Cyber Incident Victim: italiastartupvisa.mise.gov.it

On December 15, 2016, the hacker known as Cryptolulz666 launched a distributed denial-of-service (DDoS) attack against the Italian government website italiastartupvisa.mise.gov.it. This attack served as a preliminary test of the hacker’s botnet capabilities before targeting more significant infrastructure. Cryptolulz666 employed a NetBIOS amplification technique, exploiting the protocol’s inherent vulnerability where a single NBSTAT query generates responses three times larger than the request. To execute the attack, the hacker scanned approximately 10% of the internet’s address space, identifying and weaponizing two million vulnerable devices to act as bots in the amplification campaign. He supplemented this with two additional spoofing servers to stabilize malicious traffic volumes, utilizing custom Python scripts to coordinate the assault. The Italian website’s operational disruption duration remains unspecified in available records.

Following the Italian test case, Cryptolulz666 redirected his botnet against the Russian Federal Drug Control Service liquidation commission’s website (www.fskn.gov.ru) later the same day. This secondary attack successfully rendered the Russian government site inaccessible for multiple hours, demonstrating the botnet’s destructive capacity. The hacker publicly justified both attacks as efforts to expose governmental cybersecurity deficiencies, stating authorities neglected basic infrastructure protections. No technical countermeasures or institutional responses from either affected government were documented in the source material. Cryptolulz666 explicitly announced intentions to continue targeting government websites globally under this rationale, emphasizing planned exploitation of perceived security apathy. The attacks exclusively disrupted service availability without reported data breaches or secondary compromises.