Laptop Thief Caught via AOL Login

Mundocani writes "Yahoo (Reuters) is reporting that the FBI has caught the guy who stole computers from Wells Fargo. The interesting part is that 'Investigators traced the computer to Krastof when he logged onto his own America Online account at home through one of the stolen computers.' Makes you wonder what sort of hooks the FBI has into AOL or other ISPs and what hardware identification is being transmitted at login."

Re:PC call home

[miu]

Nope, the slashdot blurb about him using his own aol account is wrong.

According to another source "He logged onto an (America Online) account that was registered on that computer and we traced it back to his phone number and address''.

It's the 4th item down on the page, under "Suspected thief arrested".

Re:MAC addresses?

[crevette]

Why make it so complex? The computer was reported stolen by Wells Fargo with all the information, so the FBI issued a request to AOL to notify them if anybody logs into such and such accounts. Once it happens, the FBI simply had to check the phone records to know what is the number of the guys connected and voila!

I work at a phone company in a country without secret services and sophisticated hooks into any ISP and we would be able to pull that out in a matter of minutes.

Re:PC call home

[Mattcelt]

There are several software packages including Ztrace and Absolute Software's Computrace which deal with the issue of laptop theft directly. It seems very likely that these computers were protected with one of these type of programs.

Re:There is no story here

[trystanu]

... and even then AOL didn't help *that* much:

White said investigators had asked AOL as a routine precaution to watch for any log-ons in Gascoyne's name. He said the world's biggest online service had reported a hit earlier this month but then dragged its feet in providing information about the phone line used in the connection.

Not spyware. The story is much simpler than that

[Raphael]

There is no need for any "Phone Home" software or anything sending the CPUID to AOL. The story is much simpler than that and rather low-tech:

• Thief steals computer.
• Thief tries AOL account found on stolen computer.
• Account is known to have been compromised.
• Connection type = dialup = phone number.
• Phone number = address.
• Address = thief gets caught.

Nothing exceptional here. The FBI does not need any strange hooks into AOL. They only need stupid thieves. Case closed.

Re:PC call home

[mess31173]

I work at Wells Fargo and there is a pile of 8 laptops on my desk and the images I apply to them don't have any "call home" software. FYI.

Re:"You've got jail"

I work for WF but do not mean to represent my employer here. Your answer pretty close to right on. Our network logs ALL accesses, but of course denies access to our intranet from the internet at large. Ergo, any request in the access log (like when OutLook tries to connect to our mailserver, for example)that originate outside the intranet are automatically red-flagged. Requests to certain ports within our network are a more serious red-flag as it indicates someone is starting internal application from outside the intranet. IPs are logged, tracert to AOL, have FBI get AOL's access log to match temporary IP/date/time to originating login... not exactly rocket science, folks... There are other applications that as a matter of operation 'call home', so really the moral of the story is that it is a dumb idea to steal computers from work unless you really know how the computer is configured.

Re:Not spyware. The story is much simpler than tha

[_Sprocket_]

An even better quote from another source reads:

Investigators knew where to look for the gear not because of unusually intrepid sleuthing but because Krastof allegedly used the computer to log on to an AOL account belonging to the system's owner, Peter Gascoyne.

Seems Reuters screwed up on the facts.