Dennis Michael Moran (October 27, 1982 – April 14, 2013), also known by his alias Coolio, was an American computer hacker from Wolfeboro, New Hampshire, who was accused in February 2000 of a series of denial-of-service attacks that shut down some of the most popular websites on the Internet. He was 17 years old when he committed the attacks. He was later arrested and pleaded guilty to defacing the websites of Drug Abuse Resistance Education and RSA Security, as well as unauthorized access of the U.S. Army and Air Force computer systems at four military bases. Moran died of a drug overdose in 2013.[1]
The attacks
On February 7, 2000, a smurf attack generating over 1 gigabit per second of Internet Control Message Protocol traffic was launched against Yahoo!'s routers, causing their websites to be inaccessible to the world for hours. In a message sent to the CERT Coordination Center, Yahoo! network engineer Jan B. Koum stated that the attackers were "above your average script kiddie" and "knew about our topology and planned this large scale attack in advance."[2]
Shortly thereafter, Stanford University's computer security administrator David Brumley began monitoring Internet Relay Chat (IRC) traffic on irc.stanford.edu, which was then a public server on the EFnet IRC network. He discovered discussions about the attack on Yahoo! taking place which led him to believe members of an IRC channel had information about the source of the attacks, and he contacted the FBI to give them transcripts of the IRC chat.[3]
Over the following week a series of equally crippling denial-of-service attacks affected many other major internet sites including eBay, Amazon.com, E*TRADE, and Buy.com. A security consultant named Joel de la Garza also began investigating the IRC channel and while he was in the channel, RSA Security's website was redirected to a hacked web server in Colombia with a defaced copy of their home page. The defacement included a reference to David Brumley's nickname on IRC, as he had joined the channel by then in an attempt to gather more information from Moran. De la Garza witnessed this live show of criminal activity and later reported about it to the media.[4] On March 5, 2000, the FBI raided Moran's house and seized his computers.
After having so much attention drawn to him, and de la Garza's account of Moran being responsible for defacing RSA's website, the FBI investigated Moran's connections to other website defacements. Eventually they passed this evidence on to the New Hampshire Attorney General's office and Moran was charged as an adult with 7 counts of Class A felony unauthorized access of a computer.[5] One year later, on March 9, 2001, he pleaded guilty to 4 counts of misdemeanor unauthorized access of a computer and was sentenced to 12 months in jail with 3 months suspended as well as ordered to pay $15,000 USD in restitution.[6] His arrest took place in Wolfeboro, New Hampshire.
Professional career
During his time in jail, Moran was mentored by Paul Zimmerman, who helped him start a computer consulting company, DM Computer Services. His work focused on troubleshooting both home and business computers around Wolfeboro, NH.[7]
^Brian McWilliams (February 11, 2000). "Yahoo!: Attackers Knew Our Weaknesses". InternetNews. Retrieved August 1, 2008. New information released by Yahoo! suggests some of the denial of service attacks on Web sites over the past week may have come from sophisticated attackers with knowledge of each site's network.