It was a normal day of school for students at Sisters High School in Oregon when one of the students complained that the server had stopped working. Renner, the school technician wasn't really interested by the crash. He thought that it just needed a few tweaks here and there, a few museclicks and codes, but no. It was an unusual problem. This high school network ISP (Internet Service Provider) network wasn't the cheap kind. It was a 50k network that provided access to 500 students but it has grown to serving more than 1,000 residences. After they found that their ISP, Outlawnet was hacked, they were concerned on why a small school network, which was swimming along with Yahoo!, Google, and all other big fishes was the one that got hacked. After that tragic incident, Sisters High became a free email relay. A lot of users disappeared and so did 3,00 files, all belonging to the school.
The case was then reported to the FBI. In a few days time, they were on the case. Software repairs to give back students internet access cost a mere 11k. Jon Renner provided the Bureau with system logs. The suspect that was found and question gave them a handful of IP addresses to study. Their most trackable lead was Sprint Canada.
Mark Gosselin, a veteran investigator in the RCMP joined the computer crime squad. In the FBI's eyes, they see that the hacker is using a high speed DSL (Digital Subscriber Line) account in Ohio. If FBI had account info, it would be a train track leading right to the hacker. Unfortunately, they don't. The first step in Gosselin's manual was to find some ISPs provided by Sprint. With Sprint that kept the car fueled, he found IPs in all over Montreal. There were more suspects but some users got banned for violating user rules. Gosselin had a fixed opinion on the source of trouble to a wealthy suburb on Rue De Golf. The owner, John Calce was the owner of a transportation company and is known as a temperament who isn't responsible for his children. His youngest child loved computers, and Gosselin paid attention ti him. It was never predicted that a skinny, dark haired teenager that like to play basketball is the actual person that they were looking for. The hunt for Mafiaboy is on. The most notorious teenage hacker since Kevin Mitnick.
It was the time when it was the U.S and China cyberwar, where hackers from all over the world took action. Ping, was an abbreviation for Packet Internet Groper, which refers when a system is working properly. It is like when you are calling someone at home, and you are waiting for him to pick up the phone. Charles Neal, LA's FBI leader was contacted most. Neal, who unraveled the Kevin Mitnick case, was FBI's most experienced cybercop had helped develop computer crime investigative methods. Like Gosselin in the search of Mafiaboy, no FBI agent in LA had a spark of brilliance if what they would encounter was going to be big. Their informative skills would prove how critical they could nab they hacker and take him down.
Swallow and Knesek, FBI agents, that opened up two hackers, managed to help by asking the hackers for help. Hackers that were arrested were immediately transformed into consultants and trainers. During Swallow's surf, a hacker tempted him with 400 credit card number which were stored in a server in Germany. The hacker wasn't trying to help or anything; he was testing if Swallow was a fed. Swallow explained that 400 cards were worth more than 4 million, and he was eager to take this person out. In situations like these, Swallow won the interest of teenage hackers and he tried to bait them.
Mafiaboy's first big loot was on Yahoo!. He went past the network and hid all it's major roots and ISPs. How Yahoo! could tell that they were hacked was by excessive ICMP traffic. Yahoo just got DDoSd. The Yahoo attack is enough to fill more than 600 trucks with data. Later that night, it was a usual night for Swallow. He was inside a server with Mafiaboy in it, bragging about his skills. Other hackers in the IRC channel was annoyed by his bragging until Mafiaboy pulled of a prank saying that Swallow booted him out.
On March 8, Buy.com system admins were battling a huge denial of service attack at a rate of 800 megabits per second of incoming data almost thrice the site's normal load. The attack threatened to keep the retailer offline at unpredictable times. The next time Swallow accessed the particular IRC channel with Mafiaboy in it, he ranted and have claimed to hack Buy.com. He then put a challenge and asked who they want him to hit next.Someone suggested CNN, as would E-Trade. In a matter of minutes, CNN and 1,200 more websites they hosted started to corrode. The next day, Datek and E-Trade, two stock-trading companies as well started to corrode and the financial market went flumsy. The FBI needed to find Mafiaboy. Fast.
Neal told Knesek that a hacker hacked tons of large networks. She and Neal found out that it would be a combo of two approaches to Mafiaboy's house to get him. The real challenge was finding the real Mafiaboy. There were dozens of Mafiaboys to find. They had to decipher the real Mafiaboy from three most suspected suspects. Neal dispatched some agents to Exodus communications to see if computers were in an attack. On February 12, Dell was attacked heavily by internet traffic. Mafiaboy again claimed responsibility and showed his kills and capabilities of hacking. There was a chat shown. in that chat, Mafiaboy changed his name.
When Knesek arrived in Montreal, she took role in FBI. After four days of setups of DNRs, investigators found an account that was owned by Mafiaboy. They were hacked accounts but legitimate ones. Gosselin was trapped; if the account was hacked and wasn't the real Mafiaboy, he'd have to let the person free. They then obtained court to find ways of capturing Mafiaboy. It involved hacking and they checked Mafiaboy's internet activity. One night, FBI agent Currie went to Mafiaboy's suburb and finally captured him. Mafiaboy was sent to court.
It was revealed that Mafiaboy just celebrated his brother's birthday. He was sentenced an 8 month juvie detention for his wrongdoings.
If there is unclear information about IRC, go here: http://insidehacking.blogspot.com/2014/03/the-hacker-diaries-confessions-of.html
The Hacker Diaries is a compilation of hacking stories that was written by Dan Verton. All rights and respect go to him.
No comments:
Post a Comment