A Melbourne man used a software program to take down the sites of business owners before bragging about it to his mates, a court has been told.
Details of Brett Bruce White’s complex web of denial of service attacks, committed against people he didn’t know or had barely met, were revealed at Melbourne County Court on Wednesday.
The Bayswater man pleaded guilty to five charges of causing unauthorised impairment of electronic communication in April and May 2018.
Prosecutor John Saunders said White, 32 first targeted health and fitness professional Phillip Learney, who lives in the United Kingdom, on April 18, 2018.
Using a subscription based computer service, White conducted a distributed denial of service (DDoS) attack on one of Learney’s business websites.
Mr Saunders explained a DDOS attack was a cyber attack where a server or computer is targeted with a large volume of traffic, causing it to crash or go offline.
“The effects of a DDOS attack can include noticeable slowing of service delivery and inability to access applications, and can result in system overload and ultimate failure,” Mr Saunders said.
The court was told Learney received messages from White on WhatsApp informing him of the site going offline and later received message requests on Facebook.
The pair exchanged messages about the quality of the site, with White offering to “get it secured and online generating money again”.
When Learney became suspicious and warned White to stop what he was doing, his other business website was taken down by a DDOS attack.
“During these WhatsApp exchanges, the offender threatened to contact all Learney’s competitors and customers offering the courses for free and providing free login details,” Mr Saunders said.
White then targeted businessman Terence Newton in May using similar tactics.
Newton had hired White in March that year to conduct search engine optimisation work for his websites for $2910.
Mr Saunders said Newton texted White in May he was unhappy with the services and wanted a refund.
“Newton subsequently received the following SMS from (White): You’re making a serious mistake that will cost you more than you think you’re owed,” he said.
Both of Newton’s sites rendered inaccessible by DDOS attacks over several days.
White also targeted a payment services provider Openpay with service denial attacks and sent abusive messages to an employee on Facebook.
Police located a Macbook laptop, which contained login credentials, website histories linked to DDoS services and the DDoS software itself, when they executed a search warrant on his house in April 2019.
Mr Saunders said White had bragged of his attacks to another WhatsApp user in April.
White’s defence lawyer Zarah Garde-Wilson said her client was fully cooperative with the police when he was arrested.
Ms Garde-Wilson said White, who previously ran two of his own businesses and was entirely self-taught with computers, had spiralled downward after his marriage deteriorated.
“He locked himself inside his house living on the computer, ordering take-in and using ice daily,” Ms Garde-Wilson said.
The court heard in the weeks before the offending, he had re-established his relationship with his partner and his ice use had decreased.
She said White’s offending was unsophisticated in that he provided his own details, like his name and bank numbers, during the offences.
White will be sentenced on November 20.