ICE Agent Doxxing Site Hit by Russian-Linked DDoS Attack
▼ Summary
– A website called ICE List, which aimed to publish the identities of ICE and Border Patrol agents, has been taken offline by a prolonged DDoS attack.
– The site’s founder claims the attack is sophisticated and originates from a Russian bot farm, though the true source is obscured by proxies.
– The site was created after a DHS whistleblower allegedly provided personal details of 4,500 immigration officials.
– Once restored, the site plans to combine this new data with an existing cache of information on 2,000 officials, hosting it in the Netherlands.
– The whistleblower’s action was reportedly prompted by the fatal shooting of a mother by an ICE agent in Minnesota.
A website dedicated to publishing the personal information of federal immigration agents has been forced offline by a massive and ongoing distributed denial-of-service (DDoS) attack. The founder of the controversial “ICE List” site, Dominick Skinner, confirmed the outage, describing the assault as both prolonged and sophisticated. He attributed the flood of disruptive traffic to a network of bots linked to Russian internet addresses, though he acknowledged the true source of the attack remains obscured by layers of digital proxies. The takedown has temporarily blocked public access to a database intended to expose the identities of thousands of U.S. Immigration and Customs Enforcement (ICE) and Border Patrol personnel.
Skinner launched the site after reportedly receiving a trove of data from a whistleblower within the Department of Homeland Security. This data leak contained detailed records on approximately 4,500 officials, including names, government email addresses, phone numbers, and employment histories. The plan was to merge this new information with an existing collection of personal data on another 2,000 federal immigration employees. By hosting the website on servers in the Netherlands, Skinner aimed to place it beyond the immediate legal reach of U.S. authorities. The whistleblower’s action was reportedly motivated by the fatal shooting of a Minnesota woman, Renee Nicole Good, by an ICE agent earlier this year.
The sustained cyber-attack began on Tuesday evening, overwhelming the site’s infrastructure and preventing it from loading. Skinner and his team are actively attempting to migrate to new servers to restore access, but he concedes the platform will likely remain a prime target for such disruptive campaigns. The incident has sparked discussion about the resilience of such controversial data repositories. Some online commentators suggested that a more robust method would be to release the information via a peer-to-peer torrent file, which is inherently more resistant to takedown efforts than a centralized website. An archived snapshot of the site, captured before the attack, reportedly remains accessible through certain links.
While Skinner points to Russian-linked IP addresses as the origin of the traffic, cybersecurity experts note that DDoS attacks frequently leverage compromised devices and proxy servers around the globe, making definitive attribution extremely difficult. The sophistication lies in the attack’s duration and scale, not necessarily in its geographic origin. The event highlights the ongoing digital battleground where hacktivism, information warfare, and political protest increasingly collide, with personal data and online accessibility serving as the primary weapons and casualties.
(Source: InfoSecurity Magazine)
