by | | 0 comment(s)

Craigslist taken down by hackers. Digital Gangster might be involved


Effective shortly after 6:00pm, last night, on Sunday night of November 23, hackers have successfully disabled Craigslist, for at least 2 hours, with a DNS attack. 

Users across the nation, have experienced different symptoms, from random outages, to some of the ads in their accounts being replaced by a blank page with a single link pointing to a website allegedly being set up by Digital Gangster. The attack apparently aimed at redirecting traffic to one particular domain, must not have worked as expected, due to the massive traffic volume from Craigslist. The target domain was flooded by requests beyond capacity, causing it to crash.

For the moment clues point to the “original” Digital Gangster, AKA Josh Holly, from Murfreesboro TN, most famous for claiming responsibility over the hacking of celebrities smartphones and social media accounts. Some of these attacks have led to the publishing of celebrities personal photos being released on the web. One of the first reports of DG’s activity dates back to 2008, when Miley Cyrus Gmail account was accessed by Holly, who stole pictures of the actress and tried to sell them to the media, unsuccessfully.

Holly, under federal investigation by the FBI, was found guilty and sentenced to three years in probation, without jail time, in consideration of his collaboration with federal agents.

Ironically, the attack on Craigslist seems to be extremely ill-timed, as it marks Holly’s scheduled release from his probation. If found guilty, Holly could face federal prison this time.

Craigslist has been reported as offline as late as 8:30pm last night. Access is still moderately intermittent, and it’s only a matter of time before ISPs flush their cache and allow Craigslist to operate again.

It is difficult to determine the depth of the attack, without an official statement. Fortunately, Craigslist accounts don’t typically contain exceedingly sensitive information about the users, except for email addresses and phone numbers, making this attack relevant only as far as the challenge in itself.


You must be logged in to post comments.