U.S. Charges Russian With Launching DoS Attacks Against Amazon.com

Officials at the U.S. Department of Justice announced that a Russian man has been arrested in Cyprus in connection with attacks on Amazon.com.

The man, Dmitry Olegovich Zubakha, 25, of Moscow, was arrested July 18 on an international warrant. Zubakha was indicted in May of 2011 for launching two denial-of-service (DoS) attacks on the Amazon Website. The indictment, which was unsealed Thursday, also links him to other DoS attacks on Priceline.com and eBay.

€œThese cyber-bandits do serious harm to our businesses and their customers. But the old adage is true: the arm of the law is long,€ said U.S. Attorney Jenny A. Durkan who leads the Justice Department€™s Cybercrime and Intellectual Property Enforcement Committee, in a statement. €œThis defendant could not hide in cyberspace, and I congratulate the international law enforcement agencies who tracked him down and made this arrest.€

According to U.S. authorities, the incidents happened in June of 2008. On June 6 and then again on June 9 of that year, Zubakha and fellow hacker Sergey Logashov are alleged to have mounted a DoS attack on Amazon that resulted in the site being down for hours.

The attacks were launched using a botnet of compromised computers. Zubakha and his accomplice allegedly took credit for the attacks on hacker forums. In one instance, Logashov reputedly called Priceline.com and offered his services as a consultant to stop the denial-of-service attack, authorities said.

In October 2009, law enforcement traced more than 28,000 stolen credit card numbers to the duo, authorities said.

Zubakha now faces a host of charges, including two counts of intentionally causing damage to a protected computer resulting in a loss of more than $5,000 and conspiracy to intentionally cause damage without authorization to a protected computer. He is also charged with aggravated identity theft for reputedly using the credit card of a Lake Stevens, Wash., resident illegally, as well as possession of 15 or more unauthorized access devices.

If convicted on all charges, Zubakha could face significant prison time. Conspiracy is punishable by up to five years in prison, and the other computer charge carries a penalty of up to 10 years in prison and a $250,000 fine. Possession of more than 15 unauthorized access devices is also punishable by up to 10 years, and aggravated identity theft is punishable by an additional two years in prison on top of any sentence for the underlying crimes.

Zubakha remains in custody in Cyprus awaiting extradition.