With the click of a mouse, their customers could bombard enemies with harassing phone calls or even unleash a devastating cyber takedown, the feds say.
For $20, one of their websites would call someone from random phone numbers once an hour — for an entire month. They bragged the victims would have three choices: “Change their number, Bend to your whim, Deal with a ringing phone for the length of our attack,” records show.
The first victim, from the Chicago area, received this call as his phone rang non-stop for 30 days, starting Oct. 23, 2015: “When you walk the f—ing streets, motherf—-er, you better look over your f—ing back because I don’t flying f— if we have to burn your f—ing house down, if we have to f—ing track your god—- family down, we will f— your s—- up motherf—–.”
But now Zachary Buchta of Maryland and Bradley Jan Willem Van Rooy, of the Netherlands, have been charged by federal authorities in Chicago with conspiring to cause damage to protected computers. The charges resulted from an international investigation into the computer hacking groups “PoodleCorp” and “Lizard Squad,” which has been tied to denial-of-service attacks against the Sony PlayStation Network and others.
Buchta, 19, wore a black T-shirt Wednesday as he appeared before U.S. Magistrate Judge Jeffrey T. Gilbert. He faces up to 10 years in prison but remains free on an unsecured bond. He is also subject to several conditions, including “a bunch of computer restrictions,” according to the judge.
Van Rooy, also 19, was arrested last month in the Netherlands and remains in custody there. Additionally, the feds seized four domain names connected to the pair’s online mischief: shenron.lizardsquad.org, lizardsquad.org, stresser.poodlecorp.org and poodlecorp.org.
Lizard Squad came to the feds’ attention when authorities began investigating phonebomber.net, a website that let customers pay for the repeated phone harassment of select victims — offering attacks as long as 90 days for $50, records show. The site bragged that the calls came from “random numbers,” making it more difficult for targets to block the calls.
“For the extortionists amongst us we’ve added an option to cancel the calls at the click of a button, giving you complete control over the length of the attack,” the site bragged, according to court records. It allegedly featured prerecorded messages titled “Rockwell — Somebody’s watching me,” “Spongebob — Is this the Krusty Krab?” and others.
The feds say Buchta used several screen names, including “@fbiarelosers.” That same account claimed credit for a denial-of-services attack on Sony PlayStation Network on Black Friday last year and promised to follow-up with another attack on Christmas, records show. The investigation into that attack led to Buchta, the feds say.
Buchta and van Rooy were also allegedly involved in the creation of a website called “Shenron,” which allowed customers to pay for cyber attacks that took down a computer network by overwhelming it with traffic. A package priced at $19.99 per month would let a customer carry out attacks for 1,200 seconds at a time with power of up to 15Gbps and “unlimited attacks,” according to a criminal complaint. An attack of up to 500 Gbps cost $999.99 a month.
Last May, the group also began offering stolen credit card information for sale online.
Buchta used additional online names like “pein,” “xotehpoodle” and “lizard.” Van Rooy used names like “Uchiha,” “@UchihaLS,” “dragon” and “fox.” And in April, while bragging about one of the Shenron denial-of-services attacks, the “@UchihaLS” Twitter account apparently decided to taunt law enforcement.
The user tweeted five simple words: “You can’t arrest a lizard.”