Russian Arrested On Amazon.com Hack Charges

Officials at the US Department of Justice announced that a Russian man has been arrested in Cyprus in connection with attacks on Amazon.com.

The man, Dmitry Olegovich Zubakha, 25, of Moscow, was arrested on 18 July on an international warrant. Zubakha was indicted in May of 2011 for launching two denial-of-service (DoS) attacks on the Amazon website. The indictment, which was unsealed Thursday, also links him to other DoS attacks on Priceline.com and eBay.

‘Serious harm’

“These cyber bandits do serious harm to our businesses and their customers. But the old adage is true: the arm of the law is long,” said US Attorney Jenny A. Durkan who leads the Justice Department’s Cybercrime and Intellectual Property Enforcement Committee, in a statement. “This defendant could not hide in cyberspace, and I congratulate the international law enforcement agencies who tracked him down and made this arrest.”

According to US authorities, the incidents happened in June of 2008. On 6 June and then again on 9 June of that year, Zubakha and fellow hacker Sergey Logashov are alleged to have mounted a DoS attack on Amazon that resulted in the site being down for hours.

The attacks were launched using a botnet of compromised computers. Zubakha and his accomplice allegedly took credit for the attacks on hacker forums. In one instance, Logashov reputedly called Priceline.com and offered his services as a consultant to stop the denial-of-service attack, authorities said.

In October 2009, law enforcement traced more than 28,000 stolen credit card numbers to the duo, authorities said.

Identity theft

Zubakha now faces a host of charges, including two counts of intentionally causing damage to a protected computer resulting in a loss of more than $5,000 (£3,000) and conspiracy to intentionally cause damage without authorisation to a protected computer. He is also charged with aggravated identity theft for reputedly using the credit card of a Lake Stevens, WA, resident illegally, as well as possession of 15 or more unauthorised access devices.

If convicted on all charges, Zubakha could face significant prison time. Conspiracy is punishable by up to five years in prison, and the other computer charge carries a penalty of up to 10 years in prison and a $250,000 fine. Possession of more than 15 unauthorised access devices is also punishable by up to 10 years, and aggravated identity theft is punishable by an additional two years in prison on top of any sentence for the underlying crimes.

Zubakha remains in custody in Cyprus awaiting extradition.

Are You An IT Olympian? Take our quiz.