Members of RevSpace, a hacker collective in The Hague want to teach "Jeroenz0r," currently in custody for cyberattacks against Mastercard and Visa, a lesson or two to make him a real hacker. That is, an ethical hacker.
The High Tech Crime Unit of the Dutch National police arrested the 16-year-old boy and confiscated his computer equipment on Wednesday night. He is accused of being a driving force behind the distributed DDoS (denial-of-service) attacks against the websites of Mastercard and Visa earlier this week.
The suspect, who sports the online nickname "Jeroenz0r," is a regular on the IRC chat channels of the local hacker club in The Hague called Revelation Space. Some of its members know the boy. "What he has done is of course out of the question," says Koen Martens, head of Revspace in an interview with Webwereld, a Dutch IDG publication.
DDoS is not hacking
Martens emphasized that a DDoS attack has nothing to do with real hacking and shouldn't be confused with it. But the RevSpace members, who pride themselves on being benevolent white-hat hackers, see no reason to oust the boy. Quite the contrary. "It's obvious that we will have to guide him. We will help him learn what ethical hacking really means and to point out what is inadmissible and wrong," says Martens.
According to Martens, it is important to keep the door open and give the boy a chance to develop in a positive way. "Hopefully, people will not abandon him," he said.
Martens plans to set up a course to prevent kids from "crossing the line" in cyberspace. "We are also a role model," he argued. "We can be more helpful than scolding parents who might have no idea about technology and computers."
Barry van Kampen, head of the Utrecht, Netherlands-based hackers collective Random Data, agreed. "Yes, I concur with this," said Van Kampen, pointing to the fact that some members of RevSpace already know the boy. "We too are responsible for each other."
The worst thing that can happen to 16-year-old "Jeroenz0r" is that he becomes isolated, said Van Kampen, who sympathizes with the suspect. "Because the government and even our parents often don't understand us."
The arrested boy has apparently confessed that he is responsible for attacks on the websites of MasterCard and Visa. "He admitted that he started the cyberattack," a spokesperson of the Prosecutors Office told Webwereld. On Friday the Rotterdam criminal court judgeextended his remand another two weeks.
Fresh DDoS attacks
On Friday morning, the websites of the Dutch National Prosecutors Office and the National police suffered prolonged downtime from another coordinated DDoS attack. The police started an investigation into these attacks as well. These are probably related to the Mastercard and Visa attacks, the Prosecutors Office said in a statement.
Since WikiLeaks started releasing thousands of classified U.S. government diplomatic cables, several companies have decided to cut WikiLeaks off from their services, including PayPal, MasterCard, Visa and the Swiss payment transaction firm PostFinance, where WikiLeaks founder Julian Assange held an account.
In response, a loose affiliation group calling itself Anonymous orchestrated DDoS attacks against those websites, causing downtime for many of them. The group has dubbed that effort "Operation: Payback." Other websites that have been attacked include those of vocal critics of WikiLeaks, including U.S. Senator Joseph Lieberman and former Alaska governor and vice presidential candidate Sarah Palin.
(Andreas Udo de Haes contributed to this report.)