==Phrack Magazine== Volume Seven, Issue Forty-Eight, File 18 of 18 PWN PWN PNW PNW PNW PNW PNW PNW PNW PNW PNW PWN PWN PWN PWN PWN Phrack World News PWN PWN PWN PWN Compiled by Datastream Cowboy PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN Security Software Thwarts Hackers July 23, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (PRNewswire) World Star Holdings, Ltd. announced today that there have been approximately 5,000 unsuccessful attempts to break its proprietary VPAGE Internet security system. In order to further demonstrate the functionality of its technology, they Company has unveiled a new addition to the World Star Internet security challenge: "The World Star Cyberhospital." The company recently launched an online contest offering more than $50,000 in cash and prizes to the first person to break its security. [ THESE CHALLENGES ARE UNADULTERATED BULLSHIT. Phrack suggests you test something other than the fake, non-production demo contest system. How well does their software hold up in a real business environment? (in other words: THEIRS!?!!@$) World Star Holdings (NET-WORLDSTAR-MB-CA) 165 Garry Street Winnipeg, Manitoba R3C 1G7 CA Netname: WORLDSTAR-MB-CA Netnumber: 205.200.247.0 ] ----------------------------------------------------------------------------- Your Cellular Phone Number May Be Up For Grabs August 21, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Mimi Whitefield (Miami Herald) Electronic bandits have snatched cellular phone numbers from the airwaves and cloned phones used by the Miami office of the Secret Service. BellSouth Florida president Joe Lacher's phone has been cloned; Spero Canton, spokesman for BellSouth, has been a victim three times over. "The bums never sleep. They're everywhere," complained Bill Oberlink, regional president for AT&T Wireless Services. But the good news is that law enforcement agencies and cellular companies themselves are fighting back with a new arsenal of tools, technology and laws that make it easier to detect and prosecute cellular bandits. ----------------------------------------------------------------------------- Miami Fraud Squad Pursues Cellular Bandits August 12, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Audra D.S. Burch (Miami Herald) How's this for capitalism gone awry: Metro-Dade police nabbed a cellular bandit who was selling a $150 package deal -- $75 each for a stolen phone and number -- along with a 30-day guarantee on unlimited illegal air time. In a sting operation, police took him on the cut-rate offer. Thanks to the work of a special Metro-Dade Police Economic Crimes Bureau, the entrepreneurial cloner got a prison sentence. ----------------------------------------------------------------------------- Newer Technology Aids Fight Against Cellular Fraud August 21, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Mimi Whitefield (Miami Herald) New technology is on the side of cellular companies fighting telecom criminals who can rack up thousands of dollars in illegal charges before a consumer even knows he's been hit. New Jersey-based Bellcore, for example, has developed NetMavin software, which can detect fraudulent or unusual calling patterns within half an hour. "This is really going to screw the cloners up," said Roseanna DeMaria, an AT&T Wireless executive. ----------------------------------------------------------------------------- SPA Files Copyright Suit July 28, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~ (Reuters News) The Software Publishers Association said Sunday it filed a civil copyright infringement lawsuit against a Seattle man for illegal distribution of software on the Internet. The suit, which was filed July 23 in the U.S. District Court in Seattle, alleges that Max Butler illegally uploaded copyrighted software to a file transfer protocol site for distribution across the Internet, the trade association said. "This action is a warning to Internet users who believe they can infringe software copyrights without fear of exposure or penalty," said Sandra Sellers, Software Publisher's vice president of intellectual property education and enforcement. ----------------------------------------------------------------------------- The L0pht August, 1996 ~~~~~~~~~ by Steve G. Steinberg (Wired) p. 40 What do a group of hackers do when the equipment they've accumulated over years of dumpster diving no longer fits in their apartments? They get a l0pht. Since 1993, a core group of seven Boston-based hackers have rented a loft space for hacking, trading information about cellular phones security, and building things like a wireless Internet service using discarded microwave equipment. Now that all of them have day jobs in the industry, why do they keep at it? "For the girls and the text files, of course," says Mudge. [ HELL YES!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ] ----------------------------------------------------------------------------- Cracking Down on the Outlaws of Cyberspace July 2, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by M.J. Zuckerman (USA Today) p. 4B What's it take to be America's top cybercop? "I was a hockey referee, so I'm used to being beaten up," suggests Jim Christy, who is among those most often mentioned for the title. And he's been at it for only a decade. Today, with the weighty title of Chief of Computer Crime Investigations and Information Warfare, he is one of 68 computer investigators in the Air Force Office of Special Investigations (OSI). Christy, a Baltimore native, stumbled into the computer field. After drawing No. 35 in the draft lottery during the Vietnam War, he joined the Air Force rather than waiting to be drafted. He spent the next four years as a computer key punch operator, followed by 13 years as a civilian working computers at the Pentagon. When he moved to OSI, Christy largely ceased his hands-on involvement with computers and systems. Since last fall, Christy has been on temporary assignment to the Senate Permanent Subcommittee on Investigations, helping them examine security in cyberspace. "I like working up on Capitol Hill, because you can make a difference," Christy says. ----------------------------------------------------------------------------- Hackers Penetrate Justice Department Home Page August 18, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (AP News Wire) Internet hackers infiltrated the Justice Department's home page yesterday, altering the official web site to include swasticas, obscene pictures and lots of criticism of the Communications Decency Act. The official web site, which was turned off by government technicians when it was discovered, was changed to read "United States Department of Injustice," next to a red, black and white flag bearing a swastika. The page included color pictures of George Washington, Adolf Hitler, and a topless Jennifer Aniston. [ A link to a copy of the page is it http://www.fc.net/phrack/doj ] ----------------------------------------------------------------------------- Employment Prospect Grim for Hacker August 19, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (AP News wire) Employment prospects are grim for Kevin Lee Poulsen, a computer whiz imprisoned five years for his cyberspace havoc. The 30-year-old hacker has been barred from getting near a computer for the next three years and he now fears selling cowboy boots at a Western store will be his only opportunity to make some money. "It's the only place where I've been greeted with a positive attitude," he said during an interview last week. "I can't get a job that I am qualified for, basically." On September 3, he goes to federal court in hopes of having some of the computer restrictions relaxed. ----------------------------------------------------------------------------- School Hires Student To Hack Into Computers August 22, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (The Sun Herald) Students at Palisades Park's high school needed their transcripts to send off to colleges. But they were in the computer and no one who knew the password could be reached. So the school hired a 16-year-old hacker to break in. Superintendent George Fasciano was forced to explain to the School Board on Monday the $875 bill for the services of Matthew Fielder. ----------------------------------------------------------------------------- Feds aim low on hacker crackdown June 21, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Lewis Z. Koch (Upside Online News) Nineteen-year-old Christopher Schanot of St. Louis, Mo. has been languishing in a Federal jail since March 25, 1996, charged with four counts of computer hacking. He is not allowed to post bond, because Federal authorities contend he is "a computer genius intent on infiltrating computer systems of some of the largest companies and entities in the country," and because a jailhouse snitch claims Schanot bragged he would run away if he were released. He has never been charged with a crime or arrested before. Schanot's problems began after he ran away from home on May 30, 1995, taking some of his disks, a hard drive and personal items. According to a knowledgeable source close to Schanot, Chris felt his parents, especially his father Michael, didn't understand or respect him. Less rocky, it seems, was his relationship with Netta Gilboa, a 38-year-old woman living near Philadelphia. Gilboa is editor-in-chief and publisher of _Gray Areas_, a slick, text-heavy, irregular magazine that explores the "grey areas" of "alternative lifestyles and deviant subcultures." ----------------------------------------------------------------------------- City of London Surrenders To Cyber Gangs June 2, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (Times of London) City of London financial institutions have paid huge sums to international gangs of sophisticated "cyber terrorists" who have amassed up to 400 million pounds worldwide by threatening to wipe out computer systems. A Sunday Times Insight investigation has established that British and American agencies are examining more than 40 "attacks" on financial institutions in London and New York since 1993. Victims have paid up to 13 million pounds a time after the blackmailers demonstrated their ability to bring trading to a halt using advanced "information warfare" techniques learnt from the military. According to the American National Security Agency (NSA), they have penetrated computer systems using "logic bombs" (coded devices that can be remotely detonated), electromagnetic pulses and "high emission radio frequency guns," which blow a devastating electronic "wind" through a computer system. The gangs are believed to have gained expertise in information warfare techniques from the American military, which is developing "weapons" that can disable or destroy computer hardware. Some are also known to have infiltrated banks simply by placing saboteurs on their payroll as temporary staff. ----------------------------------------------------------------------------- Credit Fraud on AOL ~~~~~~~~~~~~~~~~~~~ (AP Newswire) Two boys posed as billing representatives for an online service and stole at least 15 credit card numbers, and used those numbers to buy $15,000 worth of merchandise, from computer equipment to cymbals, police said. The two 16-year-olds were charged with 39 counts of possession of stolen property, theft and attempted fraud. They were released to the custody of their parents pending a Family Court hearing. Police believe the boys obtained a program designed by computer hackers to flimflam customers of America Online. It sends a message to users saying they will be cut off if they don't type in their name, credit card account number and computer service password. ----------------------------------------------------------------------------- FBI Survey Reveals Growth of Cybercrime May 6, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Rory J. O'Connor (San Jose Mercury News) Intruders are breaking into the nation's computer systems at an increasing rate and often with more nefarious motives than in the past, according to a survey co-sponsored by the FBI and a private group of computer security professionals. "What this shows is that the ante has been upped in cyberspace," said Richard Power, senior analyst of the Computer Security Institute in San Francisco, which conducted the survey. "As all manner of commerce moves into cyberspace, all manner of crime is moving there as well. It's no longer just vandalism." More than 40 percent of the 428 corporate, university and government sites that responded to the FBI survey reported at least one unauthorized use of their computers within the last 12 months, with some institutions reporting as many as 1,000 attacks in the period. It also appears that there's more computer crime for hire occurring, Power said, exploiting mainly older hackers who have graduated to making money off the skill they once used simply to establish bragging rights with their peers. He suggested that some of the hiring is being done by intelligence services of various governments, although he offered no proof. ----------------------------------------------------------------------------- University hacker to be hunted on the Internet April 27, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By Robert Uhlig (London Daily Telegraph) Computer experts at Cambridge University are using the Internet to hunt for a hacker who breached their security systems to access some of the world's most sensitive research information. The authorities had no indication that the hacker deleted or altered files, "although there was the potential for that", he said. Files belonging to world-renowned research scientists may have been viewed or copied, giving the hacker an insight into commercially and academically sensitive material. The hacker used a so-called sniffer program, which sat silently within the computer system for four weeks, monitoring its activities. This could allow the hacker to compile a list of all passwords to give him unhindered access to every computer on the university's network. "There was the potential to access any material on any computer anywhere on the university's network - ranging from electronic-mail to confidential research data," said Mr Stibbs. ----------------------------------------------------------------------------- Agents' Codes Exposed on Web March 16, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ By: Robert E. Kessler (Newsday) In an attempt to help (Ed) Cummings, and discredit the Secret Service, a Long Island-based hacker magazine last week launched a page on the World Wide Web publishing lists of Secret Service radio frequencies, photographs of agents, and codenames used by the agency for officials and buildings. Last year, Cummings, a 35-year-old native of Reading, Pa., pleaded guilty to federal charges in Philadelphia of possessing telecommunications equipment with intent to defraud and served a seven-month prison sentence. As a result of that conviction, last week Cummings was sentenced by a judge in Easton, Pa., north of Philadelphia, to serve a six- to 24-month sentence for violating probation after pleading no contest to a 1994 charge of tampering with evidence in another telephone hacking case. "Painting this guy as some white knight or someone who is standing up for free speech is wrong," said Kun. "He's engaged in fraud." Cummings' attorney, Kenneth Trujillo, could not be reached for comment. ----------------------------------------------------------------------------- Judge Denies Bond to Accused Hacker April 6, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Tim Bryant (St. Louis Post Dispatch) After another prisoner said accused computer hacker Christopher Schanot was planning a quick escape from his parents' home near High Ridge, a federal magistrate decided Friday to keep Schanot in jail. "He said he would wait a couple of days and take off," testified the prisoner, Gerald Esposito. Schanot's lawyer, federal public defender Norm London, told Davis that the alleged conversation between the young man and Esposito never happened. London, pointing out that Esposito has convictions for sexual assault, said the older prisoner had "made overtures" to jail officials about moving Schanot into Esposito's housing area. ----------------------------------------------------------------------------- Hacked Off! Government, Firms Fight Computer Intruders April 7, 1996 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Colleen Bradford (St. Louis Post Dispatch) Every day, hundreds of people in front of personal computers try to sneak into corporate and government computer networks. Sometimes they just look around, sometimes they destroy data and sometimes they steal personal and classified information. Two weeks ago, law enforcement officials charged an Argentine, 21, with using the Internet to illegally break into computer networks at Department of Defense installations, the NASA, Los Alamos National Laboratory and several universities. The Justice Department is now seeking Julio Cesar Ardita, who accessed confidential research files on aircraft design, radar technology and satellite engineering. And Chris Schanot, 19, from High Ridge, was in court in St. Louis last week on charges of hacking. Schanot, who fled to Pennsylvania from St. Louis after graduating from Vianney High School last May, is accused in a five-count indictment of breaking into the computers of Southwestern Bell, Bell Communications Research, Sprint and SRI International, a research and development contractor with government contracts. His trial is set for June 10. Schanot, like other hackers, likely became addicted to the feeling of power that cracking into a private computer network brings, said St. Louis County Police Sgt. Thomas Lasater, who has been investigating computer crime for seven years. "Normally these young hackers do not use the computers for financial gain," Lasater said. "It's just a challenge for them to see what they can conquer." ----------------------------------------------------------------------------- Mike and Terry's Dreadful Adventure ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ by Elizabeth Weise (AP Newswire) Terry Ewing was late. His plane left in an hour and he was cutting it close. But he couldn't tear himself away from his computer and the hole he'd hacked into the security network of Tower Records. He kept poking around, looking for something interesting to take to the hackers' convention he was going to. Finally, five minutes before the airport shuttle beeped in front of his apartment, he downloaded a file containing 1,700 credit card numbers. "We didn't expect anyone was watching," he said seven months later - through an inch of Plexiglas at the Sacramento County Jail. Ewing had had second thoughts about taking the Tower Records file with him on July 31, so he left it on his hard drive while he and Kim hit DefCon, the biggest of the West Coast hacker gatherings, for a weekend of bragging, hanging out and messing around. "We never guessed they were onto us. Their security was so weak it really blew," the 20-year-old Kim says by phone from the sixth floor of the same jail that held his friend. He is facing an 18-month sentence.