Slashdot Mirror
Day In The Life Of Net Scam Artists
NeoCode writes: "This articles chronicles a day in the life of two hackers. Seems like a reporter anonymously paid these hackers to log in their typical day. In the article, they talk about how they fool people with their spams and phreaking scams. Its in quite a bit of detail in terms of what these guys do to make money (and tons of it). Obviously these guys are breaking the law and nibbling on innocent/naive users. Looks like AOL and other ISPs still have to beef up their filters to stop spamming." Not a lot of details, but it's kinda interesting.
You're not kidding, my little brother had carded (stolen from AOLer) merchandise sent to the cardholder's name at his home address (my parents' house.
He spent a few weeks in Juvie Hall and 18 months on probation as a 16-17 year old. He would have spent 6 months in the prison, but apparently the Juvenile Courts/ Corrections Dept for Cuyahoga County, Ohio have too many schoolyard drug pushers and child rapists to keep kids who "only defrauded a company for four thousand dollars" more than a couple weeks.
He violated his probation several times by not checking in with his court-appointed supervisor (parole officer) and being picked up for curfew violations, but they never called him on it. They sealed his record at 18 because he hadn't commited any other serious offenses. He quit HS and nowworks at Pizza Hut as a 20-year-old, with no appreciable skills or education.
Funny thing is, our parents were giving him plenty of stuff; new PCs, vidgame consoles, allowance. All they asked in return is that he go to school and study. He just wanted more without having to work for it. Bum.
This story is a huge crock of shit.
Wordnik, a dictionary project which aims to collect
Sounds like spam to me.
Uh... subpoena Anonymizer for logs (by law they have to keep them) then timestamp the occurances...
Specifically, what law requires you to keep logs?
D
Hackers are people who thrive on being faced with problems and finding clever, innovative solutions to them. Crackers are people who break into computer systems.
Says who? Try looking up "hacker" in, say, Merriam-Webster's Collegiate Dictionary. You seem to be under the mistaken impression that small subcultures get to force their own pet definitions on society at large. It works the other way around...words mean whatever the population at large decide they mean. Heck, even the Jargon File admits that hacker was originally used to mean "a malicious meddler" and only recently has that use become deprecated.
Confusing the two is like calling every martial-arts student a 'ninja.'
No, it's more like a subset of karate students (it's only a subset because not all karate students agree with them on this issue) suddenly deciding that, because of the increased media exposure that the movie Karate Kid brought to their subculture they now want to be called "judo-ka" -- and who cares if karate and judo are already in widespread use? -- and then getting their obi in a twist when everyone keeps calling it karate.
Unless you are trying to suggest that there is some innate meaning in the two words completely separate from what society imparts to them.
-jon
Remember Amalek.
That's the third time I had to enter my credit card info to post to slashdot.
What's up with that?
-------
CAIMLAS
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Why not just buy a list of a few thousand card numbers from real hackers.. fucking tossers. It is amuzing that there is actually ways to get cash off CC's these days. Carding was never popular because you had to get physical goods delivered and then sell it to make cash.. ie you had to know a fence and frankly if you're gunna go into that business why not just steal cars or break into houses?
How we know is more important than what we know.
For the credit card companies, it's a business decision, in the USA you can only be held liable for $50 in fraud if you report it, so they likely feel it's the consumer's problem to report it.
For law enforcement, it's only a few thousand dollar scam at most, and they are probably more interested in going after murderers and higher profile criminals. If these scam artists don't get too greedy and don't make too much noise, I'm sure they can keep up scams like these for years.
For the internet computer store, it's a tough call, many customers really do buy laptops as gifts or want stuff sent to a different address, are you going to turn away that business?
Here's a typical story from here.
While I think the stories are probably somewhat exaggerated, I think that there is more truth than many posters have been willing to admit.
- Twid
- "When you want something with all your heart, the entire universe conspires to give it to you" -Paulo Coelho
"11:01 a.m. Well, I just checked www.westernion.com and he wasn't lying, he sent the funds. I got the tracking number and he paid by cash so I can pick up the money without an ID. Secret question/answer was "what's your mother's maiden name?" Answer was "tu madre." "
Can you really pick up money from Western Union without an ID? I checked their website and their FAQ says:
"You may pick up your money transfer at any Agent location. You will need to complete a "To Receive Money" form with the following information: name, address, telephone number, amount expected, as well as the sender's name, telephone number, city and state being sent from. Valid identification is also required. Some restrictions may apply."
Seems fishy...
I also found this interesting:
"Screw the Feds, they are lazy they won't trace me back that far. Plus I got *67 on, they'll need subpoenas to, and a ton of tracing to even get close to me."
I'm pretty sure *67 doesn't work on some ISDN/PRI Lines (which many ISP's used). I know for a fact it didn't work at a local ISP here (I tested it personally).
These guys aren't even crackers. They aren't breaking into computer systems or anything like that, they just steal credit cards. The only way in which they even resemble a hacker is that they use a computer to do their 'job'. But so do most receptionists. Confusing web con artists with hackers is like confusing real world con artists with priests because both make speaches as part of their work.
_____________
I don't want free as in beer. I just want free beer.
Are you talking about H.R. 718, "Unsolicited Commercial Electronic Mail Act of 2001", sponsored by Rep. Heather Wilson (R-NM)?
According to CNN, it's passed Committee vote and will be sent to the House floor for consideration. A version needs to be introduced and passed in the Senate, the two reconciled, then sent to POTUS.
Here's the text, if anybody's interested. Actually, that's probably a temporary link which will break VERY soon, so you can instead use this link, which should hopefully re-exec the query, and then click 'Full Display'.
It's actually fairly interesting. There's explicit protection for service providers to take 'good faith' efforts to block UCE, which would appear to protect users of things like the real-time black-hole list for mail servers, and what not. And you can't go after them for innocent retransmission, either.
It's probably based on existing telemarketing law, with its references to pre-existing business relationships, opt-out (they need to provide a means for opting out of lists in their UCE, but they don't need you to opt in BEFORE they send the first UCE) and all.
Interestingly, it only refers to individuals. I'm not sure how it applies to UCE from corporations -- for instance, whether the entire company is liable as a whole or just the employee(s) who decided to spam, or whether this could in any way be applied to spam-friendly ISPs.
Only the dead have seen the end of war.
A lot of my spam now shows that type of disclaimer. (well, it did before I switched accounts). The most common line goes something like:
<BEGIN PASTE>
"Duruing your recent visit to our affiliate, <some fake site>, you "opted-in" to our email promotion campaign to alert savvy web users to outstanding online offers. This is not Spam. We are adhereing to <some fake law>, <some fake section>, <some fake paragraph>, where it states that <what we are doing is compleltely legal, you turd>. If you wish to be removed from this mailing list, plase vist <fake web address> or reply to this email message with only the word REMOVE. <...which won't work, because we forged the headers, haw haw.>
COMPLETELY FREE PENIS ENLARGMENT, PLEASE CALL THIS INTERNATIONAL NUMBER TO ORDER YOUR KIT TODAY!
<END PASTE>
How much validation is done on these claims of great exploits?
"9:15am Cracked a Brinks truck using my PalmOS hackmaster app called 'cash'."
"9:45am Almost tripped the goons at Fort Knox, but hid in the bushes an extra five minutes. An hour later, a five-nines bullion bar in my backpack, and off for new challenges."
Might this be just a tad bit embellished for the reporter's sake?
[
But in typical Bell Canada fashion, they've blocked all traffic eminating FROM port 25, not traffic with a DESTINATION of port 25. So those of us who run SMTP servers for a useful purpose (receiving mail at erik@ is quite useful) are screwed ... and the true spammers will just reconfigure their spambots to send out traffic on port 31337 or something.
If you use Bell Sympatico HSE (I'm in Montreal, but they go over to Toronto, Ottawa, maybe out to BC I don't remember), check out SympaticoUsers. You'll find the messageboards and announcements quite useful.
--
As someone who was into the underground scene on EFNet from 91' to 95' let me tell you, don't think you can do this.
The first guy collects his money at western unions. This will not work because the feds work with AOL and you will scam a fed who will be at the western union waiting to meet you.
The second guy has his carded mail sent to a friends house. Whoever signs for this is going to jail. Once the friend gets arrested he will rat him out.
I bet these two guys pulled this off once or twice and wrote about it like its a day job. If someone stupid falls for it you might make quick cash once or twice. If you keep trying it you will get busted sooner than later.
Now according to this acrticle these people use SPAM as one of their main forms of getting to victims. Hmmm how can we fight this problem?? If we were ALLOWED to enforece our AUP, and our contract that a customer signs then this activity would be less profitable and easier to trace.
For isntance, joe/badboy/hacker uses a stloen card signs up for a throw away account and start spamming. If joe is useing a stolen card a 19.95 gets looked over, but a 500 dollar charge gets noticed. So come on Credit Card people, if we can PROVE it why can't we charge these people for taking up our time, system resources etc. As this article clearly points out SPAM is used very often for illegal practices.
Why won't the credit card companies help us clean up?
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Education is the only way to stop this type of thing. heh and castration
________
Does anyone actually have a Java program designed to control air traffic, or for the operation of a nuclear facility?
"SECURITY EXPERTS WILL tell you most of the computer attacks they see every day are initiated by clever teen-agers, so called ?script kiddies.?"
I started laughing when I read that. Most of the rest of it was very funny also. I never thought I would read the words "clever" and "script kiddie" in the same sentance. LOL
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
Uhh... No matter how many times you change your number, there is always a record
A little clarification on this:
Almost all large customers of the phone company (i.e. those who have some kind of leased line or ISDN services) have a service called ANI, which stands for (AFAIK) Automatic Number Identification. The *67 service has no affect on whether this aquires your number or not, so you are pretty much screwed if you call in on your own phone line.
The only way I know of to get past ANI is to trick the operator to diverting your call to the number that you wish to call, thereby having the number of the operator (always xxx-0000) showing up on ANI. But, of course, you can't route data calls this way, so you are pretty much limited to either using someone else's line, or doing what Kevin Mitnick did and aquire a different number through the cellular telephone network, although, with the state of cellular networks today, that is considerably harder to do than it was 5 or 6 years ago.
Friends don't let friends use multiple inheritance.
since somebody who lays in bed all day typing on a computer and eating pizza claims to have a real life girlfriend.
I demand a million helicopters and a DOLLAR!
5:30 p.m. I'm going to go meet my girlfriend. Take her out to dinner, go back to her place.
How did he meet this girl? By spamming a whole bunch of E-mail addresses??
Hey, then again...
--
Accountability on the heads of the powerful.
Power in the hands of the accountable.
An update for modern times? "There's a sucker logging on every minute."
11:00AM: I just woke up. Apparently I fell asleep while loading slashdot. I reload again.
11:01AM: Reload slashdot. I have a script to reload slashdot for me. I'll be sure to get "First Post" today!
11:02AM: Reload slashdot.
11:03AM: Reload slashdot.
11:04AM: Reload slashdot.
...
If that article is, in fact, true (I have some doubts about the veracity of it)...
;)
Obviously, straightforward scams like getting AOL accounts and cc numbers are much more productive than stupid pyramic schemes.
Gentoo Sucks
Did anyone else notice that bad guy #1 only spent 2 hours at his girlfriend's place for dinner? Not much time...
Wouldn't it be because he is supposed to be a great hacker-geek who also has a girlfriend, something NOT seen in real life?
In real world, Mr. Hacker would be having dinner with his old granny, tops...
Imagine the past, remember the future - Carlos Fuentes
Oh, there's a lot more to it than that...I simply cannot believe how many things in this story make no sense. For starters, here's where I think thing really went wrong at first:
.doc format.
...through an untraceable NetZero account. I use www.anonymizer.com to go to the Yahoo account because I'm paranoid. Hell if anyone's going to get my IP (Internet address). Screw the Feds, they are lazy they won't trace me back that far. Plus I got *67 on, they'll need subpoenas to, and a ton of tracing to even get close to me.
OK, some guy on Efnet (an Internet chat area) told me last night he would Western Union me $250 if I wrote a diary of one of my typical days and e-mailed it to him in
Okay...anyone who knows IRC knows what insano things that posers will say in channels. Enough said, just someone say it to a reporter before he does this sort of story again?
He was too stupid to be a Fed.
Ok...maybe that one is credible. If I were a journalist doing a story on something that gets as technical as this topic, I'd have someone backing me up who can smell the difference between truth and what these guys are dishing out.
Um...ok...I don't follow that NetZero is untraceable because it is free. And if he knows it's untraceable, why use anonymizer? Or try to hide his number from logging systems by using *67 (which won't work, btw)? And he talks as though subpoenas are hard to get...fact is, getting a subpoena for a phone number is a piece of cake. All you need to do is file a "John Doe" lawsuit and request an expedited subpoena. The ISP will gladly turn over the information...they have entire departments just for this purpose usually.
By then I'll have a new number. Hell, I go through telephone lines about one every 2-3 months.
Um...dude? Word of warning...the phone companies keep their records longer than that...some of them actually remember your address for upwards of 4 or even as many as 5 or 6 months...amazing huh?
At that point I started tuning out. These guys supposedly are pulling in thousands a month in fraud, yet somehow they have managed to elude capture despite the incredible numbers of mistakes they make in covering up their tracks? This is ludicrous...but the biggest scam is the fact that a reporter got a great story that even got slashdotted, for $250. Too bad it's all lies...it looks as though these two losers really ended up scamming even more people than they claim to.
For your security, this post has been encrypted with ROT-13, twice.
11:03 a.m. Open up one of my new Yahoo accounts through an untraceable NetZero account.
;) LOL! Basically if I use a Wingate they can't track me at all! I should use gates more often ;( Hell I'm getting almost as lazy as a Fed. Ha!
Uh... And how do you suppose your gonna dial into it?
I use www.anonymizer.com to go to the Yahoo account because I'm paranoid. Hell if anyone's going to get my IP (Internet address). Screw the Feds, they are lazy they won't trace me back that far.
Uh... subpoena Anonymizer for logs (by law they have to keep them) then timestamp the occurances...
Plus I got *67 on, they'll need subpoenas to, and a ton of tracing to even get close to me. By then I'll have a new number. Hell, I go through telephone lines about one every 2-3 months.
Uhh... No matter how many times you change your number, there is always a record
If I'm super paranoid, I skip Anonymizer and hack me a Wingate. Then the Feds will trace back to one of the lamers' home computers not mine
Boy is this moron sure dumb
Seems to me like the only thing he "hacked" was some dumb ass reported who was an ass enough to get conned into thinking this e-tard was anyone special or had any talent other than bullshitting.
The media is going ballistic on "hacker" cases these past few months, and I'm starting to think they should be held accountable for promoting this activity, especially when you pay someone to do this (basically).
The media has totally bastardized hacking and those in the computer security field like the hackers at companies like @stake, Neohapsis.com, etc, end up getting bad reputations from morons like this. Its a shame to think people actually pay mind to idiots like this often casting dark shadows on to those that "hack" for just cause, such as fixing issues, e.g., Rain Forest Puppy, DugSong, obecian, etc..
Stupid news
360 degrees of Karma
Part 1: A School Day
7:20am: Elite hax0r wakes up to prepare for another challenging day of 7th grade.
7:25: Elite hax0r signs onto AOL (computer is never turned off)
7:30: Elite hax0r checks new mail for elite hacking progs and warez
7:40: After 10 minutes of chatting in with the folks in leet, elite hax0r's mom takes the telephone off the hook.
7:55: m0m and elite hax0r are having an argument about wasted time online.
8:00: elite hax0r's dad drops him off at Mitnick Middle School
8:05: elite hax0r enters typing class. this is his elite hacking playground, and he loves to confuse the teacher by pressing num lock, and shouting '3y3 hax0red j00!!!'
9:00: typing class is over, and elite hax0r travels to his history class. No 'puters here, so, he strategically places his copy of 2600 inside his history book and memorizes the 'how to steal stuff' article.
9:30: history teacher catches elite hax0r with the clandestine 2600 and takes it away from him. elite hax0r begins a heart-wrenching speel about freedom of speech, and his right as a citizen of this country to read his elite 2600 whenever he pleases. he compares this atrocity to the unjust imprisonment of hax0rs everywhere, and takes comfort in his martyrdom. leet is definitely hearing about this tonight.
10:05: elite hax0r goes to english.
10:50: elite hax0r goes to lunch period. here, he sits with his class in the cafeteria and takes his usual spot near the lunchlady's cashregister so he can write down people's lunch numbers. This comes in handy, as they could possibly use their lunch number as their AOL password. And if not, its always really leet to have even the most insignificant 1nph0z.
11:25: elite hax0r goes to pre algebra. today, he makes the kid in the desk next to him ph33r when he types 1134 on the calculator and holds it upside down. he wonders if this is similar to hacking an LED sign like in 2600..?
12:15: elite hax0r goes to science class where he learns about the reproductive system. elite hax0r excuses himself from class where he performs a quick wetware hack.
1:30: elite hax0r gathers his books and stands in front of the school
1:35: elite hax0r is picked up by the small yellow bus with the power lift on the back.
2:00: elite hax0r is dropped off at home, and he rushes inside to sign on and check his mail.
2:30: after 30 minutes online, elite hax0r is forced to sign off and take a nap. Ms. Hax0r cant have her baby getting cranky.
4:45: elite hax0r wakes up, and begins writing his manifesto, which he plans to present to his history teacher tomorrow.
4:47: elite hax0r gets tired of writing and feels like going outside. he and his little brother ride their bikes around in circles in the carport.
5:15: Ms. Hax0r calls the children inside for dinner.
6:00: hax0r children finish dinner, and elite hax0r asks for permission to get online and hack some stuff.
6:05: elite hax0r battles AOL's perpetual busy signal; its probably just a ploy by AOL to block him from coming online, in ph33r he might hax0r their network.
7:05: elite hax0r continues to hax0r away at AOL's "busy signal"
7:30: finally, elite hax0r crax0rs the busy signal and sneaks his way inside. He checks his mail for leet progs and tries to enter pr 'leet'. But, in another attempt by AOL to bring him down, the room is full (its really just their $3cur1ty 3xp3rt$ trying to keep him out).
7:40: elite hax0r finally busts into 'leet' in 137 tries. he chats with his homies.
8:00: elite hax0r is still chatting with the leets, when Ms. Hax0r picks up the fux0ring telephone and signs him offline.
8:35: after 20 minutes of crax0ring the "busy signal", in an angered retalliation attempt, elite hax0r steals mom's credit cards and scrolls them in 'leet' and 'phreak'.
9:00: elite hax0r finally finishes scrolling, and takes some time to work on his webpage; http://members.aol.com/Leethax0r/index.html. Here, he posts his new hax0r's manifesto, and lists $houtoutZ to his homies in 'leet' and 'punt', and his main chix0r Annie.
10:00: after an hour of figuring out how to use the AOL webpage software, he grows tired of all this brain work, and signs offline.
10:25: leet hax0r brushes his teeth,puts on his kevin mitnick pajamas, and goes to sleep.
11:00: leet hax0r dreams that he is Dade Murphy, and that he is having wild sex0r with Acid Burn, while hacking the FBI's Main Gibson.
Stupid News
360 degrees of Karma
I'm pretty sure *67 doesn't work on some ISDN/PRI Lines (which many ISP's used). I know for a fact it didn't work at a local ISP here (I tested it personally).
The "hacker/cracker/bad guy's" comment made me laugh uncontrollably for a few minutes. Having recovered from the initial shock at the stupidity of his comment, I'll share a bit of info as to how hard one would have to dig to find out who he was, or at least where he was calling from:
Note: I work for a national telco/isp, the combination of which greatly helps this process.
1. Find just one of spam boy's emails originating from his "phished" account. The message's headers will be more than pleased to provide you with time stamps.
2. Take the time stamps and userid, and compare them to the logs in the authentication servers (tacacs or radius, normally). These logs should, unless morons setup the system, indicate which NAS (network access server, the box you dial into) was used to logon to the ISP. The NAS should have sent a string to a syslog with connection speed (upstream/downstream), dialed number, and originating number.
3. You *will* have the originating number even if *67 was used. This is because *67 is a feature set for end users which can be disabled/masked, whereas the originating number received on an ISDN PRI has been provided by SS7 signaling, and is mandatory to the system's proper functionning.
4. With the originating number, the local telco will provide the line's physical address. This is assuming that a police officer/investigator/detective makes the request. Of course, there are many free number-to-address directories on the net that could provide this data.
5. All of the above requires about a day, depending on the size of the log files that have to be searched through, and the short delay in getting info from local telcos (they do move quickly if the right person asks).
All this to say that if these guys are getting away with their crimes for the time being, good for them. However, some "cyber crime" unit will eventually do a sweep, grab all of the above info for a bunch of small time operators in a given city, and shut them down. Yee-haw.
Did anyone else notice that bad guy #1 only spent 2 hours at his girlfriend's place for dinner? Not much time...
Here is the text of an email I sent to the author of this article. I just copied and pasted from my email window before sending, so please excuse any spelling errors. And the formatting sucks. But, if anybody has any feedback, I'd love to hear it. Or anything to suggest to him if he emails me back.
/., a 'News for Nerds' website. The thread can be found at: http://slashdot.org/article.pl?sid=01/03/29/163624 0&mode=nested .
Bob--
I read your article located at http://www.msnbc.com/news/550567.asp and I found some things that I disagreed and thought that I would share my ideas with you. I am basing my statements from both my personal knowledge and a thread at
Firstly, I'd like to quibble some semantics with you. These kids are not 'hackers', they are 'crackers'. A hacker wears a white hat. The crackers wear a black hat. As far as that goes, these kids are not even crackers, they are spammers and thieves. They do not bypass system security in any way, they do not have to show any cleverness. Speaking of clever, you say "clever teen-agers, so called "script kiddies" Script kiddies are not clever. That is the point of the term. They use scripts that were formatted by someone who possessed skill and they just run them. This is not clever, it is, to use thier lingo ' 74m3' (lame).
Secondly, I think that you were had. I think that these were just a couple of bored guys on EFnet who decided to see how much money they could leach from 'the man'. If they are, in fact, making $100k+ a year or anything even close to that (which I doubt), why would they risk jail for a measly 250 bucks? There are, as noted on slashdot, numerous errors and inconsistencies which I won't go into here.
Thirdly, unless you knew this story was false, it seems like you were subsidizing criminal activity by paying these children to steal cc numbers; which is, last time I checked, illegal. A way your article could have helped people, instead of just making AOL users paranoid is to have explained what it was these people were doing and how to know to be suspicious. You could have made a sidebar of the major free e-mail providers and free webspace providers (geocities, yahoo, hotmail, e-mail.com, freeyellow, juno, ad infinitum) and explained how easy it is to get multiple emails/webpages from them. Also, did you do any validation of this story? I could have written a diary for you that would have been written better and more technically accurate. And you could have sent me a check at home instead of bothering with the Western Union subterfuge.
If you would like to contact me, feel free to do so by any of the information listed below.
Brant Pierce
512-xxx-2732
brant.pierce@xxxxxxxx.com
Numeric Paging: 888-536-7251
Text Paging: 5367251@skytel.com
----
This letter represents the opinions of Brant Pierce. It does not represent the views or opinions of xxxxxxxxx Communications, Inc. or any of its subsidiaries.
Brant
Brant
Argle. Bargle.
It must be true- I saw it on the Internet! In the midst of a growing government PR campaign to demonize those with a bit of knowledge and to reduce the abilities of the rest of us to access information (all in the name of protecting our children from porn of course) comes this wonderful piece of fluff from MSNBC. I mean if you can't trust the combined corporate integreties of Microsoft and General Electric corporation well then - I mean who can you trust? Bob Sullivan, the article's author, is a corporate tool who has brought us such notable articles as: "Now, e-mail is even more dangerous", "'Melissa' Continues To Wreak Havoc" and (who could forget) "Surgeon general of the Web? - The eruption of a new virus leads to confusion" Can you say agenda? I knew that you could? The article about the alledged hackers smells worse then a Unix geek on a three day coding binge - I don't believe a bit of it. Wonderful piece of fiction though. Want to find out how and why this kind of crap gets passed off as "news"? Check out these articles about cia partnership with our national news media: http://www.mprofaca.cro.net/ciapress1.html http://www.whatreallyhappened.com/RANCHO/POLITICS/ MOCK/mockingbird.html
----- In Your Cubicle No One Can Hear You Scream...