U.S. investigators and computer security experts have reportedly narrowed their search for the perpetrators of last week’s denial-of-service (DoS) hacker attacks against some of the Internet’s most popular Web sites down to at least two possible suspects.
Law-enforcement officials have been attempting to gather evidence by analyzing network traffic and computer security logs. Reportedly, by monitoring Internet-hacker channels known as Internet Relay Chat (IRC), investigators are now zeroing in on two known hackers who have been identified only by their online pseudonyms.
It has also been alleged that the hackers who overloaded Yahoo!, Buy.com, eBay and other Web sites with packets of meaningless data used programs developed by a Hannover, Germany-based hacker known as “Mixter.”
The hackers broke into its targets’ networks by using a Mixter-developed program known as “Stacheldraht” or “Barbed Wire.” The program was used in hacker attacks under its German name.
A German news magazine reported that Mixter, a 20 year-old student, is being sought by German police, the FBI and Russian police. Mixter denies any involvement in the U.S. attacks.
After the U.S. attacks, German telephone company Net Cologne GmbH came under an assault that locked out or allowed only limited Internet access for Net Cologne customers. However, unlike in the U.S., German officials have already identified and charged the alleged perpetrators.
Since the hacker attacks did not directly threaten any data stored on those Internet servers, many in the security community initially labeled the attackers as unsophisticated pranksters who used tools that are widely available on the Internet.
However, it now appears that at least one of the two hackers identified may have been far more skilled than previously believed, having mounted a complex attack using customized tools.
While security officials declined to identify the online names of the suspects for fear of jeopardizing the investigation, they believe that the more experienced hacker involved lives in the U.S., while the less-savvy hacker is a Canadian resident.
California Computers Involved
The first major breaks in the investigation came late last week, when officials learned that computers at several California universities, including Stanford, the University of California at Santa Barbara (UCSB) and the University of California at Los Angeles (UCLA), were all used in the attack.
Several university officials admitted that their computers had been infiltrated before the attacks and used to launch a barrage of data packets that temporarily knocked out several sites.
Daley To Cut Trip Short
Meanwhile, U.S. Secretary of Commerce William M. Daley is likely to cut short a trip to Brazil because of President Bill Clinton’s request that he attend a meeting Tuesday at the White House.
The meeting, which will be attended by top Internet executives and government officials, will discuss ways to prevent further attacks on Web sites.