a cyberattack, which left our servers and website down for XXXX time. We are happy and relieved to tell you that we are back online now, and ready help you, our loyal customers, get the comic books you need. We want to thank our ISP providers and law enforcement for their hard work to get our business online again. We will pursue all civil and criminal action against the perpetrators of this vicious attack. We want to make it very clear that at no point was the personal or financial information of any of our customers vulnerable during this cyberattack (if this is true). Again, thanks for your patience, your kind words, and thank you for choosing to shop with Milehigh." It's more common practice to use methods that generate multiple addresses on a single machine to give the appearance of many machines. I could generate thousands of seemingly "separate" attacks on an 8-cluster supercomputer (homemade). IMO, he should just admit that he forgot to pay his cable bill. I've done it. Edited November 1, 2018 by TwoPiece Typos. bc 1 Link to comment Share on other sites More sharing options...
bc Posted November 1, 2018 Share Posted November 1, 2018 Just now, revat said: I don't mean to sound too dumb OR too smart with this question, but isn't it somewhat common practice for sophisticated people trying to perpetrate internet 'attacks' to rout those attacks through multiple ISP's to obfuscate the true source of the attack? I think some ISP's or computers might be 'used' without the knowledge of the people using those ISP's. I'm not sure if this goes to Chuck's point or anyone else's. I don't think it was like 1,000 people sitting at 1,000 individual computers purposefully trying to take Chuck down, but it does seem possible that 1,000 computers were 'used', depending on the definition. And there's also a high percentage chance that Chuck did not completely understand the explanation given him AND that he utilized some hyperbole/embellishment. Yes, it is very common practice to utilize multiple attack vectors; hence the Distributed version of a DOS event. And yes, the owners of the networks or devices are very likely unaware that their property was used. Either way, Mile High's ISP should still have a log of addresses that were accessing his site. That ISP will contact the local FBI if they follow any security requirements (HiTrust, HIPAA, NIST-800-171, ISO9000, PCI-DSS etc.). That is standard practice for almost any cyber-security event. Baby monitors have been used in DDOS attacks in the past. All it takes is a small bit of code on an internet-connected device that can be remotely activated. Link to comment Share on other sites More sharing options...
rob_react Posted November 1, 2018 Share Posted November 1, 2018 DDOS attacks are done using botnets with many thousands (or millions) of compromised machines flooding the targeted server. 1000 computers just indicates that Chuck's servers are under-powered. BlowUpTheMoon and bc 2 Link to comment Share on other sites More sharing options...