[MA_proking]

Hello,

Myself Proking I m the Director of GTA - GAMING [SAMP Community]. We started a server Zombie Apocalypse in 2012 and in June 2013 we started GTA Gaming Gangwars. GTA Gaming Gangwars become real success we get 70/70 every night[+5:30] but then Gangwar Deathmatch come up in our server yelling at us "You stole our playerbase". In starting they used to do Car Spawning and other hacks to get our playerbase low then after they hired DDOSer to DDOS us.
Proof of DDOS VOLT-HOST UK1 Node where our server is located:

Quote:

Originally Posted by Volt-host(Tumblr) We are aware of downtime affecting all clients on UK1. This was due to a rather large DDoS attack on one of our IP’s. We are trying to restore access to our clients ASAP. We will update this post as soon as we have more information.

Today he came up again and DDOSed Volt-Host US Node where our Zombie Apocalypse located.

DDOSer came up in our Teamspeak and demand:

1. They ask to give gamemode.
2. $250 paypal money
3. 50% of my server traffic must be forced towards Gangwar Deathmatch community.

and told us he will not stop hack until demand full filled.

Quote:

<18:16:30> "[Venom] Venom": We can do this way if you give me money. <18:16:42> "Proking": nah <18:16:45> "[Venom] Venom": I will instead help you with any other server expect GWDM. <18:16:45> "Proking": you did wrong <18:16:55> "Proking": why should I pay you <18:16:59> "[Venom] Venom": To stop attacks. <18:17:03> "Proking": You will hack me even after paying <18:17:07> "[Venom] Venom": I wouldn't. <18:17:16> "[Venom] Venom": I didn't even do shit to PR after they paid. <18:17:25> "[Venom] Venom": Got $600 with ease! <18:17:27> "Proking": You dumb? <18:17:32> "Proking": We don't have money <18:17:37> "[Venom] Venom": Not my issue. <18:17:46> "[Venom] Venom": You can always ask for donations <18:17:49> "[Venom] Venom": and contributions <18:17:50> "[Venom] Venom": from the community <18:17:53> "[Venom] Venom": I've just shutdown all of this communitys gameservers.

-------
Hacker Hired From
Gangwars Deathmatch Community
http://www.gangwar-dm.com/
-------


Please help us...

[Krishan]

Quote:

<17:58:33> "Venom": The whole community(including all servers) will be annihilated if the demands wont be taken into consider and accepted. <17:58:38> "Venom": See this. <17:58:45> "Venom": We made PR-RP pay $600 to repair their gameserver. <17:58:48> "Venom": We have the resources. <17:59:08> "Venom": We nullrouted three gameservers. <17:59:22> "Venom": and popped a shell in the forums which made it unavaible for a few days <17:59:46> "Proking": 600 $ are you kidding? <17:59:55> "Venom": No, I'm not asking you for $600. <17:59:59> "Venom": But we made PR-RP pay $600. <18:00:31> "Venom": I took whole volt host down because of your server, UK1 place.

Quote:

<18:36:07> "Venom": I have DDoSed SAMP internet list for days. <18:36:09> "Venom": You mad?

The Warning Posted on Our Forums..!

[Jstylezzz]

There are a few threads on this issue already. What I suggest, is that you report them to Volt-Host, with the evidence provided here. Volt can take action against them, while we here, on the forums, can do very little.

[XProtocol]

If DDOS is illegal, then you should report it to police o.o
I know I'm an idiot

[Landon]

Stupid fucks, trying to DDoS someone in order to gain more players on their community. Could you please PM me the IP they registered with on your forum?

[StayAlive]

Internet police department.

[Riddy]

He probably is a script-kiddy. Report him to Volt, they'll probably be able to get some legal action done about this depending on his location.

[Bituspy]

We already contacted the volt host team. I am one of the leaders of GTA Gaming Community. We have been attempting to track this player down on the DM server which has either hired him or he is a part/regular player of that community. When we contacted the leader of this Community he is not reluctant to show any co-operation into this matter. This either means that their community have hired them or they are giving him a secure side. Even I can send the screen shot of the conversation between me and their leader. He clearly told me that the ddoser came on their server and told them something. He obviously did not give me full information and he is also not reluctant to show any information regarding this matter.

For hours I did not just investigated the attacker but also the servers which were influenced by this.(the ones which were hosted on the same UK1 node of Volt host). The servers are namely:
1) S.W.A.T (S4S or Swat 4 Samp) one of the well known DM servers.
2) Los Santos Street Wars (Another populated server)
3)GTA Gaming Gang Wars no doubt
4) About 2-3 A/D (Attack and Defense servers) (basically belongs to the individual clans.

They are targetting three Communities at one time which has inflicted a massive damage to all our Communities.

About 2500 servers in total of volt host took a hit right away with the attack.
If SA-MP Development Community and Owners did not took actions against the GWDM Community which is giving a safe place to hide these ddos attackers more servers will take damage due to them.
We request the SA-MP Developers to assist us in this difficult situation.
(about 3 minutes ago he also DDoS'd teamspeak server of our Community and took it down.

[linuxthefish]

These guys apparently have DDoS protected game server hosting, i think one of the guys that works there posts on the forum.

http://www.gsptalk.com/topic/1051-ga...ection/?p=5595

http://www.nfoservers.com/order.php

[TheChimpJr]

Quote:

Originally Posted by linuxthefish These guys apparently have DDoS protected game server hosting, i think one of the guys that works there posts on the forum. http://www.gsptalk.com/topic/1051-ga...ection/?p=5595 http://www.nfoservers.com/order.php

heheheh NFO Servers <3 Loving them since August 2012

[Bituspy]

Quote:

Originally Posted by [MM]IKKE 1. Remove him from Skype, he can get your IP through it & DDoS your home net 2. Don't give him anything. He calls himself a hacker whilst the only thing he does is DDoS you (which is not a hack) 3. Report the server with valid proofs about the DDoS attack (network graphs) & threats to team@sa-mp.com (you might not get a response) 4. Take the opponent server down by reporting their server at THEIR host. Hosts should be friendly enough to you to suspend the opponent server since they threatened you & DDoS'd you, both against their terms (likely) 5. Try to take legal action using your own host, although I wouldn't depend a lot on that. 6. Try to find the IP of the main DDoS'er (I guess the one who contacted you on skype). Retrieve their ISP (a simple IP trace would do that) and attempt to contact that ISP about those attacks. ISPs specifically do not like DoS attacks since it's a waste of expensive bandwidth. This guy likely uses his parent's internet, so you can pretty much already imagine what will happen if they get a letter about their DDoS attacks. The kid won't be allowed to go on the internet anymore for a while, I suppose 7. If you live in the same country and know the name of the DDoS'er, file an official report against him. Wouldn't expect a lot out of this 8. Ask him how you can donate the money to him & use PayPal support to suspend all their accounts. Giggle when you find out they just lost all their money. Remember that DDoS attacks cost more than your server costs you. Unless they are actually hackers with a real botnet, DDoS attacks usually don't last very long.

1) Yes he did contact me on skype and I even have Screen Shots of small conversations.
2)Of course we won't give him any cash or any of his game mode or his last demand, because we made the game mode by ourselves and with a great difficulty.
3) We will surely attempt to contact anyone which can help us out.
4)Reporting their server doesn't works. They have their own dedicated server and we are not friendly with the hosting team.
5) This is the reply we got from our hosting team.

Quote:

Hello, We cannot provide DDoS protected services. If your IP is attacked again on our new node we will have to suspend you. I'm sorry. It would cost us 4X the operational cost to provide DDoS protected nodes if not more. We have advanced DDoS mitigation techniques however in Arizona and Virginia that aids us in smaller attacks but, If they are large and complex we cannot stop them and our providers usually demand we terminate the client. Regards, Brad W

6) The person who is basically behind these attacks is from Finland. (how do I know this?) Ans: I've been myself a head admin of this DM server who is ddosing us and he even ddos'd this DM server way back when he was banned. Its not actually one but two people called JohnM and Stacks. They use VPN's even to access their own DM servers because so its a waste of time to track their IP's.
7) No we don't live in same country or I would have slapped him in real life :P
I already did that, but firstly he didn't gave any reply and second time he was willing to tell me but I banned him from our teamspeak.

---

Replies for TheChimpJr

I already got my skype account blocked by the way you told me.

Hack Issues: We already have a strong anti cheat. It detects on the player spawn only that he is hacking, so the chances of hackers from that server is greatly reduced/nil.
Our Server has good amount of well trained admins which can easily find the hackers so I don't worry about that as well

Demands: Although as per what I have heard about PR-RP and got information from one of their members, they did accepted some of his demands but till 19th June 2013 the RP server was still under massive DDoS attack and they were shutting down every now and then.

---

The owner of this DM server is way busy in real life to care for it. The leadership barely comes on the server. The things are mostly handled by a newly appointed leader and the senior administrators of this server.
Here I will like to point out that we even provided the GWDM leadership with the server logs from our server where they were trolling/insulting/flaming us in the absence of administration staff. Its been one week and they have given no reply.

[TheChimpJr]

Volt Host has a data center located in Arizona, called ' Secured Servers ' I used to host a $200 dedicated server with them, ya the specs are great. What they do is if your being DDoSed they null route the IP and block access for 24hrs or more. They used to do that all the time with me till I moved to NFO Servers. Now they know how to run a damm company <3

[StayAlive]

He can get his IP anytime -_- Skype Resolvers.
If younreally want to get his ass, ddos is illegal thing, so to and report at the http://internetpd.com/(http://internetpd.com/about.php), fill your "Report a Crime" with a too much informations and valid proofs, and they will get his IP through his Skype, then his location, then you know what they will do

[Bituspy]

I am really grateful to you all for giving us replies. If there is no choice left for us then we will surely host our server onto a secure server system to avoid the massive attacks from this Community. I can also get some of our friendly servers(basically who were affected almost the same way as we did) to post over here confirming the attacks. I was also deciding to hold a collective meeting of all the servers which were being hosted on the UK node until they ddos'd our teamspeak server as well. Currently we are crippled due to these attacks but we will surely revive from them soon.
More information and assistance will be appreciated.
Thanks everyone.

[TheChimpJr]

Quote:

Originally Posted by StayAlive He can get his IP anytime -_- Skype Resolvers. If younreally want to get his ass, ddos is illegal thing, so to and report at the http://internetpd.com/(http://internetpd.com/about.php), fill your "Report a Crime" with a too much informations and valid proofs, and they will get his IP through his Skype, then his location, then you know what they will do

Do you not pay attention? You can easily make your skype secured from those. God damm start reading.

[Pizzy]

Long story short, you can't do anything.

You have no proof the DDoS attacks actually came from him. Screenshots of skype conversations, text & video. It's nice and pretty but it's not proof as it can easily be faked

Your best / only bet would be to change host which had ddos protection. It isn't cheap though.

[Bituspy]

I am aware we cannot do anything but my aim is: with the help of the SA-MP Developers we can at least send them some strict instructions to either stop the attacks or to force their players to stop it. At least that will put some pressure on the leadership of that server which is in a state of Hibernation.

[linuxthefish]

Quote:

Originally Posted by [MM]IKKE This guy likely uses his parent's internet, so you can pretty much already imagine what will happen if they get a letter about their DDoS attacks. The kid won't be allowed to go on the internet anymore for a while, I suppose

I have yet to find any residential connection with a good enough up speed to attack anyone from. If they are merely using their internet connection to launch the attack from another server, the ISP won't care about it unless some major legal powers get involved.

[[MM]18240[FMB]]

Quote:

Originally Posted by Landon Stupid fucks, trying to DDoS someone in order to gain more players on their community. Could you please PM me the IP they registered with on your forum?

Yes, because when claiming to hack someone, you would take no measures to hide your IP..? Correct?

[[MG]Dimi]

Quote:

Originally Posted by [MM]18240[FMB] Yes, because when claiming to hack someone, you would take no measures to hide your IP..? Correct?

Depends. If he is really young, then that will be last thing on his mind. But in case he came here and saw this you will maybe try to disable his account there or whatever...