Crackers Take Down FBI Web Servers

Xanadu Inc wrote in to send us a story over at ZD Net about Crackers taking down the FBIs Web Site. The article refers to them as Hackers (Bad ZD! No Cookie!) and says that it was the result of search warrants being filed against Global Hell (gH) that apparently got some PCs confiscated.

FBI Visits

The FBI agents that visited me last year about this time were actually pretty nice. Unfortunatly some boob from my university snagged my IP and smurfed the University of North Carolina.. (for 5 days straight.. and my U didn't bother to keep any logs or anything.)

The best was when they knocked on the door (my room a mess...)

F: Hello, we're from the FBI (badges shown).. Could we come in and ask you a few questions?

M: Sure, but I wasn't expecting guests...

F: Got any computer in your dorm room?

M: Ya.. one behind the couch, two on the desk, one in the closet and a laptop on the bed.

.... anyway the dude with a clue told me what happened (6 months earlier) and they left and never came back.. :)

So now I have my very own file in the FBI archives.. (Does that raise my purety test score?)

Re:Read Anti-online's coverage...

[expunged]

Actually, I know for a fact that #Pascal has a lot to do with cracking...

about a month ago, WSU (http://www.wsu.edu)'s webserver *was* cracked. If you were logged on when the instigating party was, you usually got a message flooding your terminal that said "The Matrix Has you" and at one point people were getting ads for the channel #Pascal. They did a fairly nice job... ended up getting the webAdmins to make the web server, our UNIX server, and our mail server serve only local (WSUNet, ResNet and DialUp) users.

If you spend five minutes in #Pascal, you will learn that it *does* have to do with cracking...

Basically, the point is that they use PASCAL to 'program' cracks, and these cracks *work*. In a few moments here, another message will be posted with a few links.

*shrug* Maybe you should spend a little time in the channels before you infer that you know of their content.

-nicole

Crackers...

[Chutzpah]

I know some crackers, I personally dont agree at all with cracking, it is just a pain in the ass for the server admins, but what I have noticed about most crackers nowadays is that they generally use overly easy ways to crack the sites that they get in. Crackers used to have to have some skill, but now anyone who knows the win98 filesharing problem has a good chance of being able to crack many sites.

I guess its just what was said above about cracking being the instant gratification method, and hacking being the long, slow method.

Lame Posts

[Null_Packet]

I swear some of you people... it's just as easy to run a script as it is to link to antionline. Sice when did they become anything of a source for hacks/cracks? Is it because they can post their router logs on their web page? Big freekin deal. Ask anyone including the kiddees and they'll tell you sources for hack/cracks are 2600 and Defcon, Resentment, l0pht, etc. Why is it that all the diverse groups of hackers out there seem to hate antionline? hmmmm.... maybe becuase the dorks at AnitOnline (coincidence, eh?) take credit for other people's work. Try something approaching a real security site like:

http://l0pht.com
http://www.2600.com
http://www.resentment.org
http://www.303.org

Cracker/Hacker contrast

[Izaak]

I personally find the comparing and contrasting of the cracker and hacker communities to be an interesting passtime. They both thrive in the same environment (the Internet) and are often motivated by the same things (status among peers, the desire to solve challenging puzzles), but there are also some fundimental differences.

I've been a hacker (not cracker) for quite a few years. I've written a lot of networked applications, been sysadmin on many types of systems and networks, decoded protocol stacks and the like... in short, I could probably be a killer cracker if I really wanted to. But I have no desire for that. Cracker accomplishments seem too fleeting for me. A crack might make the news for a day or two, but eventually it fades away. If I instead develop an open source tool that becomes popular, I will have a much more noticable (and positive) impact that will last for a long time. I get the satisfaction of actually having built something instead of having torn something down.

But I can understand the lure of cracking. It appeals to that puzzle solving side of me. If only the two communities were not so often confused in the media... (sigh)

Thad

Re:Cracker/Hacker contrast

[Desert+Raven]

Well, the allure of cracking vs. hacking can be summed up in two words...

Instant gratification.

To be a respected hacker is a lot of work. To be a famous hacker requires incredible talent. Inspiration, elegance and sophistication are all requirements to be a respected hacker. By definition, a hacker writes his own code, since the code IS the hack.

To be a "respected" cracker, requires little time. Most crackers do not have to write their own code. Elegance and sophistication may keep you from being caught, but are not requirements. Instead, to gain recognition as a cracker, you are judged by the prominence of those systems you break.

Me, I'm in it for the long term even if I never do become famous.

A group of hacker self called slashdot...

[Le+douanier]

"A group of hackers that call himself slashdot are being seeked by the FBI because they took down an average of three sites a day.

This group is one of the most numerous, counting no less than many dozen of thousands of hackers who are always working on taking sites down.

The FBI said they cost more than 100Millions of $ in downtime to the society owning the websites they hacked..."

That would be funny if someone would do a satyric article in this style. Anyone has got other ideas to rewrite this or continue this???

BTW: not being myself a hacker (just a wannabe or a newbie) I found it a shame that the mainstream press use this word in this way, I really like this word and don't like to see it used by crackers.

Flooding a web server != 'Hack Attack'

[DiningPhilosopher]

Seems like crackers have to go to less and less trouble to make the news.

Hell, we slashdotters take down websites all the time...

My 2 cents

[pcgamez]

I normally just browse around Sladshot, but this newspiece caught my attention. Here is my opinion of everything:

I think that the FBI was just really asking for it.

The US government is cracking down on hackers because they (hackers) have more power than them. Hackers are not really "bad"" in the normal term. They commit crimes, but the crimes that they commit are most of the time essentially harmless. I believe that there will always be hackers.

I think that what they did was really wrong. They really gained only 2 things out of it:

1. Publicity - The media jumps on every chance to get a story about hackers. They tend to believe that they are some big "secret organization" that is trying to take over the world. I think that this story will ultimately work in the hackers favor because it shows that hackers can kick the governments butt if they want to.

2. The second thing that they got was a lot of bad publicity in the goverment. The US government (and others) will now try even harder to crack down on the Internet. The governments of the world will try and regulate it (eventually) to the point where all content, including webpages, is strictly regulated. If this happens, hackers will continue to survive, but will eventually all be caught or simply dissapear.

overall, what they did was not good for the internet community. Something less specifically directed at the government would have been better.

I know this is probably confucing, ihave no idea what I am typing either.

Pushing it back underground

[D3]

I hate the fact that the media and FBI are making this so huge. I have to do intrusion testing from time to time. I'd hate to think that the FBI would be successful at getting crackers to not show off so much. Right now I have an easy time of getting lots of useful information on vulnerabilities. Lots of websites, etc. But if the heat is on, the vulnerabilities don't go away, only the people talking about them.

i'm not sure i grab you

[krog]

This is just one more step toward the government trying to control the internet.

i don't agree. i think this is the government trying to squelch the hordes of 3133+ script kiddies, but not trying to control the Internet. That's the job of the large ISP corporations (AOL and the family-values-havin' like) and the no-sighted crypto restrictions.

When will they realize that when you mess with internet lifeforms, they will bite back and defend their 'offspring'?

i'm not sure i grab you here. i think this is a case of the h@x0r d00dz defending their turf, not a solidarity among net users. no one likes to see their contemporaries raided as a result of acts they too have committed. it makes people scared. this is those people's way of making the Man just a little bit more afraid. i don't think it will work.

-krog

You don't f*ck with the FBI

[Kiwi]

Listen, guys. There are certain things that you plain simply do not do. One of them is f*ck with the FBI.

If you f*ck with the FBI, they will catch up to you. Sooner or later. And, your ass will be grass when they do. At best, you will lose your computers, and your parents will have to spend tens of thousands of dollars hiring a lawyer.

I remember someone in Isreal, who, in his arrgogance, thought he was too good to be caught. Think again. They caught him.

- Sam

Webservers?

[greenfly]

Why is it that whenever I hear about some "cracker" breaking into a system, that system is a webserver? Used to be that a cracker would break into a server to look around at the system and see how it worked, do crackers today even know how to do anything but use webserver exploits against webservers? One trick ponies.

the scoop on #pascal

[expunged]

#pascal is in connection with a group calling themselves "C.L.N." the FBI knows them because they rooted several servers (including www.wsu.edu) around April 10th thru 11th


BS you say? look here.

the .log file is April 11th and "TeknoDragon" is me trying to get anyone to give up any info... (they pissed me off, I missed my e-mail!)

Re:the scoop on #pascal

[amadeus-]

This is amadeus, i run the #pascal chat room, on one side we dont talk programming 99% of the time, were no saints, but we have no affil. with any groups as a whole channel if anyone in our room is affiliated that is their business and none of our own, zyklon was acting on his own without any help inside our channel, we have played with kills and nukes, but have never at any time performed any hacks other then the ones that zyklon did pull. If you wish to get the news right the first time your welcome to message me on efnet irc as amadeus usually from flash or prodigy net, always in #pascal, if you want an interview or question anything thought or heard about our channel wed appreciate it if youd come to the source instead of spreading BS around the net that gets people startsed on untrue BS, the log that was submitted mainly talked about me getting laid and others doing normal everyday things, a couple people have made port scanners/checkers loggers and in the far past a couple icmp type programs but noone in our channel has ever written any utilities to
"hack" or cause permenant harm to any servers, whether or not anyone in there has ever tried is another things succeeded, now thats another thing. Attempting to link us with a group that weve never heard of is BS and they seem like morons just by looking at what they do and what we
ve heard, if we were a member of any group we would at least admit it. Whether or not zyklon was ever in any of those groups, i do not have that information he was in lots of things we never knew about, we have been around since the old irc war days we were known as the #pacal crew back in those days and we do refer to ourselves in that way still, but at no time were we ever into hacking servers or causeing harm apon anyone for no reason. And if you really wanna hear more or ask questions as I said above your welcome to contact me, and that still stands, but at least get it right before some punk passes stuff he feels gets back at us for things we may have done to him (ie. pissing him off banning him and such) 99% of those logs seem real although there are a few questionable lines in there, i know i did get laid so thats true, but that log was made a couple months ago and really has nothing in it linking us to any hacking group. Oh and in closeing 1 i remember that day well and noone even remembers teknodragon joining the room none, and on top of that he came in said cln and not another day thing, Im not sure who the hell he is and how that makes him special but if he has a problem with us hes welcome to take that up with us instead of spreading untrue things about our chat room. the motions made by the lines : [17:34] drip, ya want in the group as a distro? =)
[17:34] what group?
[17:34] an 3l33t hax0r group that hacks in pascal =)
[17:35] err with pascal hacks
now come on hacking in pascal? hacking takes a little better programming language then tp7 sorry to say that was a joke by someone in the channel if you believe that you should be the one being locked up, for your own good :P -- amadeus .oOo. Above and Beyond .oOo.

Read Anti-online's coverage...

I suggest everyone go read anti-online's coverage of this.

If some of those items, specifically the article
about the FBI directives sent to ISPs, are true,
it is a VERY disturbing situation...

here are some excerpts....

AntiOnline Receives Directives
Thursday, May 27, 1999 at 11:59:27
by John Vranesevich - Founder of AntiOnline

AntiOnline has recieved directives given to
several ISPs listing the groups of hackers and
hackgroups that they're currently targeting.
Sources faxed AntiOnline the 6 page directive
which begins:

-snip-

The request then goes on for 6 pages listing
hacker, groups, and media currently under
investigation by the FBI. The list contains
not only the hacker's handles, but in most
cases, their real names. For the privacy of
those involved, AntiOnline is only publishing
their aliases. Here is a partial list of the
individuals on that list:

-snip-

Notice an important section from the above
paragraph: "...and media currently under
investigation by the FBI."

Now I REALLY have to wonder...what MEDIA is under
investigation by the FBI...and more importantly,
in what way are media services related to crackers
and their activity?

I am wondering if the FBI is attempting to "get
some dirt" on those media outlets that they
detest...(this may be completely off base but it
deserves some attention...).

Another interesting(and disturbing) part is listed
later on:

The directive goes on to request information to:
Directories, files, logs, records, information or
any data concearning IRC Channels visited by
Hackers or individuals listed in paragraph 1,
specifically:

It goes on to list the following IRC Channels:

#creep
#j00nix
#tk
#pascal
#ex0dus
#faggotsex
#gayfagsex
#gaysex
#hackunix
#hax0r
#lezbiandsex
#linux
#sex_gay
#sex_pl
#shellx.log

-snip-

It concerns me that some of those channels have
*NOTHING* to do crackers at all...
#PASCAL?!?!

Again, maybe this is not important...
but I am certain many people have visited #linux
for non-cracking reasons(I know I have on
EFNET).

Just some thoughts...

dCf

--"They go around loooking younger for a few days,
then they need more...."

Waste of time...

[chuckw]

Seems like anyone can run a few scripts and get famous. I got busted for cracking 4 years ago, 'cept I wasn't using someone elses tools. It isn't as glamorous as one would think. I'm having much more fun maintaining and building the world I live in rather than trying to take it down...

What're you talking about?

[webslacker]

These were a bunch of kids who thought that having a computer gave them the right to do whatever they could on their computers! Oh, I'm sorry, it wasn't even their computers... it was their parents' computers!

You think setting up illegal conference calls on someone else's network for hundreds of thousands of dollars is defensible? Oh, and when you get search-and-seizure, you vent your frustration by downing the FBI website? Real mature! Damn, it's like you give a baby a hammer, and everything looks like a nail to him! These kids have to be taught that you can't get around life doing whatever the hell you feel like. The internet had a bad enough rap after the Colorado shootings, this doesn't help any.

Mountain from a Molehill

[Accipiter]

I'll be the first to say that most of the members of gH were probably sloppy, and some did some things to deserve what they got. However, being someone who talks to mosthated on a regular basis (he's a fellow op in #HackPhreak), I know that he probably didn't do anything major. Although I don't personally know the details of what the members are being charged with, I think the news agencies like ZD Net and Antionline are making more of this than it really is. I think it's to prey on the public's fear of the "media image" of hackers. It seems that Antionline, and websites like it enjoy blowing a story out of proportion, and making it bigger than it really is. (Notice ZD quoted Antionline.) But hey, that's journalism, right? I don't think so.

-- Give him Head? Be a Beacon?

maybe another hack (US Senate)?

[gavinhall]

Posted by neurotus:

antionline sent me this:

US Senate Website Hacked Thursday, May 27, 1999 at 19:42:37
The hacker "counter strike" continues, as the the official website of the United States Senate is defaced.

For their link click here. Although it may not work... hmmm....

I was a script kiddie. I've seen all this before.

You know, I used to be one of those "script kiddie crackers" back in the early 80's. Back then, the big thing was cracking copy protection schemes on software and phreaking the phone system for free calls.

Back then, the FBI was making a regular habit of confiscating computer equipment. It was commonly referred to "being visited by the men in brown shoes". The FBI didn't usually press charges. They just walked in and took all your stuff.

It really sucked if you hadn't done anything wrong. Which I suspect happened all to often. It's fairly trivial, although rather illegal, to reroute a phone system so your making phone calls on your neighbors line. If your neighbor owned a computer -- well hopefully you guys weren't friends... At least not for long...

I did learn an awful lot during my larval stage as a script kiddie. Not in the least how to keep a low profile. There's something about watching your friends' BBS's disappear through the "Men in Brown Shoes" to really encourage the use of aliases.

And, in time, I went on to do some interesting things. A few of which were even legal....

As for retaliating at the Man: It's an awful lot of work to do it right. But, yeah, I suspect I could do it. And I suspect I could get away with it. And that little fact lets me sleep a lot better at night.

There's a lot of powerful people in this world who could really hurt me. Our government is full of such people. But, as the sayings go: "Live and let live". Or, alternatively: "Piss me off, pay the consequences..."