CART0669,CART0470

“Get a Personal Trainer for Your Computer!”©

NOTE:  Items highlighted in RED are defined elsewhere in this Glossary, while items highlighted in BLUE are site links for further information.

With the advances in technology often come the abuses of those advances.  Computers have been no different.  Store something secret on a computer and it’s an open invitation for outsiders to hack it.  Over the years, there have been scores of world class hackers.  Some have created infectious viruses, others have intruded into supposedly secure systems for fun or to steal information or make money.  But a handful of “black hat” hackers clearly stand out above the rest:

THE 1980s - GROUPS THAT CREATED AWARENESS

The_414sTHE 414s:  A group of friends and computer hackers who broke into dozens of supposedly secure enterprise computer systems, just for the fun of it.  They hacked Los Alamos National Laboratory, Sloan-Kettering Cancer Center, Security Pacific Bank and others in the 1980s. They originally met as members of their local Explorer Scout troop (sponsored by IBM) and the 414 designation was taken from the area code of their hometown, Milwaukee, WI, because they realized that other gangs took their names from zip code and street designations.  Remember that there was no WWW or broadband connections at that time, only telephone modems and BBSs, so the hacks were done with brute force dialing over telephone modems.  And most computers had only administrative accounts with very basic passwords, so hacking the entire computer and network was quite easy.  Their leader was said to be Neal Patrick, mainly because his photo was the face of the group on Newsweek’s cover on September 5, 1983 (recently shown on the 2015 TV show Halt and Catch Fire.).  Other members included Gerold Wondra and Timothy Winslow.  Most saw them as a kind of harmless hacker group, a la War Games, but the FBI investigated them in 1983. Despite grumbling by the hacked companies, the 414s vehemently denied that any damage was done.  PatrickNeal_Patrick_Newsweek became the face of the group, mostly because he was a minor and therefore exempt from prosecution and he was granted immunity since he cooperated with the FBI and testified before Congress about the easy of the hacks due to poor password and security on the computers.  (The others, not minors, got off with a $500 fine and 2 yrs. probation each.)   They all went on with their lives, which didn’t include computer careers. CNN has a great short video about them, that can be found HERE.  Their actions did result in the enactment of six computer hacking laws, still on  the books today.

LophtLOpht:  A group of eight young male hackers from Boston which in May 1998 informed a panel of U.S. Senators (including John Glenn, Joseph Lieberman and Fred Thompson) that sounded the warning that the Internet (then, of course, in its infancy) was inherently unsafe.  Named after the loft above a carpentry shop in Boston’s South End that the group frequented after one of the hackers’ girlfriends tired of the mess in their apartment, it’s members have varied.  The sign on the clubhouse states “Dominos - Knock Loudly”.  The original members included Brian Hassick (Brian Oblivion),  Chris Thomas (Space Rogue), Dildog, Pieter Zatko (Dr. Mudge), Stephan von Neumann, Chris Wysopal (Weld Pond), Kingpin, Silicosis and John Tan (some of which are screen names for real names).  Generally, their legacy was one of “responsible disclosure,” later known as White Hats, although both Mudge and Dildog were members of the black hat Cult of the Dead Cow. Lopht_Logo But their life wasn’t easy and almost none had commercial success, as they were before their time and fear ruled the Internet, both on the governmental and commercial sides.  They’re still around, providing security consulting and software on the internet (like OphCrack, a password decoder).

LESS BENIGN HACKER GROUPS

THE GREAT HACKER WAR:

THE MASTERS OF DECEPTION (“MOD”) were a group of hackers based in New York who used the U.S. phone system in the 1980s to hack into government and corporate networks.  MOD engaged in a rivalry with the LEGION OF DOOM, another hacker group, which became known as the GREAT HACKER WAR.  Several of the MOD served brief jail terms for their hacking.

The figurehead for  the Legion of Doom was Loyd Blankenship, whose secondary claim to fame was his authorship of “The Hacker Manifesto (The Conscience of a Hacker)” which he wrote after his arrest in 1986.  (It was even mentioned in the 1995 film “Hackers” starring Angelina Jolie.)

MOD photo

ANONYMOUS:    A hacktivist group started around 2003 which is comprised of a loose coalition of members with no leader and unidentified members which communicate over various imageboards, wikis and blogs and which is generally opposed to censorship and Internet surveillance.  In public, its members are distinguished by the wearing of Guy Fawkes masks (see photo).  Over the years, Anonymous has claimed responsibility for actions such as Denial of Service (“DoS”) attacks against entertainment corporations, the U.S. Government and Church of Scientology, as well as Hal Turner and the KKK, pedophile Chris Forcand and many others, the Westboro Baptist Church, the Steubenville rapists, Kenny Glenn (the YouTube cat torturer), and various opressive African Regimes to name a few. In early 2012, some members were uncovered and jailed for attacks against Paypal.  Click HERE for their most notorious hacks.  But on a positive note, in 2015, Anonymous announced that t was using its hacking skills to block and invade ISIS and Al Quaeda communications over social networks like Twitter and Facebook.  Same for the KKK, also hacked as a public service by Anonymous.  Moreover, another hacker group, Ghost Security Group, a group of ex-military, counter-terrorists and IT types, led by Digita Shadow, has been helping the U.S. government hack ISIS, with positive results.  Good for these hackers!

we are anonymous
Ghost Security Group logo

THE REAL BLACK HATS

KEVIN MITNICK:  This guy’s got to be hands-down the most famous hacker in modern history.  He’s been called “most wanted computer criminal in U.S. history” by the U.S. Dept. of justice.  It would be a shorter list to describe what he hasn’t hacked.  He became famous for breaching the U.S. national defense warning system, stealing corporate secrets and being a general menace to the government and corporations.  He has served a couple of prison sentences and now runs his own white hat consulting company, supposedly having given up the criminal life.

Kevin Mitnick photo
Kevin Poulsen photo

KEVIN POULSEN:  Also known as “Dark Dante” and called the “Hannibal Lecter of computer crime” by the media.  Like Mitnick, he hacked into the FBI and stole wiretap information, as well as using his intricate knowledge of telephone systems to win game shows.  Also like Mitnick, he served prison time, paid $56,000 in restitution and supposedly changed his ways by becoming a journalist.

ALBERT GONZALEZ:  Also known as “segvec”.  This guy made a name for himself by leading the so-called “TJX identity theft ring” (TJX referring to the retail chain that owns TJ Maxx and other stores), which stole 36 million credit card and ATM numbers (about 70% of which were expired) and costing TJX about $170 million.  Also, as leader of the “ShadowCrew,” he stole credit card numbers, fraudulent passports, health insurance cards and birth certificates which were sold online for profit.  In 2010 he was sentenced to 20 years in prison, primarily for the TJX debacle, which was the longest sentence ever for a U.S. hacker.

Albert Gonzalez photo

JONATHAN JAMES:  Also known as “c0mrade”.  In 2000, at the young age of 15, he hacked into the U.S. Dept. of Defense, NASA, Bell South, Miami Dade network and other U.S. systems.  His hack of NASA shut down the network for three weeks and revealed that he had already downloaded enough source code to show how the International Space Station operates. He was the first juvenile hacker in the U.S.  to be sentenced to juvenile detention for his crimes.   In 2008, a raid resulted in charges that he was the ringleader for what was then dubbed “the largest identity theft in U.S. history”.  Two weeks later, although protecting his innocence, he committed suicide.

Johathan James photo

GARY MCKINNON:  Also known as “Solo” because he left a threatening note on one Army computer with that name.   Known as the largest military computer hacker, in 2001-2, this British hacker illegally intruded into 97 armed forces and NASA computers, deleting some files, installing hacking software and disabling hundreds of computers.  His novel explanation was that he believed that the U.S. was covering up the existence of UFOs.  Like Lamo, he suffers from Asperger’s syndrome.  Since he wasn’t a U.S. citizen, he fought extradition and still hasn’t been sent here for trial.

Gary McKinnon photo

ADRIAN LAMO:  Also known as “the homeless hacker” because he sometime lived in abandoned buildings.  He broke into the networks of many major internet companies like Excite, MCI, Yahoo, Microsoft and Google.  But his hack of The New York Times (from a computer at a Kinko’s) got him into the most trouble, causing him to negotiate a plea bargain for 6 months of house arrest.  Like McKinnon, he suffers from Asperger’s syndrome.  In June, 2013, he claimed to have reported Bradley Manning to the police, supposedly in his capacity as a journalist.

Adrian Lamo photo

JOHN DRAPER:  A rather eccentric character and a close friend of Apple co-founder Steve Wozniak, who became known as the first “phone freak” because of his discovery that a toy whistle in a cereal box could be used to imitate telephone keypad tones, leading to his development of the “blue box”.  It earned him the moniker “Cap’n Crunch” after the cereal brand.  The former U.S. Air Force technician served two stints in prison for phone fraud and never really recovered or used his skills for consulting.

John Draper photo

MAKSYM YASTREMSKY (Internet handle: Maksic):  Allegedly the most prolific credit card hacker in the world.  He’s stolen over 40 million credit cards, mostly from U.S. based retailers (but not the recent Target credit card hack), costing the credit card companies over $11 million.  He was arrested, with the cooperation of the U.S. Secret Service, in Turkey, where he is currently serving a 30 year sentence.

Maksym Yastremsky
Richard Pryce photo

MATTHEW BEVAN (“KUJI”) AND RICHARD PRYCE (“DATASTREAM COWBOY”):   These two Brits worked together hacked their way into multiple U.S. government military systems.  The feds, who were at the time negotiating with North Korea over nuclear weapons, became concerned that the duo’s infiltration of a North Korean computer system using a hijacked U.S. military computer could not just have derailed the negotiations, but possibly have caused a war.  

LIZARD SQUAD:  A group of hackers credited with the responsibility for breaching the Sony internal network, tweeting a bomb threat to American Airlines, disrupting Playstation and Xbox customers in Christimas 2014, an attack on the Malasia Airlines website and breaching the Cox Communications Network in 2015.  The group, which includes members Obnixious, Vinnie Omari and Julius Kivmaki, uses DDos as its primary weapon and often targets gaming-related services. 

Lizard Squad

WHILE NOT HACKERS IN THE SENSE OF PURPOSEFUL INTRUDERS, THE DEVELOPERS OF THE FIRST VIRUSES WERE ALSO HACKERS IN THE SENSE THAT THEIR UNWANTED WORK ATTACHED ITSELF TO MILLIONS OF COMPUTERS, THE MOST FAMOUS OF WHICH ARE DISCUSSED BELOW:

ROBERT TAPPAN MORRIS:  In 1988, while an undergraduate at Cornell, he created and released arguably the first computer virus, the Morris virus, which infected and seriously damaged about 6000 Unix based computers.  It was so bad that Pal Spillng, the Norwegian computer pioneer who achieved getting the very first ARPANET node outside of the U.S. in 1973, actually shut down the entire Internet in Norway, out of fear of the Morris worm, after warnings from the U.S.  Morris  was also the first person convicted under the 1986 Federal Computer Fraud and Abuse Act (see LAWS), sentenced to three years probation and 400 hours of community service.  He claimed either that he was bored, or that he was only trying to measure the size of the still evolving Internet, or trying to impress a prostitute, depending on when he was asked.

Robert Tappan Morris photo

DAVID L. SMITH:  The author of the notorious Melissa worm virus, which was the first successful e-mail macro virus distributed in 1999.  It’s often said that it was named by Smith after a Miami stripper.  It was circulated in the Usenet discussion group “alt.sex” and caused it to be resent to the first 50 entries in users’ address books, increasing exponentially.  On March 26, 1999 Microsoft actually had to shut down its Outlook servers as a result of this.  His actions resulted in his arrest and sentenced to jail time for causing over $80 million of damage, mostly because by overloading servers by clogging them with infected e-mails.  

David L. Smith photo
Sven Jaschan photo

SVEN JASCHAN:  While still a teenager in 2004, he wrote the Netsky and the Sasser worms.  It was estimated that these two viruses were responsible at the time for 70% of all the malware over the Internet.  He received a suspended sentence and three years probation for his actions. 

HONORABLE MENTION

MICHAEL  CALCE (MafiaBoy) - This Canadian 15 year old launched a series of DDoS attacks against such high profile sites as Yahoo and E-Trade in 2000.  He was part of a hacking collective known as “TNT” which launched the attacks in order to demonstrate their hacking dominance.

Michael Calce

WALTER O’BRIEN (Scorpion) - Yes, this guy really exists.  This kid living in Ireland was only thirteen when he started hacking ARPANET, using the name Scorpion as his login.  It became the name for the U.S. TV series of that name.  It isn’t documented, except by O’Brien’s own word, that he is a genius.

Walter O'Brien
Kim Vanvaeck

KIM VANVAECK (Gigabyte) - This sixteen year old girl, who wrote viruses toying with Sophos Security was arrested at age 19 in 2004.

George Hotz

GEORGE HOTZ (geohot) - He wrote the first iOS jailbreak tool and reverse engineered the PlayStation3 for hacks.

Jonathan Gillette

JONATHAN GILLETTE (why/why the lucky stiff) - A hacker who became somewhat famous in the 2000s as a common presenter at the Ruby conferences, who disappeared on August 19, 2009 after he was outed by an anonymous website.

So who’s on the FBI’s current top list of cyberhackers? 

Evgeniy Bogachev1.  Evgeniy Mikhailovich Bogachev (a/k/a “slavik” or “lucky12345”; Russia, $3 million reward), Mastermind of the Zeus trojan horse that steals bank account numbers, passwords and security questions that can be used to seize control of a bank account without raising any red flags for banks.

Popescu2.  Nicolae Popescu (a/k/a Nae or Stoichitoiu) (Romania, $1 million) - Head of a gang which set up fake auctions on sites such as Cars.com and AutoTrader purporting to sell cars which didn’t exist.  Wanted for money laundering, passport fraud, trafficing in counterfeit service marks and conspiracy to commit wire fraud.

 

Belan3.  Alexsey Belan - (a/k/a Magg, M4g, Moy.Yawik, Abyrvaig) ($100,000) - Stole consumer data from three e-commerce sites in Nevada and California, selling it to criminals in the underground market.

 

Sahurovs4.  Peteris Sahurovs (Latvia, $50,000) - Posing as a fake hotel chain, he sold ads containing malware to news web sites, where users’ computers were locked by the malware and ransom was demanded to unlock them.

 

Jain5. Shailesjkumar “Sam” Jain (U.S., $50,000) - Used tons of pop-up ads to convince users that their computers were infected with viruses, then sold bogus software for its removal.

 

Firas Dardar2 6. Firas Dardar (a/k/a The Shadow, Ethical Dragon and Ethical Spectrum (Syria, $100,000) - Wanted for his alleged involvement in the Syrain Electronic Army (“SEA”) which, between September, 2011 and January, 2014, committed numerous attacks and cyber-extortion against the U.S. government, media and private companies.

Ahmed al Agha 7. Ahmed Al Agha (a/k/a Th3 PrO) (Syria, $100,000) Also responsible for cyber criminal involvement for the SEA (see Dardar, above).

 

8. Jabberzeus Subjects (Russia, $0) - A group wanted for racketeering and participation in the Zeus virus (see Bogachev, above), including Ivan Viktorvich Klepikov (a/k/a petrOvich, nowhere), Alexey Dmitrievich Bron (a/k/a thehead) and Vyacheslav Igorevich Penchukov (a/k/a tank, father).

Carlos Enrique Perez-Melara 9. Carlos Enrique Perez-Melara (San Salvador, $50,000) - Involved in a spyware program (Email Pi, later LoverSpy) which was designed as software to “catch a cheating lover” but actually delivered a payload which collected keystrokes, passwords, correspondence, browsing history and other data from unsuspecting users, then delivered that information to purchasers.

Sun Kailiang 10. Sun Kailiang (China, $0) - One of five members of the People’s Liberation Army (“PLA”) of the People’s Republic of China, charged with 31 criminal counts, including theft of trade secrets from U.S. companies (nuclear plant designs) and identity theft, economic espionage, and other crimes.

Huang Zhenu 11. Huang Zhenu (China, $0) - Worked with Kailiang, above, to obtain information and data from U.S. companies that were in talks with or had legal action with companies in China by accessing their networks and stealing information, damaging computers and networks.

Wen Xinyu 12. Wen Xinyu (China, $0) (a/k/a WenXYHappy, Win_XY, Lao Wen) - Worked with Zhenu and Kailiang, above with the PLA.

GENERAL OBSERVATION:  Just like the WHISTLE BLOWERS, despite all the bluster from the Government at the time these leaks occurred, there have been surprisingly few convictions of these hackers, either because they are not in the U.S. or the cases are difficult to pursue or it’s better to turn them into white hats.

However, just when you think prosecutors may not be doing their job, you can be surprised:

On July 25, 2013, Federal prosecutors in New Jersey brought what they called the largest hacking and data breach case in the country, charging five people with running an organization that hacked the computer networks of more than a dozen corporations, stealing and selling at least 160 million credit and debit card numbers. Hacked were JCPenney, 7-Eleven, JetBlue, Heartland Payment Systems, Carrefour, Citibank and Nasdaq.   Losses ran into the hundreds of millions of dollars.  The defendants were four Russian nationals and a Ukrainian, and the attacks ran from 2005 into 2012.

Marcel LazarThen,  on September 1, 2016, the U.S. DoJ sentenced hacker Marcel Lazar Lehel (a/k/a Guccifer) to 52 months in prison for unauthorized access to a protected computer and aggravated identity theft. He was originally from Romania, but was extradited to the U.S. for trial.   While it was determined that he broke into the e-mail and social media accounts of over 100 U.S. officials including former U.S. Secretary of State Colin Powell as well as the daughter of former President George H.W. Bush, but (supposedly) not Hillary Clinton’s private e-mail server in 2013 as he had claimed.  In many instances, he publicly released his victims’ private e-mail correspondence, medical and financial information and personal photographs.  He wasn’t on the DoJ’s top 10 list, but probably got their attention due to the high-profile nature of those he hacked.

FOR MORE SEE THE SPYWARE, PRIVACY, ARE YOU BEING WATCHED AND WHISTLEBLOWER PAGES.  And WHAT’S HACKING REALLY LIKE?

BACK TO ”GLOSSARY H”...

CLICK TO SHARE THIS PAGE

CLICK THE FIRST LETTER OF YOUR ACRONYM OR TERM TO SEARCH GLOSSARY:

D

U

A

B

C

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

V

W

X

Y

Z

© Computer Coach.  All written materials are the sole property of Computer Coach (unless otherwise attributed) and no part of this website may be used in any format without the express written permission of Computer Coach.