U.S. Authorities Arrest Longtime DDoS Extortionist

Distributed Denial of Service (DDoS) attacks have become the new norm among cybercriminals lately. Many people have looked to these attacks to punish any online service they don’t like or wish to extort. One person responsible for a fair amount of those attacks was arrested in the U.S. late last week. He had also made several death and bomb threats against his targets. Kamyar Jahanrakhshan is no stranger to the U.S. criminal justice system either.

DDoS Extortionist Had a Criminal Record

Going after cybercriminals responsible for DDoS attacks is not all that easy. Criminals can launch their attacks from anywhere in the world and often route them through infiltrated systems around the globe. In most cases, they are ultimately tracked down as a result of using a command and control server, which is often accessed through a VPN or proxy. However, there are always some digital breadcrumbs to follow, which is exactly what U.S. authorities did in this case.

American authorities had been looking for the person responsible for multiple DDoS attacks. This individual had also made death and bomb threats against the likes of the Sydney Morning Herald, CBC, MetroNews Canada, and even the Canadian government. Shutting down online platforms is one thing, but issuing death and fake bomb threats is something else entirely. It turns out the person responsible for these attacks is Kamyar Jahanrakhshan, a man of Iranian descent.

Jahanrakhshan had obtained U.S. citizenship back in 1991, although he moved to Canada in 1995. As it turns out, he is no stranger to the Justice Department, having been involved in a theft case in 2005 and a fraud case six years later. People with a tendency to conduct criminal activities will often resort to their old habits, which is seemingly what happened here. As it turned out, trying to get his criminal record erased from the Internet is what ultimately did him in.

Jahanrakhshan contacted websites which had written articles about his prior criminal record. All of these sites were contacted in a cordial manner at first, but after refusing to comply with his demands, things turned violent pretty quickly. It did not take all that long until Jahanrakhshan started sending threatening emails and even hinted at potential “attacks by hackers” if the sites did not comply. Threatening the freedom of the press is never an advisable thing to do. 

The cybercriminal then proceeded to portray himself as a member of the Anonymous hacking collective. That in itself is both despicable and silly, as it only served to attract more unwanted attention from all sides. Eventually, he launched a DDoS attack against Leagle.com after the site refused to take down articles which involved his criminal record. Because the company could not handle the attack, they eventually complied with the hacker’s wishes. This ultimately resulted in other DDoS extortions throughout 2015 and 2016. It does not appear any money ever changed hands.

When U.S. authorities finally uncovered Jahanrakhshan’s identity, he was taken into custody and currently awaits trial. It is expected he will face up to five years of jail time and be forced to pay a fine of US$250,000 or more. According to his record, he previously used stolen credit cards to buy luxury cars and a boat. His actions will only make his criminal record more notorious, rather than getting it removed from the internet altogether as he had hoped. It was a bad idea from the start.