The team behind podcasting's DDoS
This article is at least a year old
Buzzsprout, Podbean, Spreaker and Captivate were all subject to a DDoS attack this week. It is believed the same attacker was involved on all of them.
The podcasting community quickly worked together to combat the threat of this attack: competitors sharing information and knowledge about how best to protect against it. Most podcast hosts had a short amount of downtime as a result, affecting only some of their services.
Working together helped limit this action, and helped better deal with copycat attacks in future. “It’s awesome being in this space with the quality of people I’ve come across,” one podcast host told me. Others described it as an example of all that is good in the podcast space: different companies collaborating with each other for the good of the medium.
Posting as Jesus Harnel from an account on the Russian online service Yandex, the emails to podcast hosts claim a 'serious security problem’, and give a WhatsApp business number to contact for more details.
I contacted Jesus, who told me he lives in Estonia. He told Podnews: “I have a mother who is sick, she needs to have an emergency operation for her treatment.” The money that Jesus was asking for? $1,500. Payable by Bitcoin.
“My goal is not to harm, my goal is to close the problem on all sites,” Jesus added; and said that he has a team of four people. He seemed angry that he wasn’t being taken seriously by the podcast companies he’s targeted.
Jesus wouldn’t, though, tell me more about the 'problem’ on the websites other that it was apparently to do “with login pages”. (All the companies he’s targeted use different login code). He also didn’t say whether all his team mates had ill mothers, or which hospital in Estonia it is that takes Bitcoin.
Jesus Harnel has a barely-filled LinkedIn page, using a Turkish word but claiming he works in Luxembourg for a company that doesn’t have offices there. “Could be fake,” he said, when I asked. His team uses a Twitter account with a Portuguese username (of a Brazilian band), accompanied by a photograph of a man wearing a Queens of the Stone Age t-shirt. Jesus tells me that it’s another member of his team: I discovered, however, that the picture used was first seen on the internet in 2004.
Little that Jesus said was truthful, it appears to me, though he does have some self-awareness. “I realized that my goal is not to hurt anyone. A lot of people have been hurt by me, and that’s why I stopped the attacks,” he said to me, when I questioned why he was attacking podcast websites and hurting innocent podcasters. He added, somewhat obliquely: “I want to help humanity”.
However, what seems clear is that this action is nothing to do with website security, nor “helping humanity”, and overwhelmingly nothing against podcasting. He’s not angry at some podcast or other: I asked him more than once. I suspect he merely sees there being quick money to be made here - after all, podcasting is booming. I tried to say I’d help him with promises of contacts at the podcast companies he was targeting, but he was uninterested in talking further, using some language his mother probably wouldn’t have appreciated.
No personal information has been accessed, and to my knowledge, not one podcasting company has paid him.
I wish his mother well.