MafiaBoy: The boy who took over the internet

In 2000, the websites of Amazon, Dell and eBay were shut down. The attacks were not carried out by professional hackers, but by a 15-year-old boy.

17-05-2022 - 5 minute read. Posted in: case.

MafiaBoy: The boy who took over the internet

In 2000, a number of major corporate websites were shut down, including Amazon, CNN, Yahoo, Dell and eBay. The attacks were not carried out by professional hackers or a state-sponsored group - they were carried out by a 15-year-old boy from Canada.

The early years

Michael Calce was born in the West Island area of Montreal, Canada. Michael felt isolated from his friends around the age of 6, and his father gave him a computer to occupy himself with.

He immediately became interested in the digital world. The computer gave him a sense of control. In the first few weeks, Michael went from knowing nothing about computers to using DOS commands. He spent many days reading manuals and developing his skills.

A few years later, he got his first free trial of AOL, his first time on the Internet. A few days later, 9-year-old Michael managed to hack AOL's systems so he could extend the 30-day trial.

Interest in hacking begins

As a teenager, Michael started chatting with people using AOL's chat feature. He was kicked out of chat rooms by other users sending so much data towards his computer that his connection was severed.

He became fascinated by the idea that one person was able to "attack" another, regardless of the distance between them, using the Internet.

After acquiring the necessary knowledge, he also started attacking other Internet users in the same way.

Michael was one of the first members of the first online hacking communities. As he became more and more involved in online hacking groups, his hacking skills and knowledge also grew.

When he joined the hacker group IWC, he found that other people online had the skills to overload computers, delete data and steal personal information.

Michael was taught by the group's leader and other members how the IRC network worked and how to exploit certain vulnerabilities to compromise a network.

Michael joined another hacker group, the TNT/PHORCE group, where he used his alias MafiaBoy for the first time.

The first hacking attacks

Michael hacked Outlawnet Inc, an Oregon ISP whose network was run by students at Sisters High School.

Using their server, he was able to spoof his IP address and route himself through Outlawnet and then enter an IRC chat room. He also used the server to cover his tracks.

He managed to hack a handful of university networks and then harnessed their combined computing power to attack external websites.

Michael was able to carry out DDoS attacks by using university networks to overwhelm websites with fake internet traffic. This was the start of his Rivolta project, which took over several of the largest websites of the day.

Project Rivolta

Michael then had the idea to build his own powerful DDoS tool with the help of his online hacker friends. After a few months of developing his tool, it was time to test it on a larger, well-known target.

On 7 February 2000, Michael launched the first major DDoS attack using his tool on The attack was part of a series of attacks under the name Rivolta, which means "revolt" in Italian. At the time, Yahoo! was the most used search engine. He managed to shut down their website for an hour.

The next day, on 8 February, he launched an attack on, which shut down the site faster than Yahoo!.com.

While chatting with his hacker friends online, one of them suggested that CNN would be impossible to shut down because of its advanced security network. MafiaBoy saw this as a challenge and managed to shut down CNN's website, and a few days later he shut down Dell's website as well.

Over the next week he shut down and by then the attacks were all over the news.

The aftermath

The FBI and Canadian police first noticed Michael when undercover agents in IRC chat rooms found out that MafiaBoy claimed he was responsible for the attacks. He then became the prime suspect.

Agents began searching the internet for clues to his identity and quickly found an account in MafiaBoy's name registered with an ISP in Canada. Data from the Dell attack pointed to another ISP in Montreal and the FBI believed Mafiaboy was in Canada.

After a few days, the FBI found Mafiaboy's home address. They began surveillance of his house and soon after arrested Michael.

He initially pleaded guilty, but later pleaded guilty in January 2000 to most of the charges against him, 55 in all. The cost of the cyber attacks was estimated to be betweenm 1.2 and 1.7 billion dollars.

On September 12, 2001, after eight months of open custody, the Montreal Youth Court sentenced Micheal to eight months in a juvenile detention facility, one year of probation, restricted use of the Internet, and a small fine of $1,000.

Adult life

Michael left his life of crime and began helping companies identify security flaws in their systems and design better security measures. At the age of 31, he started his own cybersecurity company, Optimal Secure.

Many security researchers believe Michael's attack paved the way for the rise of cybersecurity among large companies in the decade that followed.

Author Sofie Meyer

Sofie Meyer

Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.

View all posts by Sofie Meyer

Similar posts