WireX botnet operator charged with organizing DDoS attacks

The US Department of Justice, in absentia, accused the administrator of the Android botnet WireX, a 32-year-old Turkish citizen Izzet Mert Ozek, of organizing a DDoS attack on a transnational hotel chain.

Ozek has reportedly not yet been arrested and authorities believe he is currently residing in Turkey.

According to court documents, the WireX botnet consisted of approximately 120,000 Android devices, judging by the unique IP addresses seen in the WireX attacks, and in 2017 used that power to attack an unnamed company’s website and its online booking system. The name of the affected company was not disclosed, it is only known that the servers of its website were located in northern Illinois.

The WireX botnet was launched in mid-July 2017 and was built using hundreds of malicious apps distributed through the Google Play Store and third-party app stores. The botnet’s attacks began in July of that year, and sometimes its operators sent ransom messages to victims.

The botnet attracted attention of cybersecurity researchers in August 2017, when it was seen in large-scale Layer 7 DDoS attacks targeting several large CDNs and content providers. According to experts who studied these incidents, the botnet carried out DDoS attacks using bots from 100 countries around the world and using about 120,000 IP addresses.

Shortly after these attacks, at the end of August 2017, the botnet was brought down by the joint efforts of researchers from Akamai, Cloudflare, Flashpoint, RiskIQ, Google, Oracle Dyn, Team Cymru, other companies and the FBI.

Let me remind you that we talked about the fact that 33 BEC Black Ax fraudsters that stole more than $ 17 million arrested in the US, as well as that, for example, China declared a real war on DDoS services.