informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/news/adshack.hac

182 lines
11 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

File: THE FBI GOES AFTER ADS HACKERS
Read 17 times
FBI GOES AFTER ADS HACKERS
[2600 - January 1984]
-------------------------------------------------------------------------------
IBM must press charges before action can be taken -- Feds reveal their tactics,
blow source
-------------------------------------------------------------------------------
We received this bombshell from an anonymous contributor. It seems that a
group of hackers was making use of one of IBM's ADS systems. (Audio
Distribution Systems enable users with touch-tone phones to send voice messages
back and forth to each other...) Unforturately, as is all too often the case,
one of these hackers was really an FBI informant who was taking note of all of
the illegitimate users (around 40 or so). Luckily for this particular group,
the informant was sloppy and left many telltale clues which gave them literally
months of warning. So, when the informant decided to send a message to the
system operator, advising IBM to take action against the hackers and to call
the FBI for more information, the hackers were ready. The system operator's
account had also been penetrated by them and hence, the message was received by
the hacker's first! One of them actually followed the instructions in the
message and called the FBI! And for some reason, the investigator there
thought he was talking to an IBM executive. This is some of what he said.
*****
One of the individuals that supplies me with information from time to time
has uncovered a lot of abuse within the ADS systems, not only here in the
United States, but in England and Italy. I talk to this individual on a
private bulletin board...
We have no ability to come in as an outside investigative or law enforcement
agency and do anything about it because, first off, we don't have a
complainant. We don't want to step on anybody's toes, but it's been our policy
to monitor bulletin boards and phone phreaking activity across the country and
advise commercial computer systems and corporations if we do discover certain
computers along with the passwords and account numbers being published on the
board. We do this on a one on one basis.
The GTE Telemail Connection
That was my baby, too! As a matter of fact, that's how we came across the
ADS system -- through the GTE investigation. [These] people are not just
interested in data communications through terminals -- they will leave voice
messages on an ADS. We have been slowly uncovering more and more on the ADS in
the last two months.
The major phase of [the Telemail investigation] was about 20 individuals
that we had located and identified and we're looking for indictments on most of
them coming down in the next month or two. We're talking about a group of
highly organized people that do communicate on a daily basis all the way across
the country -- from San Francisco and L.A. to Denver to upstate New York. So
we have a core of individuals that we are still looking at that are using your
system and then we have this peripheral that we are not as concerned about
because they are not part of an out & out conpiracy or an organized network,
per se. I know of at least 8 or 10 that are the central figures in this, the
carryover from Telemail. And we keep hearing information of other people who
are calling in with junk messages--there's no real substance to their messages.
Now the reason I know that is that they have included on of my sources of
information onto their system and so he gets messages from the other parties.
The Communist Connection
In a way we're somewhat fortunate that it's 16-year-olds or 26-year-olds as
opposed to people from behind the Iron Curtain. It gives us the opportunity to
see how these systems work and see if we can plug any loopholes before somebody
from a not-friendly nation would try the same thing. I personally fully expect
it -- I'm surprised it hasn't happened in the past. It may have. We just
haven't caught it. But the kids are a little bit sloppier and they're getting
caught...I hate to sound paranoid, but we're supposed to be concerned with the
big picture as far as is there anything sensitive in nature. For us within the
bureau, sensitive in nature first off means national security and you've got
corporate trade secrets and the like that you don't want being distributed.
How the FBI Wins Trust and Gets Info
The subjects have an ego problem and they love to talk to other individuals
about what they are capable of doing and braggin about it. They have a
tendency to trade information. Everything is negotiable with them. We have
never had to barter away access to systems -- we do it more on the technical
information of phone networks, computer systems, and the like to where it's
more of a technical information tradeoof as opposed to an access tradeoff. [An
example would be the] logon procedure for a PDP-11. You integrate yourself
within their confidence and their circle of friends. You feed them a little
bit of bait and a lot of times they'll go for it. You enter into a dialogue
with them and they end up taking you for a ride.
These people are very hungry for technical avenues through which they can
communicate. It used to be the personal computer bulletin boards -- public
messages that anybody can read. You start finding out that they leave a phone
number or address -- and you start finding out who the parties are. There's
thousands of these bulletin boards across the country and you narrow in on
maybe twenty or so that are the more hardcore bulletin boards that are being
used for exchange of illicit information. Then they move from there to an
electronic mail service, namely GTE Telemail. They caused fits within Telemail
when they decided to get a little bit cocky and see if they could shut down
accounts and change passwords of administrators and things like that. From
there they have moved one step further to where they are now the same
individuals communicating through the ADS systems and they also set up
conference calls through the Bell System, so they're not just attacking one
particular system or one individual avenue of communciatons -- they try to hit
them all. It's an ego trip for all of them.
Pen Registers
We would put a pen register on the phone line of the individual (suspect)
and it would record only the digits dialed on his telephone -- we would not use
a full blown wiretap to record his voice. We can only put a pen register on an
individual's phone for like, thirty days before we have to go back to a judge
an try to get an extension and we try to minimize the use of our electronic
surveillance equipment so the public does not think we're the Big Brother of
1984. (laughter) It's coming. Actually, we're already there! (hearty
laughter)
We have not utilized any pen registers for the specific purposes of going
aftr abusers of the ADS systems. First off, we have to have an actual case
presented to us or a complaint. It's a roundabout way of doing it, but it's
the way that we, in the bureau, have to have somebody outside com to us.
Otherwise we can carry on the whole investigation without IBM even being aware
that we are monitoring activity on thier system and we don't want to become
that secret police, or anything like that. We want to be above board and work
with the corporations in the community.
Just How Much Trouble Are These Hackers In?
On the federal level we can prosecute them for telephone fraud (fraud by
wire) if we can determine that the ADS in an ongoing busines operation and that
you are being denied your just revenues by them sneaking onto your system and
abusing your system. The strictest penalty is a $1000 fine and 5 years in jail
for an actual conviction of fraud by wire violation. Those are always lax -- a
more common sentence for an adult maybe a year in jail, 18 months, or a fine,
sometimes they get probation, or agree to pay back an fraudulent money obtained
or for service rendered or whatever to the client company -- it stays on his
record for a year, he's on probation for a year and at the end of that, his
record is wiped clean. Rarely do they get the maximum penalty. It just
doesn't happen.
Do Me a Favor
Please do not disclose any geographical location because we are kind of
unique in that we do not have any other source available in any other part
of the coutry that could supply us with information like this. He may be one
of 200 people, but if you identify Michigan you identify between 2 or 3
indiviudals and it may burn the source.
*****
We'd like to make it clear that we don't intend to do this kind of thing
very often, since rumours about certain people being informatns are very common
in this business. But this is no rumour. This, friends, is solid fact -- we
would not have printed this story if we were'nt able to substantiate the claims
it makes, and we had no trouble at all doing that. Our intent is making this
information known was not to screw up the FBI's fun (they're really not doing
all that much out of the ordinary anyway), but rather to expose a very
dangerous individual who goes by the name of Cable Pair (some say his real name
is John Maxfield). This person has been posing as an extremely friendly hacker
who lives in Detroit and is just bubbling over with technical information in
exchange for your secrets. He claims to have been one of the nation's first
phreaks, which may or may not be true. He gives out his telephone numbers
freely, will do anything to communicate with somebody (like place conference
calls on his own private PBX system, provided you give him YOUR phone number),
and generally will use anything you say to him against you in the future. Our
advice is simple: stay the hell away fromthis person. Even if you haven't
done anything wrong yourself, your life can still be made miserable by him if
you're even suspected of having contact with wrongdoers.
This latest turn of events has saddened us -- we thought Cable Pair would
be a promising contributor to this publication and instead we learned a
valuable lesson: don't trust anybody. Have fun, Cable Pair. Enjoy yourself.
Just don't expect to see any of us over at the Chestnut Tree Cafe with you.
You're on your own now. <>
SF][G8:ba003.010185
[Courtesy of Sherwood Forest ][ -- (914) 359-1517]
-----End of File
Call The Works BBS - 1600+ Textfiles! - [914]/238-8195 - 300/1200 - Always Open
Call The Works BBS - 1600+ Textfiles! - [914]/238-8195 - 300/1200 - Always Open

Reference in New Issue View Git Blame Copy Permalink