History of a single DDoSer

Hacker

Hacker

Professional
Messages
1,041
Reaction score
852
Points
113
9d33b9398b2fe9ed738c5.png


If it is read by residents, and even more so by state employees of the Republic of Kazakhstan, then the story is fictional, all the characters are fictional.

Further from the words of a friend:
I decided to tell you about the most unpleasant story of my life, because I had already kept it to myself for a long time, and it was impossible to talk about it. Why it was impossible to talk about this, I will tell you later.

I say right away, skeptics and other, if you do not like something or if you are used to calling everyone in a row pussy around-go to the mirror and say it while looking at it.

Now I think I'll start.
You can call me Connor, I'm 18 full years old. And I was held in a criminal case in the DKNB of the Republic of Kazakhstan in the Akmola Region under Article 210 Part 1 of the Criminal Code of the Republic of Kazakhstan.

The fact is that on October 20 and 21, 2016, I conducted DDOS attacks on Kazakhstani banks:
1. Halyk Bank (state-owned Bank)
2. Other second-tier banks, almost all of them.
(I was 17 years old at the time of the crime and was tried as a minor)

It was a normal day, October 20, 2016, I was sitting at home and stuck in the Internet, listening to music, and fulfilling an order attacking the media portal. A little later, for some reason, I got the idea to fuck the bank of my country by fan. I logged in to the botnet admin panel and launched an attack on the official website of Halyk Bank, just to test the bank's overall security. On the clock it was about 11 o'clock in the evening, I was sitting at the computer with the last of my strength.

When I got back, I just closed all the tabs, forgetting to stop the attack. Due to the fact that I had a self-written botnet, and as the most crooked and forgetful coder, I forgot to add a boot time (number of seconds/minutes/hours of attack). As a result, I went to bed, and the bank's server continued to lie around like a dead possum. As a result of this attack, the bank's official website was down for 14 hours.

When I woke up the next morning, I noticed that the bank was still lying down, and I remembered that I hadn't disabled the attack. A little nervous and smoking, I calmed down and continued to take orders.

On the same day, October 21, 2016, I decided to test the rest of the bank's servers, including their Internet Banking system for individuals. After logging in to the botnet admin panel again, I launched an attack on several of the bank's servers, but I didn't plan to keep them open for more than 5 minutes. Guess who's fucked up again? Of course I did.

My cat howled for a long time and asked to feed it, and I simultaneously provided the test to one of the customers. In the end, I still left, fed my Cat and sat back at the computer, it was during the day, and I thought that everything would be OK this time. But, when suddenly, a friend called me and said that we needed to meet urgently, I immediately jumped off like in an army jacket, packed up and went. Quickly resolving the issue that he wanted to discuss, after an hour and a half I returned home, and realized that I was fucked up again, the attack lasted 90 minutes.

I was running it successfully at that time, there were about 1k readers, and the post with the bank collected a lot of likes and retweets.

After that, I decided to test other banks in my country as well, but knowing my fish memory, I charged the servers with spoofing and set the boot time for 300 seconds (5 minutes). All the second-tier banks were successfully laid down, there was no limit to the joy. I also posted them on Twitter, and they were successfully liked and retweeted.

Days and months passed, and I successfully earned money on orders. I charged$ 50 per day for attacks on unprotected sites, and from$ 200 for protected resources, such as OVH, DDG, Voxility, etc.
After that, I was very tired of my botnet, and I decided to get a fresh IOT botnet Mirai (if anyone has heard of it). So, I scanned a bunch of bots, kept orders, and didn't know what to do.

On May 14, a friend and I decided to get together and have a beer, we drank beer, had a perfect barbecue and had a nice evening. I drank quite a lot of beer, and a strong one at that, and I was fucked up to the point of a pig's squeal and went to bed.

On May 15, at about 4 pm, I realize that someone is waking me up, and it wasn't a friend or a sister who could come to me, but completely different voices.

When I opened my eyes, I realized that I didn't understand a fucking thing. My head ached after a good sit-down, and I wasn't too sleepy to think straight. There were 5 men in suits standing in front of me, one of them reached into his pocket. I didn't understand anything, so I took a stance and readied my fists, waiting to get pussy from the gentleman robbers. And then suddenly, one of them, an older man, took out his ID card from an inner pocket, it was a lieutenant colonel of the DKNB of the Republic of Kazakhstan in the Akmola Region, from the investigative department.

As I understand it, he is an investigator, and there were two operas and two IT specialists with him.
I was asked to get dressed and go to the gym. I quickly got dressed, went to the hall and began to enter the witnesses, who were picked up somewhere on the highway near my house.

I knew I was fucked, and my head was full of panic and hysteria, but I kept telling myself not to let it show, and I managed to hold it in. For what? At that time, I thought that if I started to panic, they would realize that I had done it, and they would not be able to get out of it.

I sat down, and then the investigator took out the resolution, most of which I listened to in hysterics. But, I remember exactly what was said there, that the attack on Halyk Bank lasted 14 hours, and on their Internet banking for individuals. about 90 minutes. It also said that I posted my attacks on Twitter, and the @ nickname was specified. After that, in hysteria and panic, I answered the questions asked, I and the witnesses got acquainted with the decision, after which the investigator offered me to voluntarily hand over the equipment.

I decided that if I was "not guilty", I would not be afraid to hand over the equipment voluntarily. Therefore, I got up and wanted to go to the room, but an IT specialist held me back and said that he would collect all the equipment himself, and I just had to show where it was. I gave up my iPhone, laptop, and netbook.

The specialist asked me to go with him to the room with a laptop. We sat down and he started flipping through my files. At that time, I knew about the existence of various programs like TrueCrypt, but, stupidly, I did not use it. All my files were on display. He went to one of the sections and found the DDOS folder. In which there were source codes for botnets, and of course I explained to him that they are in the public domain and downloaded them only for reference. After that, he saw my Putty software, which I use to manage servers.

Then the investigator began to draw up a protocol of the search on camera, in which he recorded that I voluntarily handed over such and such equipment, brand such and such, such and such color and blah-blah-blah. Then two employees went into the room and began to dig through my room, taking out some old 15-year-old notebook, a couple of SIM cards and a router. Then they went through the rest of the rooms, and said, they say, clean. But, due to the fact that I passed most of the equipment voluntarily, they didn't really dig into my things, since I passed the main one voluntarily.

Then we went out, I asked for a smoke, and one of the employees came out to accompany me, from whom I learned a few details. He shouldn't have told me this, but he was so kind. He told me that they were looking for me for half a year, and I had to try. They themselves could not, since I had my own server with an OpenVPN server raised on it. They asked the FSB of the Russian Federation to help, and since Kazakhstan and Russia are in close relations, they kindly agreed to help.

He also asked me why I didn't get hit by some SOBR, because I'm a criminal. He argued that the SOBR outfit would have broken in if I could have resisted, but since they already knew that I was a small cunt, they decided to roll in on their own.

He immediately warned me that it is strictly forbidden to disclose the case while the pre-trial investigation is underway, since the criminal case is classified in the National Security Committee of the Republic of Kazakhstan.

During the interrogation, the whole pussy*ts started. I didn't have a lawyer, and I didn't really need one. I was asked how I organized the attack, what I did, and how I did it. Whether I had any accomplices, and for what purpose I carried out the attack. Whether there were any other motives or self-serving goals, and all in this regard. After that, they asked me how I came to this whole thing, along with asking questions about terms that they didn't understand (almost everything )

Also, during the interrogation, I was shown screenshots of my attacks, showed all the evidence that it was I who attacked. And then I remembered that when my colleague was tried in the Russian Federation, he moved out under Article 28 of the Criminal Procedure Code of the Russian Federation (Suspension and closure of the case due to remorse for his activities), and decided to try it too, partially admitting guilt.

After a long interrogation, which lasted less than 3 hours, I signed a subscription not to recover and house arrest, yes, it is home, fucking arrest. It said that I should not leave my permanent place of residence without the investigator's permission.

They took me home and took away my ID card for a while (you have a passport, but it's the same thing).
For two days I had a wild shock, I didn't realize what was happening. I couldn't really eat or drink, let alone be afraid, because this is a fucking criminal case and I could go to jail.
After two days, I more or less began to recover, without thinking for a long time, I got a cheap phone on a bucket, and went to a friend.
After telling him everything as it is, I started restoring my accounts in parallel: Telegram, VK, Cloud Mega, etc. (They were linked to virtual numbers, so I just ordered a second SMS).
Having restored everything that is possible, I cleared them of unnecessary fucking information. I told my guys that I was pinned down by the DKNB, and said I will get in touch as soon as I can.

After that, I finally came to my senses, I didn't worry too much, I only cared about the files on my computer. I registered new accounts and just waited for news from the investigator. The equipment was sent for examination, they said that it would return in about a month.

I began to realize that this wasn't going to work, and I needed to find some money somewhere. Without thinking for a long time, I contacted my friend and we rented a server rack with spoofing in one of the Data Centers in beautiful Europe.
We rented out servers to beginners and just experienced ddosers, the prices were delicious, they were sorted like seeds. So I more or less raised some money to get some new gadgets.

I slowly bought myself a new laptop and iPad 4, continuing to wait for the cherished call from the investigator. Two months passed, the equipment was never returned, they said that it would remain in the DKNB until the trial as material evidence. My rage knew no bounds.

Around the end of July, an investigator came to see me, taking another investigator with him. He said that the arrest was carried out only on behalf, and from now on my investigator is this person whom he brought. It was a young lieutenant.

When the lieutenant colonel came in, for some reason he started the conversation so warmly, constantly smiling, managed to get fucked up by his behavior. We sat and chatted, and he told us the latest news on my criminal case.

He also said that employees in the department, one bank and influential people in the country and a couple of people from Russia (most likely FSB employees) want to meet me, imagine how fucked up I am at this moment.
As a result, being in deep shock, I couldn't say a fucking word except: You can, introduce me.

Later, I often went to the department, where constant interrogations were conducted, where we chewed the same thing, how fucked up it was. I met a certain number of employees, most of whom turned out to be pleasant people to communicate with. But, later I managed to get fucked up. I was invited by the head of one of the departments, but they didn't say the reason. I went into the office, and he greeted me with a smile and asked if I would mind if he smoked in the office. I said I didn't mind, since I smoke myself. We met, talked for a while, and then he offered me a job in their department.

He answered this very harshly, saying, well, in this case, I can make you sit down for 5 years, and that you were not alone, but a 5-person person, for example. I fucking gritted my teeth and said I'd think about it and come back to him later. He said, like, OK.

As soon as I left the office, I knew what kind of response he was going to get.
After sitting for an hour with the investigator, I decided to go to him and tell him the final answer, and he was happy, hoping to hear "yes", waiting for me and smiling. But, I got a different answer and apparently the ass caught fire. He asked me why I refused. Still good. I explained to him that I had other plans, but I would be retiring from the world of hacking after the trial.

He apparently being from the fact that he was refused by some guy, said, they say, go, I'll think about what to do with you.
I was stressed out, my nerves were fucked up. I was already shaking at the thought of him fucking up such a fucking thing. When I got home, I was lying in shock looking at the ceiling, not understanding a fucking thing. But, he's probably a reasonable guy, and he didn't do a fucking thing, just scored.

Well, with the investigator, we started fuck.
We were waiting for a response from the bank, they say, what kind of damage came out. Because qualification was needed, if the damage is less than N-th amount, then I will go according to part 1 (moderate severity), if more than N-th amount, then according to Part 3 (severe).

The bank did not give an answer for a long time, and while it ignored us, an expert examination of my equipment was carried out, we also went to a psychiatric hospital for a psychiatric examination, and to a psychologist for this examination again.
The fucking interrogations continued, and quite often. I got a lawyer who I saw very rarely, and when he was at the department filling out paperwork, I was lying around at home.

Later, the damage came from the bank, we expected fucked up, under the lam, and in this case I would have received Part 3, but there was hope for the best. And when he came, we sat on our asses.
I won't name the amount of damage, and I can't say why I didn't fall under Part 3 either, sorry
In general, I was qualified under Article 210 Part 1 of the Criminal Code of the Republic of Kazakhstan

After all the scandal, the investigator sent the case to the prosecutor's office, and they had to get acquainted with the case. Familiarization lasted well ocheen long, and for some reason the prosecutor still called, said that it would be necessary to drive up to everyone, including representatives of the bank. We arrived, the lawyer was already on the spot, the investigator too. The prosecutor indicated in his document to appoint me imprisonment or restriction of freedom for a period of 1 year and 6 months. Later, the lawyer fucked him hard, literally :)

It turns out that in December 2016, an amnesty was issued in honor of the twenty-fifth anniversary of the Republic's independence.

And since I committed a crime before the release of the amnesty, I fall under it. The lawyer fucked up to him, they say, when did the amnesty come out? He doesn't say anything, looks away, and the lawyer says to him: That's right, in December. When did he commit the crime? That's right, in October. It falls under the amnesty, redo it, please.

He rushed from office to office for a long time, consulting with colleagues, eventually came back after an hour and a half with ready-made papers, where it was written that a restriction or imprisonment for 1 year and 6 months should be imposed, but since the suspect falls under the amnesty, blah-blah-blah, the main punishment is canceled, but, add. punishment: 200 hours of community service, damages, and house arrest from 10 p.m. to 6 a.m. for a period of 1 year and 6 months. (That's fucking awesome)

We all got acquainted and signed our names.

Further, the prosecutor referred the case to the court, also long :(

As a result, the trial still took place.
The day before the trial, I received a text message, then received a call.
I called my lawyer and said that the preliminary hearing would be held the next day. He said okay, I'll try to come.

As a result, we all came to the regional court, and the lawyer did not pass. Since I was 18 years old at the time of the hearing, only I and the lawyer on duty were allowed in, and the rest of them were sent to fuck off and told to wait downstairs.
I went up to the desired floor, then one of the guards accompanied us. The hall was quite spacious, but the hearing was closed. I was sitting with the lawyer on duty, the prosecutor was sitting opposite us, the judge's secretary was not far from us, and the judge himself.

We were all there when the judge came in. We all got up, and he walked over and sat down. And then we sat down. He took out the file and started reading some kind of shit (yes, yes, I flew in the clouds in court, ha, beaten off).
He read and read, then stopped. They say that he is being tried as a minor, since the crime was committed at the age of 17, why did the prosecutor indicate 200 hours of community service? (P.S. This is child labor exploitation).

And he added, they say, why does he have an article for viruses, if it was just a hacker attack?
I told the prosecutor to redo and remove community service and assign a suitable article, or prove that I fit under Article 210, since according to him, there is no corpus delicti. Ayy.

But, the prosecutor turned out to be fucked up, and didn't want to fuck with it. They just decided to close the case without a retrial. I compensated the damage to the bank, they wrote a paper stating that they had no claims against me, and they granted me an amnesty without any restrictions. About two weeks ago, a decision was issued to close the case, so I am now completely free of everything. Now we are waiting for a response from the prosecutor's office, as we asked to coordinate this with them.

I hope that I will never cross the department's territory again.

What can I say to my new colleagues?
Guys, in no case, NEVER touch your state. Private traders don't give a fuck, I'm talking about state resources.
Never spread the word about your attacks or hacks, or about a particular resource.
Never start a Twitter account.
Never store important and secret files on computers that have an Internet connection.
Use TrueCrypt or its analogs.
Preferably use your own VPN server.

Don't discuss such topics over the phone, ever. Any operator saves call logs and issues them on request (this was also the case before the Spring law)
Take care, and do not neglect anonymity on the Internet.
I hope you don't end up in the same situation, because you may not be as lucky as I am, and you may end up behind bars.
 
You must log in or register to reply here.

Similar threads

G
Elon Musk's funding of carding forums
Replies
0
Views
534
Good Carder
G
G
Is carding still relevant in 2026?
Replies
1
Views
590
cvvshop360
cvvshop360
Professor
Cyber Insurance for Retail 2026: A Financial Cushion or an Investigative Tool That Knows Everything About You?
Replies
0
Views
213
Professor
Professor
P
Guide: Carding Facebook Ads 2026
Replies
1
Views
791
Sage-003
S
Professor
Forensics on the Public Ledger: How Blockchain Analysis Evolved from a Surveillance Tool into a Key Investigative Weapon for DeFi Fraud and NFT Theft
Replies
0
Views
252
Professor
Professor
Back
Top