Alleged Carder ‘BadB’ Busted in France — Watch His Cartoon

An alleged old-timer in the international carding community and one of the top sellers of stolen bank card data has been arrested in France, and faces extradition to the United States on an indictment unsealed Wednesday in Washington, D.C.

Vladislav Anatolievich Horohorin, 27, aka BadB, holds dual-citizenship in Ukraine and Israel and was one of the earliest members of CarderPlanet, a first of its kind Russian-language carding forum that was launched around 2002 by a group of East Europeans. CarderPlanet was shuttered in 2004, and BadB had more recently been selling his stolen goods at carder.su and on his own websites, dumps.name and badb.biz, where he promoted his product in lighthearted Flash cartoons like the one above.

Authorities say the network created by Horohorin and other CarderPlanet veterans is linked to “nearly every major intrusion of financial information reported to the international law enforcement community.”

Continue Reading “Alleged Carder ‘BadB’ Busted in France — Watch His Cartoon” »

Tags: , , ,
Back to top

Prior Restraint Lives: Newspaper Blocked From Publishing Photo of Murder Suspect

An LAPD handout of murder defendant Alberd Tersargyan

We’re not sure what’s more alarming: that a local California judge has barred the Los Angeles Times from publishing lawfully obtained photos of a murder defendant, or that an appeals court has just decided not to immediately reverse this clear exercise of prior restraint.

Prior restraint smacks at the heart of the First Amendment. The U.S. Supreme Court has never tolerated it, even in the 1971 “Pentagon Papers” case. Then, the justices refused to block The New York Times from publishing sensitive documents concerning the nation’s involvement in Vietnam from 1945 to 1967.

At the time, Justice William Douglas said in a concurring opinion that to win a prior restraint motion the government must show that a material’s publication would “inevitably, directly and immediately cause the occurrence of an event kindred to imperiling the safety of a transport already at sea.”

That’s not even close to what’s happening in the case of quadruple slaying suspect Alberd Tersargyan. Superior Court Judge Hilleri Merritt’s decision last week threatens frightening precedent, and could undermine the rights of journalists, pajama-clad bloggers and the public’s right to know in future cases.

Continue Reading “Prior Restraint Lives: Newspaper Blocked From Publishing Photo of Murder Suspect” »

Tags: , , ,
Back to top

‘John Doe’ Who Fought FBI Spying Freed From Gag Order After 6 Years

The owner of an internet service provider who mounted a high-profile court challenge to a secret FBI records demand has finally been partially released from a 6-year-old gag order that forced him to keep his role in the case a secret from even his closest friends and family. He can now identify himself and discuss the case, although he still can’t reveal what information the FBI sought.

Nicholas Merrill, 37, was president of New York-based Calyx Internet Access when he received a so-called “national security letter” from the FBI in February 2004 demanding records of one of his customers and filed a lawsuit to challenge it. His company was a combination ISP and security consultancy business that was launched in the mid-90s and had about 200 customers, Merrill said, many of them advertising agencies and non-profit groups.

Despite the fact that the FBI later dropped its demand for the records, Merrill was prohibited from telling his fiancée, friends or family members that he had received the letter or that he was embroiled in a lawsuit challenging its legitimacy. He occasionally showed up for court hearings about the case, but sat silently in the audience with other court observers. In 2007, he was prevented from publicly accepting an award for his courage from the American Civil Liberties Union, because he was not allowed to identify himself as the plaintiff in the case.

U.S. District Judge Victor Marrero in New York finally released Merrill partially from the gag order (.pdf) on July 30, which Merrill revealed publicly only on Monday.

“After six long years of not being able to tell anyone at all what happened to me – not even my family – I’m grateful to finally be able to talk about my experience of being served with a national security letter,” Merrill said in a statement. “Internet users do not give up their privacy rights when they log on, and the FBI should not have the power to secretly demand that ISPs turn over constitutionally protected information about their users without a court order. I hope my successful challenge to the FBI’s NSL gag power will empower others who may have received NSLs to speak out.”

A national security letter is an informal administrative letter the FBI can use to secretly demand customer records from ISPs, financial institutions, libraries, insurance companies, travel agencies, stockbrokers, car dealerships and others. NSLs have been used since the 1980s, but the Patriot Act, passed after the September 11, 2001 terrorist attacks, and a subsequent revision in 2003 expanded the kinds of records that could be obtained with an NSL.

With an NSL, the FBI does not need to seek a court order to obtain such records, nor does it need to prove just cause. An FBI field agent simply needs to draft an NSL stating the information being sought is “relevant” to a national security investigation.

The letters come with a life-long gag order, so businesses that receive such letters are prohibited from revealing to anyone, including customers who may be under investigation, that the government has requested records of transactions. Violation of a gag order can be punishable by up to five years in prison.

The gag orders raise the possibility for extensive abuse of NSLs, under the cover of secrecy. Indeed, in 2007, a Justice Department Inspector General audit found that the FBI, which issued almost 200,000 NSLs between 2003 and 2006, had abused its authority and misused NSLs.

In Merrill’s case, although the letter’s gag order “was totally clear that they were saying that I couldn’t speak to a lawyer” about it, he immediately contacted his personal attorney, and together they went to the ACLU in New York, which agreed to represent him.

“My gut feeling is I’m an American,” Merrill said, in an interview with Threat Level on Tuesday. “I always have a right to an attorney. There’s no such thing as you can’t talk to your attorney.

“I kind of felt at the beginning, so few people challenge this thing, I couldn’t just stand by and see, in my opinion, the basic underpinnings of our government undermined,” he continued. “I was taught about how sophisticated our system of checks and balances is . . . and if you really believe in that, then the idea of one branch of government just demanding records without being checked and balanced by the judicial just is so obviously wrong on the surface.”

Continue Reading “‘John Doe’ Who Fought FBI Spying Freed From Gag Order After 6 Years” »

Tags: , ,
Back to top

Comcast.net Hijacker Gets 4 Months

A former member of the hacker gang Kryogeniks was sentenced to four months in prison Monday for his role in a 2008 stunt that replaced Comcast’s homepage with a shout-out to other hackers.

James Robert Black Jr., 21,was known as “Defiant” when he and two other hackers hijacked Comcast’s domain name in May of 2008 — a prank that took down the cable giant’s homepage and webmail service for more than five hours, and allegedly cost the company over $128,000.

Visitors to Comcast.net had been redirected to a simple page reading “KRYOGENIKS EBK and DEFIANT RoXed COMCAST sHouTz To VIRUS Warlock elul21 coll1er seven.”

“Mr. Black and his Kryogenicks crew created risks to all of these millions of e-mail customers for the simple sake of boosting their own childish egos,” Assistant United States Attorney Kathryn Warma told the court, according to a press release. “The callous disregard of the dangers posed to others, as well as the arrogance and recklessness displayed by these, and other hackers in committing such crimes should be considered by the Court as a factor that weighs in favor of a significant prison sentence.”

In sentencing Black, U.S. District Judge Benjamin H. Settle in Tacoma, Washington took into account the hacker’s cooperation in the case. Black provided information on his fellow hackers, Christopher “EBK” Allen Lewis, and Michael “Slacker” Paul Nebel, and made monitored, recorded phone calls to them for the feds, according to a sentencing memorandum filed by his lawyer (.pdf), who’d asked for probation. Black has also been working as an informant in other cases for the last two years, according to his lawyer, who detailed the cooperation in a separate filing under seal.

A screenshot taken during the Comcast.net hijacking shows Defiant in control of the company’s domain names. (Courtesy Defiant)

In addition to the jail time, Black got three years of supervised release, the first four months of which will be under house arrest with electronic monitoring. Settle also ordered him to perform 150 hours of community service and pay $128,557 in restitution.

E. J. Hilbert, one-time FBI cybercrime agent who knows Black, argues that the sentence is excessive, because Black voluntarily cooperated with Comcast, and later the government. ”He’s a hacker, don’t get me wrong, and he’s done some bad stuff along the way,” says Hilbert. “But he’s really smart, and he’s … grown up a lot.”

Hilbert became acquainted with Black while working as director of security enforcement at MySpace; Black provided information on hacking issues at the social networking site, says Hilbert. Black reached out to him after the Comcast prank for help locating a security contact at the broadband company.

“I put him in touch with the guys at Comcast, and he shared with them everything that happened,” says Hilbert. “The things I’ve dealt with him on, he’s been straightforward and a straight shooter with me … and now he’s getting screwed.”

Continue Reading “Comcast.net Hijacker Gets 4 Months” »

Tags: ,
Back to top

FBI Lab Gives Short Shrift to Missing Persons Cases

The Federal Bureau of Investigation is giving short shrift to processing DNA from missing persons cases, taking as long as two years to handle profiles, according to a Department of Justice Office of Inspector General report.

Overall, about 40 percent of the FBI’s backlog of processing 3,200 DNA profiles stems from missing persons cases, according to Monday’s report.

“The FBI Laboratory’s low prioritization of these cases (.pdf) can have a broader effect because many missing persons are victims of homicide,” the report said. “Therefore, even if a perpetrator is not identified, DNA profiles from crime scenes could be uploaded and potentially linked to each other in CODIS (Combined DNA Index System), thereby aiding homicide investigations and potentially leading to the identification of a suspect.”

What’s more, under the bureau’s current processing rate for all DNA cases, the “backlog would require about 2 years to complete, even without the addition of any new cases,” the report said. Part of the problem is the “absence of a modern laboratory information management system,” according to the report.

Continue Reading “FBI Lab Gives Short Shrift to Missing Persons Cases” »

Tags: , , , ,
Back to top

Suspect in $9 Million RBS WorldPay Hack Extradited to U.S.

covelin-wanted-poster2

One of the alleged ringleaders behind the 2008 hack of RBS WorldPay has been extradited to the U.S., where he was arraigned Friday in the Northern District of Georgia on charges that he helped coordinate the global $9.5 million bank card heist.

Sergei Tsurikov, 26, of Tallinn, Estonia, has been charged in Atlanta with wire fraud, computer fraud, aggravated identity theft and two conspiracy charges involving wire and computer fraud.

Tsurikov was indicted in the U.S. last November with Viktor Pleshchuk, 28, of St. Petersburg; Oleg Covelin, 28, of Chisinau, Moldova; and a fourth person identified only as “Hacker 3″ for what the government has called “perhaps the most sophisticated and organized computer fraud attack ever conducted.” Igor Grudijev, 32, Ronald Tsoi, 32, Evelin Tsoi, 21, and Mihhail Jevgenov, 34, all of Tallinn, Estonia, were also indicted on access device fraud charges related to the hack.

Tsurikov, Grudijev, Jevgenov and both Ronald and Evelin Tsoi were convicted in Estonia of fraud. Pleshchuk was arrested by the Russian Federal Security Service, or FSB, earlier this year, but because the U.S. lacks an extradition treaty with Russia, it’s unlikely Pleshchuk will follow Tsurikov’s footsteps to the U.S. Covelin was still a fugitive earlier this year; his current status is unknown. The U.S. Attorney’s office in Georgia has not yet responded to a call from Threat Level.

The hack of RBS involved cracking the PINs for payroll debit cards — the holy grail of bank card hacking.

RBS WorldPay, the payment-processing arm of the Royal Bank of Scotland, provides a number of electronic payment processing services, including debit card transactions, electronic benefits transfer payments (EBT), prepaid cards, credit card and ATM-processing services. The processor discovered in November 2008 that intruders had accessed account details for 100 payroll cards — offered by some employers as a paperless alternative to paychecks.

The hackers compromised RBS WorldPay’s database encryption to raise the amount of funds available on the compromised cards and boost their daily withdrawal limits. In some case, the hackers raised the limits to $500,000.

Continue Reading “Suspect in $9 Million RBS WorldPay Hack Extradited to U.S.” »

Tags: , ,
Back to top

Appeals Court Rules Against Secret Police GPS Tracking

A federal appeals court ruled Friday that the police can’t covertly track a suspect’s car using a GPS device for an extended period of time without getting a warrant.

The ruling in the D.C. Court of Appeals overturned the conviction of a suspected cocaine dealer, saying that the use of a secret GPS tracking device on the man’s vehicle for two months violated the Fourth Amendment’s protection against unreasonable searches and seizures. The ACLU and the Electronic Frontier Foundation filed a friend of the court brief supporting the challenge.

The government argued that a 1983 Supreme Court case U.S. v. Knotts, which allowed police to put a tracking beacon in a container to follow a driver to a secluded cabin, made it clear that GPS tracking was allowed without a judge’s approval.

But the court found otherwise in its ruling (.pdf), drawing a distinction between short term monitoring that’s not much different from a police tail and ongoing, secret and ubiquitious tracking.

Repeated visits to a church, a gym, a bar, or a bookie tell a story not told by any single visit, as does one’s not visiting any of these places over the course of a month. The sequence of a person’s movements can reveal still more; a single trip to a gynecologist’s office tells little about a woman, but that trip followed a few weeks later by a visit to a baby supply store tells a different story.*

Having tracked Jones’s movements for a month, the Government used the resulting pattern — not just the location of a particular ―stash house or Jones’s movements on any one trip or even day — as evidence of Jones‘s involvement in the cocaine trafficking business. The pattern the Government would document with the GPS data was central to its presentation of the case.

EFF Civil Liberties Director Jennifer Granick welcomed the decision, and hoped the reasoning would spread to similar issues with the mobile phones most of us carry in our pockets.

“This same logic applies in cases of cell phone tracking,” Granick said in a press release. “We hope that this decision will be followed by courts that are currently grappling with the question of whether the government must obtain a warrant before using your cell phone as a tracking device.”

However, Friday’s ruling is binding only in the D.C. Circuit. Other circuit courts have found such tracking to be legal, including the 9th (covering many Western states) and 7th (Illinois, Wisconsin and Indiana). The split makes it the issue ripe for the Supreme Court to decide the issue, but it’s not clear if the government will appeal this ruling, given that a loss at the Supreme Court would affect the entire country.

Photo: GPS tracking logs from Portland visualized Credit:Aaron Parecki

See Also:

Tags: ,
Back to top

Pentagon Demands WikiLeaks ‘Return’ All Classified Documents

A Pentagon spokesman on Thursday demanded that the secret-spilling website WikiLeaks return and delete all the classified Defense Department documents in its possession, and stop soliciting new ones.

“The Defense Department demands that WikiLeaks return immediately to the U.S. government all versions of documents obtained directly or indirectly from the Department of Defense databases or records,” said spokesman Geoff Morrell, opening the Pentagon’s daily press briefing.

“WikiLeaks’s public disclosure last week of a large number of our documents has already threatened the safety of our troops, our allies and Afghan citizens who are working with us to help bring about peace and stability in that part of the world,” said Morrell. “Public disclosure of additional Defense Department classified information can only make the damage worse.

“The only acceptable course is for WikiLeaks to take steps immediately to return all versions of all of these documents to the U.S. government and permanently delete them from its website, computers and records.”

Wikileaks responded on Twitter by calling Morrell “obnoxious,” followed by a second tweet urging WikiLeaks supporters to donate to the organization. “Now is a good time to send WikiLeaks all your money!”

The statements ratchet up the tension between the U.S. government and WikiLeaks, which began in earnest with the May arrest of 22-year-old Army intelligence analyst Bradley Manning. Manning has been charged with leaking classified information, including video of a deadly 2007 Army helicopter attack in Iraq that claimed the lives of a number of civilians. WikiLeaks had released that video under the title “Collateral Murder” in April 2010.

On July 25, WikiLeaks angered U.S. officials at the highest levels with it published a detailed and mostly-classified log of 77,000 events in the U.S.-led war in Afghanistan from 2004 through 2009. The database, according to both the Pentagon and WikiLeaks, originated from the Defense Department’s Secret-level wide area network SIPRnet. Manning remains a “person of interest” in the leak, Morrell said Thursday.

Since the Afghan war logs were published, it’s emerged the records contain the names of some Afghan informants, who are now face potentially deadly reprisal from the Taliban, according to the Pentagon. In the wake of that discovery, WikiLeaks told the news website The Daily Beast that it was seeking the Pentagon’s help in screening a final 15,000 records from the same database before publishing them in a redacted form.

Morrell disputed that claim Thursday. “Wikileaks has made no such request directly to the Department of Defense,” he said.

Continue Reading “Pentagon Demands WikiLeaks ‘Return’ All Classified Documents” »

Tags: ,
Back to top

Hacker Wonderland: DefCon 18 in Photos

<< previous image | next image >>

















LAS VEGAS — Roughly 10,000 computer hacking enthusiasts, poseurs, geeks, nerds and government agents gathered for DefCon last weekend. In its 18th year, the world’s largest hacker convention draws people from all walks of life to learn about the latest hacking techniques.

Talks this year ranged from hardware hacker Chris Paget’s demonstration of real-time cellphone eavesdropping, to defeating biometric locks with a hardware bypass, to the always popular Meet the Fed panel where hackers get to meet a group of federal agents involved in computer security.

The talks weren’t the only events of interest. There were dozens of popular contests, fundraisers and parties.

DefCon has a long history of either outgrowing or being thrown out of various hotels. This year marked the final year at the Riviera Hotel, which has been straining to accommodate the annually increasing crowds.

DefCon organizer Jeff Moss, aka Dark Tangent, announced the new venue during the closing ceremony. Next year’s DefCon will be held at the Rio, which has a much larger conference center along with more restaurants, bars and guest rooms than the Riviera.

Here’s a look at some of the highlights of DefCon 18.

Continue Reading “Hacker Wonderland: DefCon 18 in Photos” »

Tags:
Back to top

Update: Ex-Hacker Denies Alleged WikiLeaker Gave Him Classified Documents

An Army intelligence analyst who is charged with leaking classified documents to the secret-spilling site WikiLeaks also allegedly sent classified documents to the hacker who turned him in to the feds, according to a friend and associate of the hacker who helped connect him with federal agents.

Note: Adrian Lamo has now denied this. See the update at the bottom of this post.

Chet Uber, director of Project Vigilant, the volunteer, non-profit arm of a corporate security firm, was one of the first people former hacker Adrian Lamo called after Army private Bradley Manning contacted him and disclosed that he had leaked classified documents and videos to WikiLeaks.

If Uber’s claims about the documents are true, this would be the first indication that Manning had sent Lamo classified documents. Lamo has previously said that he believed some of the information disclosed in his chats with Manning was classified, but he has never mentioned receiving documents.

Lamo, when reached by phone on Sunday, would not confirm or deny to Wired.com that he received documents from Manning, though he confirmed having called Uber at the time.

“I’m not willing to comment on classified documents,” Lamo told Wired.com. “Everything with regard to what Mr. Manning sent to me will come out in the trial.”

Ex-hacker Adrian Lamo (Ariel Zambelich/Wired.com)

Lamo acknowledged that he sought Uber’s advice but said Uber was not the only person he approached. Nonetheless, he said, Uber was “a crucial mover” in the incident, because of his experience and his contacts.

Uber is director of Project Vigilant, a non-profit initiative involving volunteers who gather research and reports that are passed onto intelligence, military and government agencies. Lamo has done some volunteer work for the group.

Uber first mentioned Lamo receiving the documents at a press conference about Project Vigilant held at the DefCon hacker conference on Sunday. He mentioned the Lamo case at the end of his presentation as an example of Project Vigilant’s ability to make quick contact with the “highest level people in the government.”

Continue Reading “Update: Ex-Hacker Denies Alleged WikiLeaker Gave Him Classified Documents” »

Tags: , , ,
Back to top
« OLDER POSTS
See more Threat Level