‘Evil’ hacker also DistributeIT culprit, claims firm


Web hosting company DistributeIT has accused a suspect arrested this week by the Australian Federal Police of being the same hacker, known online as ‘Evil’, who effectively destroyed its business last month by remotely destroying the functionality of a number of its servers.

This morning, the AFP released a statement noting it had arrested a 25-year-old Cowra man on 49 hacking charges, after a six month investigation into his online activities, including an attack on the systems of Platform Networks, a wholesale internet service provider based in Sydney. The AFP noted that hundreds of other Australian and international services might have been compromised, and that further charges would be likely to follow.

The AFP’s statement did not mention the Distribute IT attacks, which are believed to have taken place during the period when it was investigating the suspect arrested this morning. The AFP has also not yet responded to a request for comment on whether the same suspect is involved in both cases.

However, in a statement published on its web site this afternoon, DistributeIT claimed that ‘Evil’ was the same hacker who had attacked its systems last month. The attack rendered the data of thousands of the company’s customers unrecoverable and resulted in the fire sale of its business to fellow hosting company Netregistry.

“Australian Federal Police have arrested a 25 year old man from regional NSW who operated under the name “Evil” and successfully hacked into DistributeIT’s systems,” DistributeIT wrote this afternoon.

“The Netregistry Group assisted police in their investigation into the hackers operation in an attempt to bring justice to the thousands of small businesses who have been crippled by this recent hacking attack. However we call on “Evil” to apologise to all the businesses he ruined as a result of the targeted hacking attack.”

The Sydney Morning Herald reported this afternoon that the suspect had been refused bail in a court in Orange, with the court reportedly believing the suspect could potentially destroy evidence.

DistributeIT is still recovering from the attacks on its infrastructure. In the past month, it said today, all of its customers’ services had been successfully migrated onto Netregistry’s infrastructure, using the TPP Wholesale brand. In that time, some 17,000 separate support enquiries from customers had been manually responded to.

It’s not the first time this week that hackers have hit the headlines in Australia for all the wrong reasons. Yesterday SC Magazine reported that a separate group of hackers had made off with some 1,800 usernames, email addresses and hashed passwords held by the Tasmanian State Government — as a result of an earlier reported hack into a parliamentary web server.

Image credit: Simon Stratford, royalty free


  1. with the court reportedly believing the suspect could potentially destroy evidence.

    Surely he’d have some kinda dead man switch setup

    • If he was that deeply involved in hacking, you would have to assume all of his stuff was highly secure, encrypted etc. But who knows … I think a lot of people who do this assume the cops are never going to catch up with them.

      • I think a lot of people who do this assume the cops are never going to catch up with them.

        Which just shows up stupid they are

  2. Gee Micheal, I dunno. If you take Distribute IT’s word for it, this unemployed truck driver from Cowra managed to do the following;

    Hack into DistributeIT’s network
    Damage their core network infrastructure beyond the point of recovery
    Fiendishly subvert their disaster recovery plans and render the backups unreadable
    Run some low level disk utility that physically destroyed their data drives
    Did all of the above without coming to the attention of Distribute IT’s system administrators

    Based on DistributeIT’s version of events I’d say this guy makes Kevin Mitnick look like a script kiddie.

    Of course, DistributeIT could be making the whole thing up, including the initial hacker story, but who am I to think that?

Comments are closed.