Security writer Brian Krebs’ phone was spoofed and a SWAT team was called to his home last week by hackers who apparently took offense at his investigations into various online hacking organizations. His website also suffered a denial of service attack for a short period.
The attacks came after Krebs wrote about a site called ssndob.ru that specialized in selling credit reports and credit information for unsuspecting victims. The site sells full reports for $15, and lists of records “which include first, middle and last names, plus the target’s address, phone number, SSN and DOB” for 50 cents each.
The attack began when Krebs’ hosting provider received a fake email from someone claiming to be from the FBI. A few days later, on March 15, his provider reported a DDOS attack that possibly came from Booter.tw, a network stresser with a bug that let investigators assess where the attacks were coming from. The source of the attack was a user at the “firstname.lastname@example.org” email address.
At the same time Krebs received a knock on his door at home and was greeted by armed police who were responding to a spoofed call claiming that Russians had shot Krebs’ wife. The police detained Krebs briefly and then let him go once they were able to discuss the matter and previous threats that the researcher had already reported to the police in 2012.
In short, Krebs suffered a virtual and “kinetic” attack simultaneously which, to be honest, is a fairly rare occurrence. While SWATing – the act of calling the police for a false alarm – is often talked about it’s rare to see it play out in actuality. It’s lucky that Krebs was calm and collected and the police response was equally sanguine.
Writing about hackers has always been a dangerous game and has clearly gotten more dangerous. While many whom Krebs exposes are little more than petty thieves, the damage they can wreak on an unsuspecting researcher could be immense. It’s lucky, then, that this didn’t turn out much, much worse.