Krebs Hacker Unmasked, Hit Ars and Wired's Honan 164
altjira writes "Brian Krebs, hot on the tail of the hacker who DDOS his site and SWATted his home, followed up on a tip, found the dox, called and then outed his hacker. Turns out it may have been the same guy who hit Wired's Mat Honan and Ars Technica."
The attacker is ... a 20 year old guy who apparently has too much time on his hands, and was surprisingly careless with his personal information for someone exploiting the personal information of others.
SWATting (Score:5, Interesting)
Given the propensity of the American police responding to that sort of call to shoot first and possibly get round to asking questions a bit later on, SWATting somebody should be charged as attempted murder
Re: (Score:3, Insightful)
Given the propensity of the American police responding to that sort of call to shoot first and possibly get round to asking questions a bit later on, SWATting somebody should be charged as attempted murder
No, the policemen doing the shooting before asking questions should be charged with attempted murder.
In the same way that, if I told a bully someone insulted him behind his back, and he went and punched that guy, the bully would be charged.
Comment removed (Score:5, Insightful)
Re: (Score:3)
"Conspiracy to commit #####" - hell we already have charges for it!
Re: (Score:1)
That argument is like someone putting child porn on anothers computer and then getting them arrested for being child pornographers.
Completely and utterly stupid argument.
So you got child porn somewhere. Then you put it on another persons' computer. I think the first sentence make you guilty of trafficing in child porn.
If it is simply an arrest, then that is one thing. If the person you set-up was tried and convicted even if you were known to be the person who orginally obtained and planted the porn, then perhaps the officer should be charged with criminal conspiracy too.
Re: (Score:2)
That argument is like someone putting child porn on anothers computer and then getting them arrested for being child pornographers.
Not really. Punching someone in the face requires you to perform an action. Having someone else put CP on your computer requires you to, well, it doesn't require you to do anything. A person in a coma can have CP put on their computer by another party. A person in a coma cannot very well punch someone in the face.
Re: (Score:3)
It might be murder. In my state, if someone dies as a result if a crime being committed (say, arson) the perpetrator can be charged with murder.
Re: (Score:2)
It might be murder. In my state, if someone dies as a result if a crime being committed (say, arson) the perpetrator can be charged with murder.
It usually requires the crime being committed is a felony. In some states, SWATing may only be a misdemeanor.
AFAIK, most juristiction are allowed to charge SWATing depending on the nature of the false report. Generally, if you falsely report a felony and the police take immediate action, then felony charges will usually be brought (although they are often plea-bargined). If you falsely report a misdemenor, or if the police don't take any immediate action, then it's highly likely that you won't get charged at all. Almost all laws are structured that way (allowed to be felony or misdemenor depending on degree) to
Re: (Score:2)
If nothing else, the 'spoofing' they use to fake the caller ID could count as felony (interstate) wire fraud.
Re: (Score:2)
You are giving the reason why American police, and who trained/put them into that way, should be put right now in jail as preemptive punishment. They will kill innocent people, sooner or later, phone jokes or not, things like this [jonathanturley.org] or this [cbsnews.com] will continue to happen,
And with guns practically mandated to normal citizens, social engineering could be a lethal weapon too, but again, the one shooting would still be the real killer.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
... you shoot the person who gave you the gun and the instructions. That way everyone wins.
If you're good enough with the gun and just destroy one of his legs and his gonads (much harder if he's a she), then everyone wins, including the idiot who gets an unearned second chance.
You should be able to argue it down to a self-defence charge - you thought that he was going to pull another gun to duel you, or something.
Re: (Score:2)
Given the propensity of the American police responding to that sort of call to shoot first and possibly get round to asking questions a bit later on, SWATting somebody should be charged as attempted murder
Well, the SWAT guys get to shoot someone and your tormentor gets you (or at least your dog) killed. It's a win-win for the bad guys. And I seriously doubt that there would be any repercussions for the shooter, except high-fives all around.
Re: (Score:3, Insightful)
Given the propensity of the American police responding to that sort of call to shoot first and possibly get round to asking questions a bit later on, SWATting somebody should be charged as attempted murder
While I understand your sentiment, I have to disagree with you. In cases like "SWATting" these officers have been called to a scene where the assumption is that there is an armed person who has already killed a loved on and is emotionally distraught. As most law enforcement officers will tell you, domestic disturbances are some of the most unpredictable calls to go to. So a call like this would be about as scary as most police will ever get.
Granted, there are some pretty bad police officers out there. But t
Re: (Score:3)
Re:SWATting (Score:4, Insightful)
Sigh... becoming a police officer is a CHOICE. Investigating murder scenes, cleaning up car crashes, and keeping angry wives and husbands from killing each other is part of the job. The people who become police officers CHOOSE to deal with these and other stressful situations, they CHOOSE to (occasionally) risk their lives. CHOOSING to put yourself in the line of fire is no excuse to trample on the rights of the people you're supposed to protect. If they want a bigger paycheck with safer working conditions, they can find different jobs.
I've seen this attitude plenty of times, where people seem to want to excuse the terrible behavior and the military-style tactics of police because "the poor dears have a tough job without much pay, cut them some slack." Well, NO! As people to whom the rest of us have given the right to use lethal force and invade and seize private property, the police should be held to a much higher standard, and they should be trained to understand that they work for us, not the other way around.
The bad apples in the police forces may very well be in the minority, I don't know. I've known cops who are friendly and cops who are psychopaths or arrogant jerks. For example, I knew a guy who worked as a juvenile prison guard (while studying to become a full-fledged cop) and bragged about "putting the smackdown" on teenagers who ran their mouths.
Re: (Score:1)
Wow. Construction workers are FAR more likely to be injured or killed than police officers. The injury rate for police is relatively low compared to many other blue collar jobs.
AC
Re: (Score:2)
where i live, the *starting* salary is ~$72k. now factor in overtime, benefits, paid training, and the 2nd job security gigs, and premiums for special assignment. 6 of the top 15 paid city employees are police officers.
Re: (Score:2)
Re: (Score:1)
Taxi driver is a more dangerous occupation than policeman,
No, it's not [smartplanet.com]
Yet that is an exceedingly rare situation and it's not what people are referring to here. If you are SWATting someone the whole point is that the person being SWATted doesn't actually pose a threat, so something like that would never happen.
Really? You know that for a fact? Do you think the person setting this crap up knows the victims well enough to know that for a fact too? I know many people who keep guns in close proximity to their bed. If someone broke down their door, in all likelihood several police would be shot as well as the person being SWATted.
So if SWATting could reasonably be expected to involve deaths, to the extent that the SWATter should be charged with murder, something is wrong.
Anytime you are forcibly entering someones home the risk of someone being injured or killed can be very high.
Re:SWATting (Score:5, Interesting)
I was on a jury that convicted a man of reckless homicide after a street race ended up in a horrible crash.
So yeah if someone had been shot then a similar charge should apply.
Re: (Score:2)
Reckless homicide is not murder. Neither is manslaughter.
Re: (Score:2)
I didn't say that it was. I was simply implying that a similar charge to reckless homicide could apply if an actual shooting had taken place.
Re: (Score:2)
And using a car analogy too.
Well done sir!
Re: (Score:2)
Hurry up and wait.
Sound familiar?
Re:SWATting (Score:5, Insightful)
While I agree it should be a crime of some sort, the person pulling the trigger should be the one charged with murder.
You're right. If, say, the person being SWAT'ed pulls a gun in self defense, because all he knows is his house is being invaded, and a police officer sees it and fires, as they are trained to do when seeing a lethal threat, that is TOTALLY murder.
More accurately, I think SWATing somebody should be negligent homicide if somebody dies, reckless endangerment if (as usually happens) nobody is hurt.
Re: (Score:2)
Sounds like the situation could easily be resolved with a megaphone, or just ringing the doorbell.
Most Crimes Are Solved (Score:5, Insightful)
Most crimes are solved because the criminal is careless or stupid or both.
Re:Most Crimes Are Solved (Score:4, Insightful)
Re:Most Crimes Are Solved (Score:5, Insightful)
Re: (Score:2)
In reality, they're immature and have no self esteem so they can never resist bragging online about their exploits. That's actually usually half the reason they did it.
This is only partially true. You are describing script kiddies. But there is another, much scarier kind of black hat hacker. Ruthless criminals with much deeper knowledge, who do it for the money and know how to hide and protect themselves effectively. They don't brag or show off and are much less likely to get caught due to doing something stupid.
Re: (Score:2)
There was a show called "Masterminds" where they talked about people who did "get away with it" for a year or more. Almost all of them got caught by bragging eventually. The two I saw that were really long-term NEVER talked about it.
It's not just hackers, no criminal can keep their mouths shut. Even Bradley Manning got caught bragging to Adrian Lamo. If he hadn't, he'd probably still be free. But "confession is good for the soul".
Re: (Score:2)
Re: (Score:1)
Most crimes are solved because the criminal is careless or stupid or both.
While true, this criminal is a teenager. Most teenagers are careless or stupid or both whether they have committed a crime or not.
Re: (Score:1)
Twenty is not a teenager. Notice the lack of "teen" in the number.
Re: (Score:2, Funny)
I pronounce it "tweenty", you insensitive clod.
Re: (Score:2)
Is a 113 year old a 'teenager' then?
Re: (Score:2)
No, my folks are more or less teenagers with big credit cards. They're in their 80s. By 113 you are back to being a toddler.
Re: (Score:2)
I thought teens were anyone under 30.....
Re:Most Crimes Are Solved (Score:5, Insightful)
I considered crime as a career option when I was young, and decided that it was for losers. Concealing repeated crime would require so much hard work and attention to detail, that anyone qualified to do it is also qualified for a rather high-paying job.
If you think about it, the saying "crime doesn't pay" is just another way of saying the labor market works.
Re:Most Crimes Are Solved (Score:5, Funny)
Re:Most Crimes Are Solved (Score:5, Informative)
Sir Garlon is a villain from an obscure, early part of the King Arthur legend. He had the power of invisibility and used it to ambush and murder other knights, apparently just for the lulz. So really that choice of nick is a nod to my repressed impulses for mayhem and the way anonymity encourages snarkiness. :-)
Oh, BTW, crime did not pay for Sir Garlon, either. He got whacked, I believe by Sir Balan, to avenge one of Balan's kinsmen.
Re: (Score:2)
I prefer your old sig, about just that.
Re:Most Crimes Are Solved (Score:4, Funny)
He had the power of invisibility
Oh, you mean Sir Not Appearing In This Film?
Keep in mind, hereditary nobility. (Score:2)
Garlon was the brother of King Pellam. He killed Sir Herlews le Berbeus and later Sir Perin de Montbeliard. A life of crime is easily contemplated when one has slain two men of honor, and possesses a cloak of invisibility.
Re:Most Crimes Are Solved (Score:5, Interesting)
I considered crime as a career option when I was young, and decided that it was for losers. Concealing repeated crime would require so much hard work and attention to detail, that anyone qualified to do it is also qualified for a rather high-paying job.
If you think about it, the saying "crime doesn't pay" is just another way of saying the labor market works.
I once spoke with an FBI agent about bak robberies. Most theft from banks is from employees, is almost always caught but rarely prosecuted because banks don't want the negaive publicity. They catch the regular bank robbers because they are careless or stupid or both. But there is a small number of inelligent, skilled bank robers that will never get caught because they know the system well, don't get greedy, don't live flamboyantly and never make mistakes. Fortunately, there are very few of these people, but a succesful life of crime is possible, but as you realized, way too much work.
Re: (Score:1)
Re: (Score:2)
Oh, I should add that in some parts of the world, where law enforcement is weak, white-collar crime *does* pay. This is why, in my opinion, rings of computer criminals in Eastern Europe or (famously) Nigeria are hard to eradicate: financially there's more reward there for crime than honest work.
I've come to regard law enforcement as creating a climate where crime can't flourish. Not totally preventing it, but preventing escalation.
Re: (Score:2)
I considered crime as a career option when I was young, and decided that it was for losers. Concealing repeated crime would require so much hard work and attention to detail, that anyone qualified to do it is also qualified for a rather high-paying job.
So in other words your decision had nothing to do with crime being, you know, wrong? You're really a criminal at heart who just opts not to actually do any crime for practical reasons? That doesn't exactly speak highly to your moral character...
Re: (Score:2)
Many crimes aren't 'wrong'.
Many things that are 'wrong' aren't crimes.
It's wrong to pay your taxes and it's a crime not to.
Re: (Score:2)
It's wrong to pay your taxes ...
Thanks for demonstrating my point!
Re: (Score:1)
Re:Most Crimes Are Solved (Score:5, Insightful)
People in the story are more than willing to talk. It's a bit sad.
Re: (Score:2)
"Three may keep a secret, if two of them are dead." - Ben Franklin
"Let me alone for keeping this secret between you and me. Howbeit, three may keep counsel, if two be away; and, if I knew my cap was privy to my counsel, I would cast it into the fire and burn it..." - King Henry the 8th
So now the Pentagon will call the guy . . . (Score:3)
. . . and offer him a job.
Pentagon: "Do you also do SCADA stuff . . . ?"
Pentagon: "And windows? Good help is hard to find these days. And would you mind driving Miss Daisy . . . ?"
Re: (Score:2, Insightful)
More likely the DOJ will have him in Federal PoundYourAss Prison for 30 years.
Re: (Score:2)
Re: (Score:2)
Hot on the... tail?
Re: (Score:2)
Re: (Score:2)
Basically there was some dodgy site where you could pay for DDOSs which was believed to be behind these attacks. This site was amusingly and somewhat ironically insecure such that if you knew the right URL you could view a list of clients for this site to see who had paid for what, and on this list were attacks corresponding to Krebs and Ars with an e-mail address for the client stored alongside them (along with many other attacks/clients, some of which had previously been verified). Turns out this e-mail a
Young punks, too stupid in most ways that matter (Score:5, Insightful)
This story is still in progress, but it's clear that this "Phobia" punk is intelligent enough in ways that really don't matter much and too stupid in ways that actually do matter. His father should have figured out what the son was doing a while ago, as his son is in the crime scene, stealing or helping to steal and use credit cards, SSNs, etc., breaking into private people's accounts and messing with them, paying for DDOS attacks against websites and sending SWAT teams to people's homes, so that somebody could actually get shot. This is all a punk move, what this idiot needs is about 3 years of labour camp, so that he'd at least repay some of the damage and 10 minutes of flogging on monthly basis, so that what could not be peacefully inserted into his brain would be painfully inserted into his back.
Re: (Score:1)
The stupidest part might have been deleting the YouTube videos once he was caught. Now when the police see it, they will charge him with destruction of evidence and obstruction of justice.
Re:Young punks, too stupid in most ways that matte (Score:5, Insightful)
The dumbest thing was to talk but also to involve cops with the SWAT thing. If he just kept to online stealing and harassment this wouldn't be as bad as the SWAT thing, now the cops have a personal issue as well with him. The way he just blurted everything out showed how really 'smart' he is.
Re: (Score:3)
The scary part is I don't know what my parents could have done to prevent that. I have no idea how to kee
Re: (Score:2)
The scary part is I don't know what my parents could have done to prevent that. I have no idea how to keep my son from doing stupid shit like this.
- but I think I know what can be done (I don't know that it will guarantee success, but I think it would limit the probability of this type of behaviour).
Something to do. Something to do that is rewarding, something to do that is useful in some way, that teaches the kid, that gives him the satisfaction of seeing the results of his work.
Something productive to do that would channel the kid's energy.
I think the society went in the wrong direction in many ways, from the way the kids are treated with 'kid glov
Re: (Score:2)
I, too, take health advice from standup comics.
Re: (Score:1)
I'd rather take advice from Carlin than from Bloomberg [huffingtonpost.com] even though I don't actually drink sugar water.
Re: (Score:2, Insightful)
In order to keep him from getting to this point, you employ the same simple rules of parenting employed on everyone else who isn't a constant fuck-up:
1. Scold him harshly.
2. If that doesn't work, or if the infraction is grave enough, beat the shit out of him.
3. Repeat as needed.
Worked for me. I had wooden spoons snapped over my ass and got to taste the belt buckle once or twice. There's a reason why the old-scho
Re: (Score:2)
It doesn't work anymore thanks to the child abuse laws.
Re: (Score:2)
Told me by a required reporter (ER nurse and mother of a hell child): 'Use a wooden spoon on the bottom of their feet. Don't break bones and there is no way to tell. They will be reminded with every step they take.'
Re: (Score:1)
photos of their daughter being born
Hardcore stuff!
Re: (Score:3)
This is all a punk move, what this idiot needs is about 3 years of labour camp, so that he'd at least repay some of the damage and 10 minutes of flogging on monthly basis, so that what could not be peacefully inserted into his brain would be painfully inserted into his back.
What he actually needs is an education and a job.
Re: (Score:1)
I agree about a job, but I personallywouldn't hire him before he got his flogging and 3 years of paying back the money he stole, but maybe you would.
Re: (Score:3)
He stole NO money.
- wrong, he did, read TFA. He is part of the network that steals and deals credit cards.
He steals money, why would anybody want to hire him unless they are a government propped bank? Maybe he has a future in current version of government propped banking or politics, but normal people will look at him and his approach and won't want to have anything to do with him.
He also stole private information of people, so how can he be even trusted to deal with customers, with anything?
He endangered lives of people b
Re: (Score:2)
Re: (Score:1)
yes, that will certainly teach him how to be honest and decent.
- no, he will learn that actions have consequences, that's all.
Actions ... consequences.
see? If he derives the wrong lessons from his actions and he doesn't connect that the consequences are due to his actions and after he is out of prison and is no longer flogged he still continues to do the same, then he will get caught again or maybe he'll get killed.
Do you know what's happening in Cyprus right now? The banks loaned the money the Greek government and the Greek government blew the money on various gove
Re: (Score:2)
Russian mafiosos get rich via government connections, they get fucked via government connections.
This is just Act1, Scene 2 of the Euro follies. It's going to get worse.
Re: (Score:2)
It's a mess, and it's going to get worse. The Euro is a fucking disaster.
Who is Putin going to have killed? Seriously, it's not like someone stole from him. He put money into a broken institution and it is gone.
What I don't understand is what would have possessed the bankers to buy Greek bonds in the first place. Sure they offered nice returns.
Greece in bankrupt. Anything short of kicking them out of the Euro is just kicking the can down the road. Their are further traps behind that.
The Euros polit
Re: (Score:2)
I don't doubt there will be a corpse or two. Most likely in Russia (the ones who made the decision to keep money in Cyprus).
Under 100K will get their insurance, everybody else (including Putin) will get a haircut of 15-20%.
Putin will learn that his money is safer in Russia then overseas, where he doesn't own the cops. The people who are deciding how this works out aren't scared of Putin. Want to see Putin go all white? Tell him the Rothschilds are pissed and 'want their money right the fuck now!' He'll
Re: (Score:2)
he isn't dead yet.
There is an old saying --- People don't drop tears until they see blood.
Throw the Book At Him (Score:2)
Re:Throw the Book At Him (Score:5, Informative)
Re: (Score:3)
The practice of SWATting needs to stop immediately. SWAT raids are very tense for all parties involved and they can go wrong in a hurry [wnd.com]. One of these days an innocent person is going to end up dead because of this practice. The prosecutors need to go after this guy, get him the maximum sentence for all of his many crimes, and broadcast his prison rapes so that no one ever thinks of doing something like this again.
What makes you think that being raped in prison makes you a better person who will not behave like an anti-social idiot anymore? Or that seeing this happen makes others better?
This kind of response really is as part of the problem as what this guy was doing. The US is turning more and more into a failed state it seems.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
What makes you think that being raped in prison makes you a better person who will not behave like an anti-social idiot anymore? Or that seeing this happen makes others better?
I think the idea isn't that it would make him a better person. The idea is that it might make someone who had his house attacked by a SWAT team feel better. Whether that works, I don't know, but that's the idea.
Re: (Score:2)
the best way to punish ugly abuses (swatting), is not to champion ugly abuses (prison rape)
if someone violated my family in such a way, i would have violent fantasies about them getting their comeuppance too
but we're talking about governmental policy here, not private revenge fantasies
when the state itself is in the business of violent revenge, then the state itself is the worst offender
it also teaches society how to function, how to handle yourself: with brutality. the state sets the tone for how society s
Re: (Score:1)
The practice of SWATting needs to stop immediately. [...] broadcast [the SWATter's] prison rapes so that no one ever thinks of doing something like this again.
The practice of prison rapes needs to stop immediately. Broadcast the rapists' SWATting so that no one ever thinks of doing something like this again.
Re: (Score:2)
Any society that condones prison rape cannot be considered civilized.
Bait and switch? (Score:1)
What a headline (Score:2)
Krebs Hacker Unmasked, Hit Ars and Wired's Honan
It looks almost like someone had an attack of aphasia [wikipedia.org] half way through writing that headline. Using a transitive verb (which could also be mistaken for a noun), especially a short one like "Hit", next to another short, and unusual word (Ars) makes for tricky parsing.
Not only that, but:
Turns out it may have been the same guy
So it's okay, only the headline is potentially libelous.
Re: (Score:2)
Krebs Hacker Unmasked, Hit Ars and Wired's Honan
It looks almost like someone had an attack of aphasia [wikipedia.org] half way through writing that headline. Using a transitive verb (which could also be mistaken for a noun), especially a short one like "Hit", next to another short, and unusual word (Ars) makes for tricky parsing.
Not only that, but:
Turns out it may have been the same guy
So it's okay, only the headline is potentially libelous.
You wouldn't think it was so funny if someone hit your Honan.
Re: (Score:1)
Thanks, I'll take that as constructive criticism. In my defense, for the few times I have noticed interesting news that isn't already on Slashdot and I was preparing a submission, I have worried more about providing relevant, interesting links and an accurate and reasonable summary. But the submission process starts with writing the headline, and editing is a low priority if you're trying to get it in first. Who knew? Journalism seems to be real work.
Re: (Score:2)
I'd say enough is enough (Score:2)
If it were me, I'd be talking to the FBI, since this probably falls under a) wire fraud, and b) interstate commerce.
mark "my 'social media' are email lists"
Re: (Score:1)
When the cops come knocking on his door that kid is going to squeal.
Oh, I think he'll be squealing for a number of different reasons soon.
Re: (Score:2)
It takes a hacker to catch a hacker.
Re: (Score:2)
How does Krebs reach, let alone convince that boot.tw operator to give him a copy of their operations database and tell him other details?
He didn't have to, the SQL file was publicly-accessible if you knew the URL (how did he get the URL? I'm sure he has plenty of sources). He linked to it from his earlier article, still on their domain. It looks like that link is no longer in the article, but I downloaded the SQL file and went through it. It was a dump of what looked like their entire user/attack database, including each attack, who paid for it, how they paid, and how much.
Why would, so called, Phobia take Krebs' call? Why would he confess to this stuff?
Because he's a stupid, arrogant kid. It doesn't have to be comple
Re: (Score:2)
He won't pass any background check and most jobs if he gets stuff on his rap sheet. He probably won't survive FPMITA jail either. Aaron Swartz knew this. He would rather suicide then die in jail.