Turkish national charged for DDoS attacks with the WireX botnet
US authorities have indicted today a Turkish national for using a now-defunct malware botnet to launch distributed denial-of-service (DDoS) attacks against a Chicago-based multinational hospitality company.
Izzet Mert Ozek, 32, stands accused of using WireX, a botnet created using Android malware, to launch attacks against the Chicago multinational in August 2017.
Authorities said that Ozek’s attacks made the infected Android smartphones send large amounts of web traffic to the company’s public website and online booking service, causing servers to go down.
The charges were unveiled today in the Northern District of Illinois, according to a press release from the US Department of Justice.
Neither the official statement nor the official indictment [PDF] say if Ozek built the WireX botnet himself or if he rented it from a third party.
Created just a month before, in July 2017, the botnet quickly grew to a massive size of more than 120,000 bots after its author used malicious Android apps to infect Android smartphones.
Months after the devastating attacks carried out using the Mirai malware at the end of 2016, the cyber-security industry reacted with haste to kill this new threat while in its early stages.
Weeks after the attack on the Chicago multinational company took place, a coalition of security firms including Akamai, Cloudflare, Flashpoint, Google, Dyn, RiskIQ, and Team Cymru, worked together to trace WireX’s bots and backend infrastructure and then seize and take down its command and control systems [1, 2, 3].