Upcoming DDOS Attack - FINAL Warning

Hello Sirs,

This is Team Anonymous, this is the final warning of a upcoming DDOS Attack that will target www.lowendbox.com, the attack will commence in less than 48 hours from now.

We request the IMMEDIATE suspension of the website www.lowendbox.com, NO SUSPENSION = 500Gbps DDOS Attack.

For proof we did a small 2Gbps DDOS Attack at 6:01pm GMT.

This is your FINAL WARNING, failure to comply will have serious consequences.

You Are Always The Loser - anonymoushackers

نا إنç انا اننç هحهد رسèن اننç

سبحاو اننç èبحهدة سبحاو اننç انظضê

We await your FULL co-operation.

Team Anonymous

Afganistan.

29 Replies

OMG, why haven't linode updated us on the status of this pending attack? What are they trying to hide?

:lol:

Ah ha. Blackmail and extortion - the sign of the coward.

More proof that the internet needs regulation against muppets like this.

@Mr Nod:

Ah ha. Blackmail and extortion - the sign of the coward.

More proof that the internet needs regulation against muppets like this.

Somebody needs to listen to Rainbow Connection again.

If you're from Afghanistan, how come you can't spell it?

By the way, why is lowendbox.com hosted on a Linode? I thought it was a website where you could get recommendations for VPS's that cost less than $7/mo. Eating your own dog food, much?

@hybinet:

By the way, why is lowendbox.com hosted on a Linode? I thought it was a website where you could get recommendations for VPS's that cost less than $7/mo. Eating your own dog food, much?

I think it was so they were not affiliated with any LEB Provider, and were with a company that was unlikely to go walkies.

Doesn't affect me since I'm nowhere near that box

Lowendbox seems gone from my location. Maybe they complied. :lol:

Hey guys, how about you attack my box too, pretty please…

@nehalem:

Lowendbox seems gone from my location. Maybe they complied. :lol:
It looks like ThePlanet/SoftLayer null routed their IP.

@pclissold:

@nehalem:

Lowendbox seems gone from my location. Maybe they complied. :lol:
It looks like ThePlanet/SoftLayer null routed their IP.
It appears that way.

So, they pre-emptively did exactly what the troll asked them to, then? I guess we can chalk that up as a win for the troll, then. All he had to do was make a threat, and boom, site's gone.

@Guspaz:

So, they pre-emptively did exactly what the troll asked them to, then? I guess we can chalk that up as a win for the troll, then. All he had to do was make a threat, and boom, site's gone.
Agreed. They win. Might have been better for them to try and mitigate the attack as it happened. Now these idiots think they're the awesomest.

So what happens if my IP is next or someone else's? Just going to sit back and let them close down whatever site they want?

@pclissold:

If you're from Afghanistan, how come you can't spell it?
They'e probably teenagers who can't figure out when to use your or you're.

Lets replay back, lets do ciber war .

hahha is a joke.

@The Other Air Force:

So what happens if my IP is next or someone else's? Just going to sit back and let them close down whatever site they want?

The DDoS policy is pretty much standard. You get a network-impacting quantity of traffic thrown at your IP, and it will be null-routed upstream for at least 24 hours. No need to register for a forum account to post a threat; just launch the traffic and it will be handled.

There are providers who specialize in handling this sort of thing with more precision. They aren't inexpensive.

If they did launch a 2 Gbps attack earlier as a "test" or whatever, then that was probably enough to trigger a nullroute itself.

The site was still up after the threatening post was made (and so, after the 2Gbps attack), which I know because after the post was made I browsed around the site to see if there was anything that might provoke an attack. The performance (and latency) of the site was nominal, so it's reasonable to assume that there was no attack at that time. Furthermore, if the threat was to be followed, the nullroute happened before any malicious traffic was directed at the site.

In other words, the nullroute was implemented pre-emptively, before there was any actual cause for it. That's the part that worries me. I have no problem with a site being null-routed once it has been attacked. That's common sense. The objection is to null-routing a site purely because somebody made a threatening post.

Not implying anything about this particular case, however we do not preemptively null route unless requested to by the IP address assignee, or until there is an attack which is service affecting.

-Chris

It's also possible that whoever owned that website freaked out after the first attack (if it actually happened) and requested his own IP to be null-routed so that he would not be hit with a hefty bill for traffic overage.

All of that would be pointless if Anonymous (or whoever the OP is) just waits until the site is back up to launch an attack. Or maybe not, if the site owner can find out who's pissed off at him and reach some sort of resolution before restoring the site.

@caker: Was there really a 2Gbps attack at 6:01pm that you successfully thwarted, or is the OP just trolling?

@anonymoushackers:

Hello Sirs,

This is Team Anonymous

Well, they certainly are polite and respectful what with introducing themselves like that and all. It's good to see young people use nice manners when they DDOS sites these days.

James

@hybinet:

@caker: Was there really a 2Gbps attack at 6:01pm that you successfully thwarted, or is the OP just trolling?

2 Gb/s isn't very much, so it's entirely possible it went by unnoticed.

Well, by everybody except the direct target. A 2 Gbps attack for even a few minutes could cause some overages.

@OverlordQ:

500 Gbps my ass.
That fast? Mine can barely saturate an OC-768 :D .

Wait why were you ddosing WHT and LEB in the first place?

Also what does buyvm and securedragon have to do with this?

I am confused…

I understand if you're ddosing linode for hosting leb but it's kinda not the hosts fault it's going to be leb's fault but I do not see what leb did to cause all of this.

Explain this to me…

But I just need a reason why you're ddosing LowEndBox…

Why does Linode let posts like this exist?

After all the crap that happened this week, they need to bump up the priority for getting a real marketing manager.

The geek squad ain't cutting it.

And the message that's currently being released ain't pretty.

@TomM:

Wait why were you ddosing WHT and LEB in the first place?

Also what does buyvm and securedragon have to do with this?

I am confused…

I understand if you're ddosing linode for hosting leb but it's kinda not the hosts fault it's going to be leb's fault but i do not see what leb did to cause all of this.

Explain this to me, But you should not be ddosing linode, buyvm, wht or securedragon for any of this…

But i just need a reason why you're ddosing LowEndBox…

From reading the thread at WHT, it's likely some provider who is known shady, less-then-reliable, provider didn't like the review on LEB.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct