Cybercriminals Has Heroin Delivered To Brian Krebs, Then Calls Police

← Back to Stories (view on slashdot.org)

Cybercriminals Has Heroin Delivered To Brian Krebs, Then Calls Police

Posted by samzenpus on Wednesday July 31, 2013 @09:35PM from the gift-that-keeps-on-giving dept.

Okian Warrior writes in about a package of heroin that found its way to the door of Brian Krebs. "'Fans' of [security researcher Brian Krebs] have shown their affection in some curious ways. One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home. Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts. Still more admirers paid my cable bill for the next three years using stolen credit cards. Malware authors have even used my name and likeness to peddle their wares. But the most recent attempt to embarrass and fluster this author easily takes the cake as the most elaborate: Earlier this month, the administrator of an exclusive cybercrime forum hatched and executed a plan to purchase heroin, have it mailed to my home, and then spoof a phone call from one of my neighbors alerting the local police. Thankfully, I had already established a presence on his forum and was able to monitor the scam in real time and alert my local police well in advance of the delivery."

50 of 187 comments (clear)

Min score:

Reason:

Sort:

Working link to article by Svenne · 2013-07-31 21:39 · Score: 4, Informative

http://krebsonsecurity.com/

--

Slagborr
1. Re:Working link to article by pne · 2013-07-31 21:53 · Score: 5, Informative
  
  Or even better, http://krebsonsecurity.com/2013/07/mail-from-the-velvet-cybercrime-underground/
  
  --
  Esli epei etot cumprenan, shris soa Sfaha.
2. Re:Working link to article by SMoynihan · 2013-07-31 23:09 · Score: 2
  
  Ahem, if you're going to point out a grammar mistake, it might be worthwhile checking your own correction:
  "Cybercriminals Had Heroin Delivered To Brian Krebs, Then Call Police" (Cybercriminals call the police)
  Or:
  "Cybercriminal Has Heroin Delivered To Brian Krebs, Then Calls Police" (Cybercriminal calls the police)
3. Re:Working link to article by msauve · 2013-08-01 00:02 · Score: 4, Funny
  
  I figured "Cybercriminals" was a corporation.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
4. Re:Working link to article by msauve · 2013-08-01 00:10 · Score: 3, Funny
  
  The author of the summary was distracted by his cable TV, which was being paid for by the admirers of Brian Krebs.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
5. Re:Working link to article by VortexCortex · 2013-08-01 01:19 · Score: 4, Funny
  
  Warning @ Line 3: Expected end of statement or continuation delimiter. Syntax Error @ Line 5: Extraneous capitalization of boolean list qualifier. Syntax Error @ Line 5: Invalid list contiuation; Character ':' already in use. Syntax Error @ Line 7: Expected end of statement punctuation. # Funny how you humans emulate dumb parsers while machine intelligence has overcome this_
6. Re:Working link to article by OakDragon · 2013-08-01 01:24 · Score: 4, Funny
  
  "Cybercriminals Can Has Cheezburger"?
  
  --
  Dark Reflection
7. Re:Working link to article by Kozar_The_Malignant · 2013-08-01 02:54 · Score: 2
  
  It's called subject-verb agreement. Singular subject agrees with singular verb, and plural subject agrees with plural verb. For example, "Cybercriminals have" is correct; as is "Cybercriminal has." I have; you have; he, she, or it has; we have, you have, they have. As another writer here pointed out, this is third grade grammar.
  
  --
  Some mornings it's hardly worth chewing through the restraints to get out of bed.
8. Re:Working link to article by multisync · 2013-08-01 06:29 · Score: 2
  
  Am I the only one here today who speaks English??
  Completely off topic, but so is this whole discussion:
  Thanks to Pulp Fiction, I can not make a language choice during an install without saying "English, mother fucker! Do you speak it?"
  Okay, that's all I've got.
  
  --
  I don't care why you're posting AC
Re:A basic spell check by somersault · 2013-07-31 21:56 · Score: 2

Samzenpus is actually a cat. Don't hold it against him.

--
which is totally what she said
Czar by vikingpower · 2013-07-31 22:00 · Score: 4, Interesting

A guy named Czar posted a thinly veiled threat as a comment upon Krebs' blog post:

"and easy to speak of the lives of others [hackers, carders, botmasters]
you [Krebs] invade the forum these guys and find that they do not go doing anything?, it would be foolish on your part
be realistic, you are at risk talking shit about these guys
this minimum and that they can make in relation to you,
Now, imagine if it was a bomb?, what do you think? [Krebs]
would be surprising if some hacker will not do this someday
good luck with your work, the risks are increasing lol;"
Now one wonders how THAT is going to be played out....

--
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
1. Re:Czar by Anonymous Coward · 2013-08-01 00:19 · Score: 3, Funny
  
  I'm surprised your editor is still on speaking terms with you.
Re:WTH is Brian Krebs?! by Anonymous Coward · 2013-07-31 22:02 · Score: 5, Funny

...And why is an article with a broken link featuring on the /. homepage? Are the moderators drunk?
No, but they did recieve a small brown package in the mail this morning...
Krebs is a scam. by vovick · 2013-07-31 22:07 · Score: 4, Interesting

I posted a comment on his blog a while ago where I questioned the validity of the results of his research that caught a lot of attention a while back. For example, one of his biggest finds was that that one of the scammer' name is Vasily Ivanovich Petrov, which is just a placeholder name just like Joe Public in Russian. He never approved my comment or provided any feedback. If he was an actual researcher, he wouldn't silence reasonable criticism towards him.
It's sad to see him get one meaningless article after another on Slashdot.
1. Re: Krebs is a scam. by vovick · 2013-07-31 22:39 · Score: 3, Interesting
  
  He never approved my comment, so it never made it in the comment section. I didn't do anything significant, I just made a couple of observations that made his research look less exciting, the most significant find I already mentioned above. A good lesson for me to avoid dealing with blogs and bloggers that pre-moderate comments or at least preserve them locally.
2. Re:Krebs is a scam. by Paradise+Pete · 2013-07-31 22:55 · Score: 5, Insightful
  
  He never approved my comment or provided any feedback.
  And so to you the only reasonable explanation is that he read your comment and covered it up, secure in knowing that no one else could catch that error, even though (assuming it's true) it would be obvious to millions of people.
  Comments "awaiting moderation" are often never read by anyone and simply fall into a bucket. If they get moderated at all they can easily be inadvertently flagged as spam along with dozens and dozens of other actual spam comments.
3. Re:Krebs is a scam. by Anonymous Coward · 2013-07-31 23:23 · Score: 5, Funny
  
  He has uncovered the Anti-vovick conspiracy! Quick everyone look like you were doing something else...
  Lord Krebs commands it!
4. Re:Krebs is a scam. by vovick · 2013-07-31 23:39 · Score: 3, Insightful
  
  even though (assuming it's true) it would be obvious to millions of people.
  First of all, I greatly doubt his article was read by millions. Second of all, how many readers spoke Russian to spot the questionable moment? Very few, I must imagine.
  
  Comments "awaiting moderation" are often never read by anyone and simply fall into a bucket.
  That is certainly a valid thought. However, a few comments praising his research got approved both before and after mine. In addition, he commented on some of them in person. This is leading me believe that he did read my comment, even though I will never be able to prove it (great way to deal with the critique, Krebs!).
5. Re:Krebs is a scam. by Chrisq · 2013-08-01 00:27 · Score: 5, Funny
  
  I posted a comment on his blog a while ago where I questioned the validity of the results of his research that caught a lot of attention a while back. For example, one of his biggest finds was that that one of the scammer' name is Vasily Ivanovich Petrov, which is just a placeholder name just like Joe Public in Russian. He never approved my comment or provided any feedback. If he was an actual researcher, he wouldn't silence reasonable criticism towards him.
  It's sad to see him get one meaningless article after another on Slashdot.
  I posted a suggestion to the Pope on how to run the Catholic church and he never approved the comment. This proves he's a fake, right?
6. Re: Krebs is a scam. by turbidostato · 2013-08-01 02:01 · Score: 2
  
  And you are French, obviously.
7. Re:Krebs is a scam. by s.petry · 2013-08-01 02:09 · Score: 3, Funny
  
  The word is not "casted", it is "cast". Please approve my correction comment /. mods!
  Intended as ironic humor, not an insult just in case it gets over looked...
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
8. Re:Krebs is a scam. by Megane · 2013-08-01 02:26 · Score: 2
  
  You probably (if you tell the truth) just commented on a several-month-old blog post, nobody checks the spam filters of those.
  One of the little known good features of Slashdot is that all threads go to archive mode in two weeks. This removes one of the biggest problems with blog spam, which is dropping SEO bait at the end of old comment threads, like bird poop on a car that's been parked under a tree for a few months. It also avoids the problem of people who can't be arsed to check the dates on threads, and post in dead threads as through there was still a conversation going on.
  
  --
  #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Re:Asshole blogger can has publicity stunt by AlphaWolf_HK · 2013-07-31 22:16 · Score: 4, Funny

I don't know who he, but I get the feeling that if he keeps publicizing everything that people send his way or do to him, it might become an internet past-time for more people to start doing the same. It'll be like an internet gameshow:
"Who can send the craziest thing to Brian Krebs?"
It's all fun and games til somebody decides to send a shit covered blasting cap or who knows what else.

--
Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
Re:Working link to editor by K.+S.+Kyosuke · 2013-07-31 22:27 · Score: 2

I only see an "f" in the middle and a crossed out "s" in the top left.

--
Ezekiel 23:20
Re:WTH is Brian Krebs?! by Stalks · 2013-07-31 22:37 · Score: 4, Insightful

The summary switches between third-party and first-person perspective multiple times which is confusing.
Is this the quality standard we are to expect from Slashdot now?
Re:WTH is Brian Krebs?! by semi-extrinsic · 2013-07-31 22:49 · Score: 3, Insightful

Indeed, yesterday I read multiple summaries which had spelling errors that a fifth grader would catch when reading through. One can only surmise that Slashdot editors now need to spend less than three minutes writing a summary.

--
for i in `facebook friends "=bday" 2>/dev/null | cut -d " " -f 3-`; do facebook wallpost $i "Happy birthday!"; done
How often does law enforcement do this? by LeepII · 2013-07-31 22:56 · Score: 4, Interesting

You have to wonder how often law enforcement does this to justify SWAT raids.
1. Re:How often does law enforcement do this? by Antique+Geekmeister · 2013-08-01 00:14 · Score: 2
  
  Not often, I'd think. Failed SWAT raids are quite expensive, and embarrassing. The SWAT members involved would not take wasting their time lightly.
  Misreporting crimes to get them dealt with by another bureaucracy or other department, though, is an interesting way to work around frightened police or bystanders. Remember how assault, especially rape, victims are sometimes encouraged to scream "fire" insead of merely "help I'm being raped"? I've actually run to a fire alarm when my cell phone was out of charge in an emergency. (I saw someone else using their cell phone and didn't have to use the alarm.)
2. Re:How often does law enforcement do this? by Anonymous Coward · 2013-08-01 01:10 · Score: 3, Interesting
  
  If you justify the raid with planted evidence it is no longer considered "failed".
  
  Get some reading comprehension.
What the hell, Slashdot? by EmagGeek · 2013-07-31 22:58 · Score: 2

Cybercriminals HAS [sic] Heroin?
What is this, I Can Haz Slashdot?
1. Re:What the hell, Slashdot? by Anonymous Coward · 2013-07-31 23:00 · Score: 3, Funny
  
  There's a missing 'e'. What he means is cybercriminals kidnapped Wonder Woman and mailed her to this security researcher's home.
2. Re:What the hell, Slashdot? by eyenot · 2013-08-01 01:30 · Score: 2
  
  ... that's because the article was cut and pasted from the link. Which the author does write (it's Krebs' blog). In the first person, naturally. Whoever wrote the article took the first instance of "me", and replaced it editorially [using braces], and then failed to understand that it would be within acceptable editing as well as much easier to read if they took the liberty of changing the rest of the first-person references to refer to Krebs, as well.
  
  --
  "Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
Slightly off topic by Presto+Vivace · 2013-07-31 23:57 · Score: 3, Interesting

but I have to wonder how many bitcoin users are government intelligence officers of assorted nationalities, or even security officers for assorted private corporations doing stuff that they do not want traced.
1. Re:Slightly off topic by PRMan · 2013-08-01 01:32 · Score: 2
  
  The Swiss made rules that required identities years ago. That's why everyone switched to the Cayman Islands.
  
  --
  Peter predicted that you would "deliberately forget" creation 2000 years ago...
GOVERNMENT CONSPIRACY by korbulon · 2013-08-01 00:08 · Score: 5, Funny
This is obviously yet another blatant attempt by the federal government to discredit a real American hero. Not convinced? Look at the facts:
1. Heroin is known by several street names, including (but not limited to) smack, dope, junk, brown sugar, and WHITE HORSE
2. "Brian" is an Irish-Breton name meaning 'High'.
3. Krebs is German for 'Cancer', but in a pinch can also mean 'Crab'
4. 'Crab' has four letters. Four in German is 'vier', which when pronounced sounds like 'fear' in English.
5. In July of 1963 a little-known top-secret project sanctioned by the CIA was started, which studied - among other things - the effects of illicit drugs on sea-faring crustaceans. The name of this project was Operation Dungeness. Among the members of the research team was - you guessed it - a German scientist of dubious political background, last name of Krabbe.
6. As the Dungeness scientists became deranged with drugs and power, their range of test subjects expanded from sea-faring crustaceans to rodents and finally to small orphan children
7. These orphas were harvested from foster homes and from the streets,to become nameless waifs, but one of these orphan children was nicknamed Brian Krebs ('High Crab') - a sick joke of the scientists
8. One dark and stormy night a lightning strike knocked out the main power transformer suppling power to the underground lab. In the ensuing chaos, Krebs escaped, but during the escape he was bitten by a radioactive sea-faring crustacean, and it left a mark in the shape of a 'K' on his outer right thigh
9. Armed with the truth, Krebs reached an uneasy truce with government goons, keeping them at bay - for now. But behind the scenes he wages a one man crusade against the mad CIA scientists who subjected him to a wide range of inhumane experiments as a nameless waif. Masquerading as a security expert, he uses his contacts in the underground to uncover evidence which will one day bring the perpetrators to justice.
10. But the government does not stand idly by: knowing that direct confrontation is out of the question, it instead opts for a campaign of slander, defamation, and sabotage. This latest attempt to deliver illicit drugs is not simply meant to defame and criminalize Krebs, it is a message. And that message is: "We are coming for you."
I could go on and on, but I believe these facts speak for themselves.
Didn't work for me by PopeRatzo · 2013-08-01 00:09 · Score: 4, Funny

I tried that "Hey, cybercriminals delivered this heroin to me" routine and the cops didn't buy it.
I have shitty luck.

--
You are welcome on my lawn.
1. Re:Didn't work for me by Ksevio · 2013-08-01 01:46 · Score: 2
  
  Did you tell them before it was delivered or when they walked in on you injecting it?
Re:Asshole blogger can has publicity stunt by AmiMoJo · 2013-08-01 00:14 · Score: 4, Insightful

I'm still amazed the police gave a shit. Around here they normally just fob you off until the drugs actually arrive, then arrest you and take your DNA, computers, phones etc. Then finally when you get a lawyer they might drop the case (typically takes about six months if it's fast-tracked) and then after a few years you get your stuff back.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Asshole blogger can has publicity stunt by Niggle · 2013-08-01 00:42 · Score: 5, Funny

"Who can send the craziest thing to Brian Krebs?"
A bobcat? http://xkcd.com/325/

--
- Blah blah blah, missing scientist. Blah blah blah, atomic bomb. -
War on Drugs by FuzzNugget · 2013-08-01 00:47 · Score: 4, Insightful

Another reason why the war on drugs does more harm than good. This guy is lucky to be alive and was very fortunate to have the wherewithal to be one step ahead of the ne'er-do-wells. Anyone else would have had a very real chance of getting injured, maimed or killed by the local paramilitary police force. Let's not kid ourselves, it probably helps that he's white and privileged, too.
If we had sane drug policy, the worst that could have happened is having the drugs confiscated and getting a slap-on-the-wrist regulatory fine.
1. Re:War on Drugs by swb · 2013-08-01 04:16 · Score: 2
  
  But the criminal setup only works if the police response to it is over-the-top, and with drugs it always is. The police aren't responsible for this "prank" but they are responsible.
  If I was your neighbor and I called the police suspecting you got a suspicious package that didn't involve drugs, it might warrant a squad driving by to check out the house and possibly stopping to talk to me (who made the call) to get more information. They might knock on your door and say "Yeah, your neighbor was concerned..." just to get an idea if I was on the level or not.
  If I was your neighbor and called the police and said "Yeah, I think he's dealing drugs and just got a shipment." you may end up getting your house raided by a high-risk entry team, including having them toss the contents and detain you. If you're white, have a good lawyer, no criminal history and pass a piss test the D.A. *might* buy your story that those drugs aren't yours. Otherwise you're facing a possible Federal felony drug beef, sitting in Federal detention for months waiting for trial and bankrupting yourself to prove your innocence.
  The overreaction and police state tactics certainly are the cops fault.
What about that free cable? by Joe_Dragon · 2013-08-01 01:03 · Score: 2

I hope he does not have to pay EFT fees and other stuff to fix that and that they don't cut him off. What cable co lets someone pay for 3 years up front like that without an fraud flag going up?
Re:Working link to editor by NatasRevol · 2013-08-01 01:12 · Score: 3, Informative

WARNING
You're an idiot if you actually clicked on that link.

--
There are two types of people in the world: Those who crave closure
Journalist can has risk by plover · 2013-08-01 01:52 · Score: 5, Informative

Brian Krebs is a former Washington Post investigative journalist who has been writing about Internet security issues for a long time. He writes a lot about malicious attacks and often exposes the attackers. These are not nice people, either; they are spammers, botnet herders, guys who make, sell and buy credit card skimmers, hackers who steal credit card info, guys who run DDoS-for-hire sites, etc.
He uses aliases to get himself invited to underground forums, monitors them for as long as he can, then exposes the criminals. The bad guys are also improving their own security, and becoming more adept at turning the tables. One forum placed unique values in the "# of posts" listed in the left side column of their forum, then outed him when he posted a screenshot.
Needless to say, the people he is messing with are very annoyed at him. They are trying all the tricks they can to harass him remotely, such as ordering merchandise paid for on his credit cards, sending him unwanted (and now illegal) stuff, and using his credit cards to donate to charities. They've been trying to send him all the craziest, most annoying, most hazardous stuff they can without personally touching the merchandise themselves. The most dangerous stuff they have managed to send him so far was the SWAT van full of cops in a midnight raid. If these guys could get someone else to ship him a live cobra in a box, or a shit covered blasting cap, they wouldn't hesitate for a second.
While he may not be a "hero", Mr. Krebs has done some good work at cleaning up several of the nastier elements that infest the Internet. You get less spam in your in box thanks to him.

--
John
Re:Asshole blogger can has publicity stunt by chihowa · 2013-08-01 02:04 · Score: 2

He looks pretty clean cut; that seems to go a long way with the police. From his history, it seems like the local police and him have a pretty intimate (and not adversarial) relationship. I think that helps quite a bit, too.
Repeat the situation with a mass-media stereotypical "hacker" and it would probably fit your description a little closer.

--
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
Re:Asshole blogger can has publicity stunt by AmiMoJo · 2013-08-01 02:35 · Score: 2

The police hate reports like this because they require huge resources to solve. Some guys in Russia ordered some drugs from the Farmers Market on Tor and paid with BitCoins. The seller presumably took steps to prevent them simply tracing the origin of the package. All the report does is add 1 to the unsolved drug crime stats for their area, making them look bad.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Asshole blogger can has publicity stunt by demonlapin · 2013-08-01 02:46 · Score: 3, Funny

No, usually the cops have to plant the drugs themselves.
Please proof your title by azav · 2013-08-01 03:00 · Score: 2

That title is just embarrassing.
Either of these are correct:
Cybercriminals Have Heroin Delivered To Brian Krebs, Then Calls Police
or
Cybercriminal Has Heroin Delivered To Brian Krebs, Then Calls Police
Let's at least hold our submissions up to standards of English that we should have learned before leaving grammar school.

--
- Zav - Imagine a Beowulf cluster of insensitive clods...
noob by slashmydots · 2013-08-01 03:05 · Score: 2

Security researcher or enthusiast rule #1: if you're going to try and frame someone or whatever, don't fucking post about it on the public internet
Re:Asshole blogger can has publicity stunt by Cederic · 2013-08-01 05:49 · Score: 2

"Local police successfully intercept Heroin shipment"
"Police seize drugs worth $4000"
"Police thwart blackmail attempt"
"Police become fucking heroes of the night"
The police _love_ this sort of shit.