October 23, 2024 • 42 mins
Cybersecurity company Kaspersky has a list of the most notorious hackers of all time. We look at three of the entries, from the loose confederation of hackers called Anonymous to a hacker responsible for stealing millions of credit and debit card numbers.
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:04):
Welcome to Tech Stuff, a production from iHeartRadio. Hey thereon
Welcome to Tech Stuff. I'm your host, Jonathan Strickland. I'm
an executive producer with iHeart Podcasts and How the tech
are You? So I thought I would talk about hackers today,
(00:25):
and the word hacker these days is almost exclusively used
to describe people who, through one means or some other means,
find a way of infiltrating computer systems. But the term
hacker has a more broad definition. It really describes anyone
who's interested in taking stuff apart to learn how it works,
(00:46):
and maybe even putting it back together again so that
it does something it wasn't intended to do when it
was built originally. Now that thing might be a computer
or a mobile device, it might be a system. Hacking
can mean lots of different stuff. I mean, that's where
we get things like life hacks, which often end up
(01:07):
not being hacks at all. There's some life hacks out
there that I think we're just jokes that then were
spread sincerely by other people, because y'all, it doesn't make
any sense to just to take the top of a
squirt bottle off and invert it to turn it into
a funnel that that hole at the bottom is way
too small for that anyway, you know what I mean.
(01:29):
But sometimes people just want to figure out how something
works and taking it apart is the best way to
do it. Or maybe they want to figure out how
to manipulate whatever it is in order to unlock its
full potential. Like there are computers out there that have
certain clock speeds that's essentially how fast the processor is
(01:49):
able to complete operations per second, and often there are
limiters placed on the clock speed, and if you figure
out how to remove those limitters, you can make your
computer operate a lot faster. This has trade offs. It
usually means more power consumption and more heat generated and
(02:09):
potentially can actually damage your machine. But that's one example, right,
you can unlock the full potential of your computer something
that was intentionally restricted from operating at full capacity. Or
maybe you just want to figure out how to use
a paid service for free. The phone freakers of the
nineteen seventies fall into that category. These are folks who
(02:32):
found ways to manipulate the plain old telephone system or pots,
so that they could do stuff like make free long
distance phone calls. They did it with all sorts of
different ways, mostly by producing specific tones into a telephone
and then being able to make free phone calls. Good
old capt'n Crunch used to do that using a whistle
(02:53):
from a capt'n crunch box. But over time, the world
at large has started to use the word hacker to
mean someone attempt to gain a legal access to a
computer system, either in order to snoop around or create
a means to infiltrate the system whenever they want by
putting in a back door, or steal information from someone,
or inject malware into a system, or some combination of
(03:16):
all of these things. So today I thought we'd chat
about three notorious hackers. Actually that's not even true. Two
notorious hackers and one hacker conglomerate. So I decided to
raid a list that was created by Kasperski Labs. That's
a Russian computer security company that's had a pretty rough
go of it as of late due to being based
(03:36):
in Russia. Here in the United States, essentially they've been
banned from being used in various agencies and companies. But
Kaspersky has a very long history with cybersecurity, and I'm
going to start with number two on the Kaspersky list,
because it's not so much as a person as it
is a collective. This is that conglomeration I was talking
(03:59):
about now. It is not unusual for hackers to form
loose collectives. That happens a lot. Some hackers might belong
to more than one collective, and they might share resources
and motivations and goals. But one very very loose group,
and it's not just hackers, but hackers make up a
(04:20):
good number of them. It's a group that's caused headaches
for numerous targets for more than twenty years. Now. Is Anonymous,
as in that's what they're called big A Anonymous. I'm
not sure if the association is as strong as it
once was, like in the two thousand teens. But when
I think of Anonymous, the image that always comes to
(04:42):
my mind is a Guy Fawkes mask. That's really kind
of emerged in around two thousand and eight. Really, several
folks claiming to represent Anonymous have worn such masks, particularly
in the early days, like that became kind of a
symbol for the group. I don't know that it's as
strongly associated with them these days, honestly, but they grew
(05:02):
out of the online image based forum four Chan, which
has spawned many things terrible and otherwise over the years,
mostly terrible. If I'm being honest, A lot of terrible
stuff came out of four Chan. The origins of anonymous
were humble and juvenile. Some folks on four Chan would
meet in various virtual spaces in order to coordinate efforts
(05:25):
to torment various online communities through the age old practice
of trolling. So they were essentially just creating conflict online
for the lulls, and that was it, Like, that was
their goal, get some amusement by making other people really mad,
and they often like to aim at online communities that
(05:46):
were catering to kids. You know, some folks just like
to watch the world burn. Honestly, making people mad is
not hard to do, right, It's a pretty easy thing.
I guess the thrill was having, you know, this big
impact on someone's mentality, and that that was the thrill.
But I would argue you should just raise the bar
(06:06):
a little bit, like, yeah, you can make people angry,
but that's not very hard to do for most folks,
So why not set yourself a really challenging goal, like
make people happy. That's a lot harder to do. Anyway,
from about two thousand and three to two thousand and seven,
Anonymous wasn't really much more than just a bunch of
folks trying to get their kicks by ticking off other people. However,
(06:29):
starting in two thousand and seven, the group began to evolve,
partly due to a misapprehension the media had about the
very loose association of trolls. So media reports were starting
to suggest that Anonymous was far more organized than what
it was, and far more motivated, and most importantly, way
(06:51):
more capable of causing harm than the group actually was.
This included footage that would have like stock images of
cars exploding and stuff, implying that Anonymous was capable of
real world violence. And this is kind of like if
a reporter saw a bunch of kids playing cops and
(07:12):
robbers and then did a feature about how this dangerous
gang was taking over the city. It was a lot
of exaggeration. The pranksters at Anonymous found this to be
pretty darn amusing, and also it was stroking their egos right, Like,
if you are mostly a low level troublemaker, but you're
being portrayed as like some sort of mastermind, that's really
(07:35):
gonna stroke your ego. In another case, the Canadian Security
Intelligence Service reached out to one member of the group,
a guy named Aubrey Cottle, and they thought Coddle could
help disrupt online terrorist organizations, essentially infiltrate and then disrupt
these terrorist cells online. And Cottle was like, I don't
know where they got the idea that I could do this.
(07:57):
I mean, I'm just stirring up, you know, mess. We'll
say this is a family friendly show, after all, will
stir stuff up online. I'm not really here to break
up terrorist cells. But having folks think you're a much
bigger deal than you are can be kind of fun.
And it got some folks thinking about actually using their
(08:17):
perceived power to do something more than just riling folks
up on the Internet, so it kind of became a
bit of a self fulfilling prophecy. This grew into Project Chenology,
in which the group targeted the Church of Scientology. So
Church of Scientology, that's a whole topic that is beyond
(08:38):
the scope of tech stuff, but has a long history
of some really manipulative and oppressive policies that pull people
into the church, keep them there, and exploit them extensively.
So this is the time when the Guy Fawkes masks
started showing up. If you don't know who Guy Fawkes was,
(09:00):
he was one of several terrorists really in the seventeenth
century who planned to blow up Parliament and potentially assassinate
the King of England. But their plot was uncovered and
the members of the plot were put to death, including
(09:20):
Guy Fawx himself, who was not the leader of the group,
but was a member of it and has largely been
associated with that and then was appropriated by Alan Moore
in his v for Vendetta graphic novel, and so he's
sort of become a symbol of anti authoritarian practices, like
it's like a vigilante sort of thing. So members would
(09:43):
be wearing Guy Fawkes masks and show up in videos
and speak out against the church. Usually they would have
their voice distorted in the video as well. Members also
got access to web pages that belonged to the Church
of Scientology. They were able to get administrator access to
these pages and then defaced the web pages. They also
launched d DOS attacks on the organization, and they organized
(10:05):
in person protests outside of Scientology properties. Now in case
you're not familiar with the term d DOS, that stands
for distributed denial of service. Now, essentially a d DOS
attack is all about overwhelming a target. So typically we're
talking about a web server, so machines are programmed to
follow specific routines. The way web servers work is that
(10:29):
they receive requests from clients. A client is just someone
else's computer tech technically computer browser, and the server responds
by sending data to the client. So, if you want
to visit a web page and you type the URL
in your browser bar, your browser, which is the client
in this case, sends a request out over the internet.
This request eventually routes to the appropriate web server, which
(10:52):
then responds to the request and sends back a web
page so that you can view it in your browser. Well,
in order for this to work, the server can't just
ignore incoming requests. You know. Imagine you're on your browser
but you type in a URL for a web page
and nothing happens, or maybe you get an error message
because the server has decided to deny your request for
whatever reason. In most cases, the server is more or
(11:15):
less compelled to answer every single request. Well, you can
flip that and turn it into an attack because if
you send countless waves or requests to a web server,
then you can overwhelm that web server so it can't
do anything useful. Like other people who are just legitimately
trying to access the server get timed out or denied
(11:35):
because it's too busy responding to all these ridiculous requests
that are flooding in. That's a denial of service attack. Now,
what makes a distributed denial service attack is when hackers
compromise other machines. Some hackers might compromise machines in order
to access data on the affected devices, but others are
(11:56):
just happy to siphon away a little bit of computing
power and some connectivity, and they turned these affected computers
into bots. And then you get an army of these bots,
and you direct the army to send countless messages to
your target web server, and the hacker meanwhile remains shielded
because they're not the ones sending the messages to the
(12:16):
target server. Their army of bots is doing it. That
is a distributed denial of service attack. So Anonymous made
liberal use of that tactic, particularly in the early days,
but then throughout its history they've held de dos attacks
against different targets, and from that point forward, Anonymous became
more associated with hactivism than with trolling, though a lot
(12:37):
of the activist activity borrowed liberally from the trolling days,
and once in a while they would just engage in
trolling as well. The group has targeted numerous individuals and
organizations for lots of different reasons. Generally speaking, Anonymous tends
to follow a slightly leftist approach with very strong libertarian principles. Now,
not all of their targets have been large organized bastions
(12:59):
of authoritarianism. For example, McKay hatch wasn't exactly an institution.
McKay hatch was a kid who was running a website
called The No Cussing Club, and members of Anonymous doxed
him and launched a campaign of harassment. So I guess
their love of cussing was just too damn strong. But
other targets were definitely more high profile. Anonymous was generally
(13:21):
speaking on the side of wiki leaks and carried out
a few attacks on various government servers around the world
in protest of the persecution of people like whistleblower Chelsea Manning,
for example. Many members of Anonymous have supported social causes
like Occupy Wall Street and Black Lives Matter movement, but
the group is not formally organized, and generally anyone can
(13:43):
take action in the name of Anonymous, but the rest
of the group might distance themselves from those kinds of people.
For example, in the early days of anonymous activism, a
group claiming to be anonymous got access to the web
page for the SOHH or Support Online Hip Hop news website.
The hackers deface the website, and they included the use
(14:04):
of stuff like racial slurs and stereotypes, which is pretty
darn tacky. The attackers claim to be anonymous, though the
group as a whole, as far as I can tell,
made no such claim. And in other cases you might
have a member who convinces a subset of Anonymous the
anonymous community to work together towards some goal, and they
can create a little splinter group or spinoff group. It's
(14:27):
very loosey goosey. The hacking skills and anonymous also run
the spectrum. There are undoubtedly some accomplished hackers among the group,
while others fall more into the realm of script kitties.
These are folks who have downloaded tools that do most
of the work for them. But because membership is fluid
and you know Anonymous, I can't really give more specifics
(14:48):
than that. I can talk a bit more about Anonymous
before we move on to our next hacker. But before
we do that, let's take a quick break to thank
our sponsors. So we're back. I've got a little bit
more to say about Anonymous before we move on. Some
(15:10):
high profile operations that are at least suspected to be
the work of Anonymous, because again, the loose organization of
the group means that some operations could be the work
of a subset or a splinter group of the overall
group and not reflective of the group as a whole.
Because of its loose association, it's really hard to attribute
(15:30):
anything to the overall group, Like even something that might
have the support of most members of Anonymous might not
have total support. So the nature of Anonymous itself makes
it difficult to use any definitive phrases. But Operation Darknet
was one that Anonymous engaged in. Anonymous went after sites
(15:52):
that hosted child pornography. They infiltrated some of those sites.
They skimmed user information and published user information online, essentially
revealing people who were frequently going to these child pornography sites,
and they called for law enforcement to take action against
the pornographers. So that was one of those cases where
Anonymous said it was taking up action to defend the
(16:15):
defenseless and to call for justice against people who were
committing really terrible acts against vulnerable folks, in this case children.
In twenty twelve, Operation Russia targeted several high profile Russian
officials and exposed a scheme in which these officials were
apparently paying bloggers to promote pro Kremlin and more to
(16:37):
the point, pro putin propaganda. Operation Bahrain was actually not
targeting Bahrain directly, but Formula one. So why do that? Well,
at the time, the Arab Spring was in full bloom.
That was a series of protests and movements throughout the
Arab world in which citizens were protesting against various authorities,
(17:00):
government officials and regimes and agencies, and Formula one was
preparing for the twenty twelve Bahrain Grand Prix in cooperation
with the government, and Anonymous was siting with the anti
government protesters and viewed Formula one as participating in sportswashing,
that is, using a sporting event to spread government propaganda.
(17:22):
During the operation, Anonymous carried out DIDOS attacks against Formula
one and leaked information gathered during a data breach on
Formula one systems. In more recent years, Anonymous members have
participated in operations against Israel in protests for that country's
ongoing conflict with Palestinians, as well as an operation targeting
(17:42):
Russia for its ongoing war against Ukraine. And it's been
more than twenty years since a group of Internet trolls
started just causing grief online, and the group is still
active today, possibly because it is so hard to define.
I don't know that you could call it the same group.
In fact, I don't know how many people who were
(18:03):
part of Anonymous in the earliest days are still active
in the community today. I do think if we're going
to talk about Anonymous, one place to start is just
the group's own slogan. We are Anonymous, we are legion.
We do not forgive, we do not forget, expect us. Okay,
(18:25):
with that cheerful message, let's swap on over to a
different hacker, someone who was very much identified, someone who
was responsible both for committing several high profile, high impact
acts of theft and wirefraud as well as a guy
who helped take down other hackers. His name is Albert Gonzalez,
(18:45):
and he sometimes went by handles that included soup Nazi
as a Seinfeld reference or Kumba Johnny So. Gonzalez was
born in nineteen eighty one in Cuba and brought up
in the United States, and he was interested in computers
at a young age. According to a piece written by
James Verini in The New York Times magazine back in
(19:06):
twenty ten, an early hint that the young Albert Gonzalez
was a potential thorn in the side of the law
came in the nineteen nineties when it was discovered that
he had penetrated NASA's computer systems when he was just
fourteen years old. The FBI paid him a little visit
at school about that. Apparently he had developed a rather
(19:28):
distinct disdain for authority, and meanwhile, he and some friends
were fascinated with learning how various systems worked. Now he
was more interested in systems than in programming. He liked
learning how networks worked, and not just computer networks, but
like networks of people. He would probe at these different systems,
(19:50):
and often it didn't take very long for him to
find a vulnerability. So back in the early days of
the Internet, security protocols were very much a work in
pro and not everyone was on the same page. A
lot of people and companies had incredibly lacks security practices,
and you could think of that as just being a
(20:12):
common feature in the Internet, kind of like how the
web pages at that time almost all had the obligatory
under construction graphic posted somewhere on their web page. Now, Gonzales,
like I said, he wasn't really a coder a programmer.
He would rely on other hackers for building code instead.
He was just really good at understanding how systems worked
(20:35):
and then navigating through those systems and finding the valuable
information stored within them. He was also really adept at
social engineering. He was great at manipulating people to get
what he needed, whether that was a login password or
information about Wi Fi networks or whatever. He also was
reportedly a pretty serious drug user. Typically he relied on
(20:59):
stimulants like cocaine when he was pulling long hours while
infiltrating systems, and that would become a pretty big issue
for him. Among his go to activities would be sniffing
out credit card numbers either by finding a database belonging
to say, a business like a retailer, and then just
siphoning off numbers that were stored in there, because not
(21:21):
everyone stored their numbers and encrypted formats, which meant if
you had access to the database, you had access to numbers.
He also made friends with other hackers who specialized in
building programs specifically to skim credit card numbers, one of
those being Stephen Watt, who was sometimes known by handles
like Jim Jones or sometimes the Unix Terrorist. And as
(21:42):
a young adult, Gonzales joined a group of like minded
hackers that would call themselves the Shadow Crew, and it
was kind of like a forum for hackers, but not
just that, it was also a trading place. At Shadow Crew,
people could buy and sell information like stolen credit card
or debit card numbers, and they also could find tutorials
(22:04):
about how to carry out various criminal activities and how
to do things like how to get blank cards and
then emboss them and print magnetic strips on them and
imprint the stolen card information you had onto card blanks
so that you could then take those cards to like
an ATM and potentially withdraw tons of cash in the process.
(22:28):
In fact, that's actually what Gonzales was doing when he
first got caught. Shadow crew had built up an enormous
database of stolen card numbers, and Gonzales had made a
bunch of fake cards, and he set out to hit
some ATMs in North Manhattan in New York City. By chance,
there was this plain clothes NYPD detective who just spotted
(22:50):
Gonzales and thought Gonzales looked an awful lot shady. Gonzalez
was wearing a woman's wig at the time and a
fake nose ring, and the detective was actually on the
lookout for a totally different kind of criminal because there
had been some car thieves who had been hitting some
neighborhoods in Upper Manhattan, and so this detective started following
(23:11):
Gonzalez thinking that maybe he found one of the people
who had been boosting cars in the area. But it
wasn't cars that Gonzalez had boosted. It was card numbers,
not cars. So the detective follows Gonzalez, sees Gonzalez go
up to an ATM notices that Gonzalez is very likely
in disguise, like he's wearing like a hoodie and everything,
(23:31):
but also, like I said, a wig and a nose ring,
and Gonzalez starts using cards to access an ATM and
withdraw cash, and then just switch to a different card
and withdraw more cash. So the detective figured that Gonzalez
wasn't stealing automobiles, but he was definitely doing something that
was questionable. And so Gonzales got picked up by the police,
(23:54):
not because the cybersecurity team figured out who he was,
but because someone in the real world spotted him and
suspected that something was pinky. So Gonzalez ended up turning
informant on the Shadow Crew. This was largely to protect
himself so he wouldn't have to go to prison, and
he thought, well, I can end up helping the law
(24:15):
enforcement identify and catch other hackers. Now, Gonzales didn't necessarily
know who everyone was in Shadow Crew. In fact, he
didn't know who most of them were. The whole point
of the hacker culture was to create these personas that
while you know it was connected to you, you couldn't
trace it back to a person easily. However, Gonzales had
(24:35):
built up a lot of trust in the community, so
he ended up helping the Secret Service identify various high
level members of Shadow crew. But even while he was
working with the authorities to put away his fellow hackers,
he also kept up his own criminal activities. In fact,
he really stepped it up. He targeted large retail organizations
(24:58):
and so one of the things he started to do
was tap into these businesses through their own Wi Fi networks.
He and his colleagues would engage in a practice called
war driving. So war driving just involves driving around, typically
with like a laptop, and you're searching for Wi Fi networks,
and once you find a Wi Fi network, the next
(25:19):
step is to prod the network and see if there's
any vulnerabilities you can exploit. Now, that doesn't necessarily involve
any high tech stuff like it can, but it doesn't
have to. Sometimes all it takes is just a working
knowledge of generic login and password credentials, you know Wi Fi.
Especially at the time when Gonzalez was doing this in
the mid two thousands, it was fairly new and not
(25:42):
everyone actually took the trouble to, you know, do things
like change the default settings on their Wi Fi networks,
which meant that it was trivial to infiltrate those systems.
You might as well not use any security at all.
If you're not changing things like the default password, right,
because then all you have to do is know which
companies use default words, you know which default passwords, and
just go through and start using those until you get
(26:04):
into the system. And that was a large part of
what Gonzales in his group was doing. So even in
cases where someone did think to make this change, where
they did go so far as to change the defaults,
sometimes just a little social engineering could go a long
way toward getting you what you wanted. You know, you
trick someone into sharing log in credentials and you're in
(26:24):
the game. You just tell them, oh, I'm here to
improve your internet connection, to speed things up or whatever,
or to fix a problem. And you get login information
from someone, a lot of people will just hand it
over because they're like, well, that's outside of my expertise,
I don't know what I'm doing. Sure, this person seems
like they're on the up and up. Here's my log
(26:44):
in information. And then you snoop around long enough in
a system, you might find a way to access higher
level files. Right, you might be able to get administrator
level access to a system. That's kind of what Gonzales
was really good at doing. And that's where the profit is,
because that's where you're able to access the most sensitive information.
(27:05):
So Gonzales breached numerous databases that had pretty poor security
controls but lots of customer data, and so he got
access to even more credit and debit cards through major
retailers and consumer facing companies like TJ Max, OfficeMax, Barnes
and Noble Dave and Busters and lots more. He also
(27:25):
double crossed a few hackers in his community at this time.
In that New York Times magazine article, it's revealed that
while he was working with the Secret Service, Gonzales secretly
sold a junk database of stolen credentials. Those credentials were
no longer really active and so they weren't really useful.
It was just junk. But he sold this database to
a hacker because he knew that hacker was also under
(27:49):
the scrutiny of the Secret Service and they were closing
in on the hacker. So he makes money from this hacker.
The hacker gets caught and it looks like the hacker
is the one who actually stole the database of credentials
in the first place, so Gonzalez is able to offload
a worthless database of information onto someone who then takes
(28:11):
the fall for having stolen it in the first place.
By two thousand and seven, gonzalez Is working relationship with
the Secret Service was kind of falling apart, but he
was still really just getting started, and he had graduated
to SEQL injection attacks SQL. So essentially, a sequel injection
uses commands written in structured query language and it exploits
(28:34):
a vulnerability. It doesn't just work on its own. There
has to be a poorly designed system, and such systems
will sometimes accept commands that are in SQL without even
the formal logging in process. It's like you bypassed the
bit where the bouncer has to ask for your ID,
like you found a different way in, and it doesn't
(28:55):
give you full access to the building, but because you
happen to have like this one, you then can get
access to other stuff. That's essentially what sequel injection does.
It gives commands, and if the system is not hardened
against such attacks, the system's programmed to respond to those commands.
So this is one way that hackers would create backdoor
(29:18):
entry points into systems where they could come and go
as they pleased. So that's what Gonzales and his colleagues
were doing. Now, ultimately, he began to breach point of
sale machines like where cards were actually getting swiped. I
remember when this happened because news about how major retailers,
the big one being TJ Max as I recall, but
(29:39):
it was lots of them, not just TJ Max, but
all these different companies were starting to report these security
breaches in which someone had somehow managed to access credit
card numbers, sometimes credit card scanners right at the point
of sale and just grabbing numbers in real time. That's
someone was Gonzales and his crew. Okay, I've got more
to say about gonz and wrapping up his story. Plus
(30:02):
we have another hacker to talk about, but first let's
take another quick break. So we're back now. While Gonzalez
had a history of using stolen credit card and debit
card numbers personally, the really big money was in selling
(30:26):
databases filled with just hundreds of thousands of credit card
numbers to other people. And he had really accumulated tens
of millions of card numbers over his various exploits, and
he would sell them to people all over the world.
But one of his big buyers was a guy located
in Ukraine, and Gonzales felt comfortable working with this guy
(30:49):
because the extradition laws in Ukraine at the time weren't
very scary, so if his contact was picked up, then
he would probably just kind of get off without too
much trouble. He certainly wouldn't get extradited to the United States,
and Gonzalez himself would remain insulated, so he felt that
there was a lower risk working with criminals in Ukraine.
(31:10):
But then this contact took a little trip to Turkey
and got snatched up by authorities and things went south
in a hurry, so ultimately that did not work out
so well for Albert Gonzalez. Law enforcement was looking into
the various data breaches, and through tracking down people on
the outskirts of this crime, they were slowly circling in
on Albert Gonzalez himself. That also included some tailtale signs
(31:34):
at Dave and Busters, which played another part in kind
of narrowing down the search. See the program that Gonzalez's
crew was using to skim credit card numbers at the
daven Buster's locations had a limitation. It would not reset
if the computer systems had been shut down. And then
turned back on. So if the computer systems reset, the
(31:56):
skimming program did not reset with those comput systems that
needed to be reinitiated. So that meant that the hackers
would have to revisit Dave and Busters on a fairly
frequent basis. And then eventually David Busters starts to figure
out that these frequent customers are also shady customers and
suspicions raise. The investigation culminated in a May seventh, two
(32:19):
thousand and eight, raid on a hotel room near Miami Beach, Florida.
So Miami was Gonzales' hometown. He moved there after he
worked with the Secret Service back in the earlier two
thousands and was helping them unveil and unmask and capture
various hackers. He moved to Miami and that's where he
(32:40):
operated for much of the mid to late two thousands.
Really and law enforcement arrested Gonzales in this raid, and
Gonzales eventually led authorities to dig up a barrel containing
more than a million dollars in cash that was buried
in his parents' backyard. Whether or not that was the
(33:02):
majority of his money or all of it, who knows.
Maybe it was just a bit to throw a bone
to the authorities and keep the rest secretly locked away.
But Gonzalez pled guilty to all the charges that were
filed against him. He was sentenced to two concurrent twenty
year prison sentences, meaning he was serving out both of
them at the same time. His buddy, Stephen Watt aka
(33:26):
Jim Jones, would get two years in prison and a
quarter of a million dollars in fines for having coded
the sniffer programs that Gonzalez was relying upon, though Wats
himself argued that he didn't know what Gonzalez was really
doing with the stuff he had built. I don't fully
know if that's believable, but he did say that he
(33:46):
definitely didn't agree with some of the targets that Gonzales
wanted to go after that Watt just felt that that
was not really appropriate. Another hacker named Damon Patrick Towey,
who did a lot of Gonzales' leg work, got hit
with a five year prison sentence, now equated to multiple articles.
Gonzales would be in prison till eligible for parole, which
(34:07):
wouldn't be until twenty twenty five, but apparently he was
released last year on September nineteenth according to the Bureau
of Prisons. If you do a research of him on
the Bureau of Prisons, it says he is no longer
in custody. Oddly enough, I couldn't find any articles about
his release. But if someone is in prison long enough,
I figure the folks who covered their crimes will have
(34:27):
moved on. So it's quite possible that no one just
noticed that he was released from prison. Assuming he's on
the outside now, the question is will he stay on
the straight and narrow or return to his system exploiting ways. Now,
our final hacker that we're covering in this episode is
a tragic story and it's also connected to Albert Gonzales,
(34:50):
so this guy has a relation to that story. It's
the story of Jonathan James. He was born in nineteen
eighty three, so he was just a couple of years
younger than Gonzales. His father was a computer systems analyst,
and young Jonathan James developed a keen interest in computers
as well, so keen that years later, when Jonathan James
(35:11):
would get picked up by authorities for breaching secure systems,
his father would claim, quote, I've been in computers for
twenty years, and I can't do what he was doing
end quote. Now, what he was doing was mainly snooping around.
He was using computers and the young Internet to explore
different computer systems, and like Gonzales, that included some systems
(35:33):
that he absolutely positively was not supposed to be able
to access. In nineteen ninety nine, Jonathan James allegedly infiltrated
more than a dozen computers belonging to the National Aeronautics
and Space Administration good old NASA, again just like Gonzales
had done when he was fourteen years old. The computers
were located at NASA's Marshall Space Flight Center in Alabama,
(35:57):
and the intrusion, once detected, prompted the agency to show
down some of those computers for the better part of
a month. James would later be accused of having stolen data,
including highly sensitive information about the International Space Station, and
that he had downloaded software from NASA during his unauthorized
tour of their computer systems, and authorities would later estimate
(36:18):
that his activities had cost the agency around forty thousand
bucks in various ways, from having to replace compromise systems
to paying folks to fix vulnerabilities though one could argue
that in that case, at least James had kind of
done NASA a service because James didn't have darker motivations
against the agency. And one could argue that if someone's
going to bust into your computer systems and reveal that
(36:40):
there's a big security vulnerability, you would rather it be
a sixteen year old kid than an actual terrorist. But
that's not to say that Jonathan James was a naive, innocent,
curious boy. He certainly was curious, that was definitely true.
But he really enjoyed the challenge of hacking into supposedly
secure systems, and he would claim that his motivation to
(37:01):
do this was mostly just to see if he could
do it, and also to brag about this to other
hackers so that he could get some, you know, kind
of clout in the hacker community. In the hacker community,
he took on the handle Comrade, with the O and
comrade being a zero instead of the letter O. That
might have been a little brash considering some of his targets,
(37:22):
Like to use a term that has its connections to Russia,
might have been a little brash because one of his
targets was the defense threat Reduction Agency, which itself is
part of the US Department of Defense. So this is
still in the summer of nineteen ninety nine, when James
was just sixteen years old. The agency in this case
(37:43):
was responsible for monitoring potential threats to the United States,
including stuff like nuclear or biologic weaponry, so this is
definitely highly classified information we're talking about. James uncovered a
ton of information while he was poking around. He intercepted
thousands of messages between different agency members and gained access
(38:03):
to nearly twenty different log in credentials. While he was
doing all this, the agency noticed that someone was snooping around, however,
and over the course of the next few months, law
enforcement was able to trace those intrusions back to Jonathan
James's home. Now, according to his dad, Jonathan's identity was
discovered largely through the cooperation with ISPs, so Internet service
(38:25):
providers worked with law enforcement to trace back the traffic
that was coming from Jonathan James's home and leading into
the Department of Defense. James was brought up on charges
as a juvenile, and he pled guilty to those charges.
If he had been an adult when he carried out
these hacking activities probably would have faced some pretty serious
(38:46):
jail time and some fines, but as it stood, he
was sentenced to six months of detention in a juvenile facility.
The Justice Department said he was the first juvenile to
actually serve time for hacking now. Unfortunately for James, the
consequence of his actions followed him well after his release
from juvenile detention. He found it difficult to secure employment.
(39:07):
While some hackers have leveraged their experiences into a job
in cybersecurity, James found it hard to do the same.
He also was still in touch with some other hackers,
and while he was determined to avoid a legal activity,
his circles included folks that were connected to Gonzalez, and
Gonzales showed far less concern about the legality of his actions.
(39:29):
So when Albert Gonzalez's crew started stealing thousands of credit
card numbers from around a dozen major companies, the Secret
Service decided to look in on James. They found references
to a j. J in those in those those hacker communications,
and Jonathan James couldn't that be JJ. As it turns out,
(39:52):
JJ may have meant Jim Jones aka Stephen Watt, who
was one of Gonzalez's colleagues, and the Secret Service was
looking at James. I mean, James had proven himself to
be an adept hacker, far capable of gaining access to
what were supposed to be secure systems. But Jonathan James
(40:12):
was already battling depression due to his struggles of getting
a stable life post detention, and the suspicion directed at
him probably exacerbated things. Not to say that it caused
what would follow to happen, but that it certainly was
another element on top of a lot of other stresses
(40:33):
that were already leading to some serious depression. Because on
May eighteenth, two thousand and eight, just eleven days after
authorities had brought Albert Gonzales into custody, Jonathan James committed suicide.
He left behind a note that claimed he had no
connection with the recent attacks against TJX and the other
companies that Gonzales had targeted, but he also had quote
(40:56):
no faith in the justice system end quote. Further, he
tragically revealed that he felt he had no control over
his own life and only by taking his life could
he regain control, which is an incredibly tragic ending. And
just a note here because I do think this is important.
If you are ever in a place where you're having
(41:18):
suicidal thoughts, please reach out to a crisis hotline. There
are many such lifelines around the world. Here in the
United States, the national lifeline is nine to eight eight,
and talking to someone can be a huge help. But
that's it for this episode about famous hackers. There are
lots more, and I'll probably do more episodes where I'll
(41:39):
talk about some others. You know, I didn't even mention
Kevin Mitnick in this one, and that's a big one,
so we'll come back to this topic. Obviously, there's seven
more on that Kaspersky list I could talk about, but
I felt that getting some insight into the motivations and
techniques used by some of these hackers would be kind
(42:01):
of interesting. I hope everyone out there is doing well.
Hope you're healthy and happy, and I will talk to
you again really soon. Tech Stuff is an iHeartRadio production.
For more podcasts from iHeartRadio, visit the iHeartRadio app, Apple Podcasts,
(42:24):
or wherever you listen to your favorite shows.
Welcome to Tech Stuff, a production from iHeartRadio. Hey thereon
Welcome to Tech Stuff. I'm your host, Jonathan Strickland. I'm
an executive producer with iHeart Podcasts and How the tech
are You? So I thought I would talk about hackers today,
(00:25):
and the word hacker these days is almost exclusively used
to describe people who, through one means or some other means,
find a way of infiltrating computer systems. But the term
hacker has a more broad definition. It really describes anyone
who's interested in taking stuff apart to learn how it works,
(00:46):
and maybe even putting it back together again so that
it does something it wasn't intended to do when it
was built originally. Now that thing might be a computer
or a mobile device, it might be a system. Hacking
can mean lots of different stuff. I mean, that's where
we get things like life hacks, which often end up
(01:07):
not being hacks at all. There's some life hacks out
there that I think we're just jokes that then were
spread sincerely by other people, because y'all, it doesn't make
any sense to just to take the top of a
squirt bottle off and invert it to turn it into
a funnel that that hole at the bottom is way
too small for that anyway, you know what I mean.
(01:29):
But sometimes people just want to figure out how something
works and taking it apart is the best way to
do it. Or maybe they want to figure out how
to manipulate whatever it is in order to unlock its
full potential. Like there are computers out there that have
certain clock speeds that's essentially how fast the processor is
(01:49):
able to complete operations per second, and often there are
limiters placed on the clock speed, and if you figure
out how to remove those limitters, you can make your
computer operate a lot faster. This has trade offs. It
usually means more power consumption and more heat generated and
(02:09):
potentially can actually damage your machine. But that's one example, right,
you can unlock the full potential of your computer something
that was intentionally restricted from operating at full capacity. Or
maybe you just want to figure out how to use
a paid service for free. The phone freakers of the
nineteen seventies fall into that category. These are folks who
(02:32):
found ways to manipulate the plain old telephone system or pots,
so that they could do stuff like make free long
distance phone calls. They did it with all sorts of
different ways, mostly by producing specific tones into a telephone
and then being able to make free phone calls. Good
old capt'n Crunch used to do that using a whistle
(02:53):
from a capt'n crunch box. But over time, the world
at large has started to use the word hacker to
mean someone attempt to gain a legal access to a
computer system, either in order to snoop around or create
a means to infiltrate the system whenever they want by
putting in a back door, or steal information from someone,
or inject malware into a system, or some combination of
(03:16):
all of these things. So today I thought we'd chat
about three notorious hackers. Actually that's not even true. Two
notorious hackers and one hacker conglomerate. So I decided to
raid a list that was created by Kasperski Labs. That's
a Russian computer security company that's had a pretty rough
go of it as of late due to being based
(03:36):
in Russia. Here in the United States, essentially they've been
banned from being used in various agencies and companies. But
Kaspersky has a very long history with cybersecurity, and I'm
going to start with number two on the Kaspersky list,
because it's not so much as a person as it
is a collective. This is that conglomeration I was talking
(03:59):
about now. It is not unusual for hackers to form
loose collectives. That happens a lot. Some hackers might belong
to more than one collective, and they might share resources
and motivations and goals. But one very very loose group,
and it's not just hackers, but hackers make up a
(04:20):
good number of them. It's a group that's caused headaches
for numerous targets for more than twenty years. Now. Is Anonymous,
as in that's what they're called big A Anonymous. I'm
not sure if the association is as strong as it
once was, like in the two thousand teens. But when
I think of Anonymous, the image that always comes to
(04:42):
my mind is a Guy Fawkes mask. That's really kind
of emerged in around two thousand and eight. Really, several
folks claiming to represent Anonymous have worn such masks, particularly
in the early days, like that became kind of a
symbol for the group. I don't know that it's as
strongly associated with them these days, honestly, but they grew
(05:02):
out of the online image based forum four Chan, which
has spawned many things terrible and otherwise over the years,
mostly terrible. If I'm being honest, A lot of terrible
stuff came out of four Chan. The origins of anonymous
were humble and juvenile. Some folks on four Chan would
meet in various virtual spaces in order to coordinate efforts
(05:25):
to torment various online communities through the age old practice
of trolling. So they were essentially just creating conflict online
for the lulls, and that was it, Like, that was
their goal, get some amusement by making other people really mad,
and they often like to aim at online communities that
(05:46):
were catering to kids. You know, some folks just like
to watch the world burn. Honestly, making people mad is
not hard to do, right, It's a pretty easy thing.
I guess the thrill was having, you know, this big
impact on someone's mentality, and that that was the thrill.
But I would argue you should just raise the bar
(06:06):
a little bit, like, yeah, you can make people angry,
but that's not very hard to do for most folks,
So why not set yourself a really challenging goal, like
make people happy. That's a lot harder to do. Anyway,
from about two thousand and three to two thousand and seven,
Anonymous wasn't really much more than just a bunch of
folks trying to get their kicks by ticking off other people. However,
(06:29):
starting in two thousand and seven, the group began to evolve,
partly due to a misapprehension the media had about the
very loose association of trolls. So media reports were starting
to suggest that Anonymous was far more organized than what
it was, and far more motivated, and most importantly, way
(06:51):
more capable of causing harm than the group actually was.
This included footage that would have like stock images of
cars exploding and stuff, implying that Anonymous was capable of
real world violence. And this is kind of like if
a reporter saw a bunch of kids playing cops and
(07:12):
robbers and then did a feature about how this dangerous
gang was taking over the city. It was a lot
of exaggeration. The pranksters at Anonymous found this to be
pretty darn amusing, and also it was stroking their egos right, Like,
if you are mostly a low level troublemaker, but you're
being portrayed as like some sort of mastermind, that's really
(07:35):
gonna stroke your ego. In another case, the Canadian Security
Intelligence Service reached out to one member of the group,
a guy named Aubrey Cottle, and they thought Coddle could
help disrupt online terrorist organizations, essentially infiltrate and then disrupt
these terrorist cells online. And Cottle was like, I don't
know where they got the idea that I could do this.
(07:57):
I mean, I'm just stirring up, you know, mess. We'll
say this is a family friendly show, after all, will
stir stuff up online. I'm not really here to break
up terrorist cells. But having folks think you're a much
bigger deal than you are can be kind of fun.
And it got some folks thinking about actually using their
(08:17):
perceived power to do something more than just riling folks
up on the Internet, so it kind of became a
bit of a self fulfilling prophecy. This grew into Project Chenology,
in which the group targeted the Church of Scientology. So
Church of Scientology, that's a whole topic that is beyond
(08:38):
the scope of tech stuff, but has a long history
of some really manipulative and oppressive policies that pull people
into the church, keep them there, and exploit them extensively.
So this is the time when the Guy Fawkes masks
started showing up. If you don't know who Guy Fawkes was,
(09:00):
he was one of several terrorists really in the seventeenth
century who planned to blow up Parliament and potentially assassinate
the King of England. But their plot was uncovered and
the members of the plot were put to death, including
(09:20):
Guy Fawx himself, who was not the leader of the group,
but was a member of it and has largely been
associated with that and then was appropriated by Alan Moore
in his v for Vendetta graphic novel, and so he's
sort of become a symbol of anti authoritarian practices, like
it's like a vigilante sort of thing. So members would
(09:43):
be wearing Guy Fawkes masks and show up in videos
and speak out against the church. Usually they would have
their voice distorted in the video as well. Members also
got access to web pages that belonged to the Church
of Scientology. They were able to get administrator access to
these pages and then defaced the web pages. They also
launched d DOS attacks on the organization, and they organized
(10:05):
in person protests outside of Scientology properties. Now in case
you're not familiar with the term d DOS, that stands
for distributed denial of service. Now, essentially a d DOS
attack is all about overwhelming a target. So typically we're
talking about a web server, so machines are programmed to
follow specific routines. The way web servers work is that
(10:29):
they receive requests from clients. A client is just someone
else's computer tech technically computer browser, and the server responds
by sending data to the client. So, if you want
to visit a web page and you type the URL
in your browser bar, your browser, which is the client
in this case, sends a request out over the internet.
This request eventually routes to the appropriate web server, which
(10:52):
then responds to the request and sends back a web
page so that you can view it in your browser. Well,
in order for this to work, the server can't just
ignore incoming requests. You know. Imagine you're on your browser
but you type in a URL for a web page
and nothing happens, or maybe you get an error message
because the server has decided to deny your request for
whatever reason. In most cases, the server is more or
(11:15):
less compelled to answer every single request. Well, you can
flip that and turn it into an attack because if
you send countless waves or requests to a web server,
then you can overwhelm that web server so it can't
do anything useful. Like other people who are just legitimately
trying to access the server get timed out or denied
(11:35):
because it's too busy responding to all these ridiculous requests
that are flooding in. That's a denial of service attack. Now,
what makes a distributed denial service attack is when hackers
compromise other machines. Some hackers might compromise machines in order
to access data on the affected devices, but others are
(11:56):
just happy to siphon away a little bit of computing
power and some connectivity, and they turned these affected computers
into bots. And then you get an army of these bots,
and you direct the army to send countless messages to
your target web server, and the hacker meanwhile remains shielded
because they're not the ones sending the messages to the
(12:16):
target server. Their army of bots is doing it. That
is a distributed denial of service attack. So Anonymous made
liberal use of that tactic, particularly in the early days,
but then throughout its history they've held de dos attacks
against different targets, and from that point forward, Anonymous became
more associated with hactivism than with trolling, though a lot
(12:37):
of the activist activity borrowed liberally from the trolling days,
and once in a while they would just engage in
trolling as well. The group has targeted numerous individuals and
organizations for lots of different reasons. Generally speaking, Anonymous tends
to follow a slightly leftist approach with very strong libertarian principles. Now,
not all of their targets have been large organized bastions
(12:59):
of authoritarianism. For example, McKay hatch wasn't exactly an institution.
McKay hatch was a kid who was running a website
called The No Cussing Club, and members of Anonymous doxed
him and launched a campaign of harassment. So I guess
their love of cussing was just too damn strong. But
other targets were definitely more high profile. Anonymous was generally
(13:21):
speaking on the side of wiki leaks and carried out
a few attacks on various government servers around the world
in protest of the persecution of people like whistleblower Chelsea Manning,
for example. Many members of Anonymous have supported social causes
like Occupy Wall Street and Black Lives Matter movement, but
the group is not formally organized, and generally anyone can
(13:43):
take action in the name of Anonymous, but the rest
of the group might distance themselves from those kinds of people.
For example, in the early days of anonymous activism, a
group claiming to be anonymous got access to the web
page for the SOHH or Support Online Hip Hop news website.
The hackers deface the website, and they included the use
(14:04):
of stuff like racial slurs and stereotypes, which is pretty
darn tacky. The attackers claim to be anonymous, though the
group as a whole, as far as I can tell,
made no such claim. And in other cases you might
have a member who convinces a subset of Anonymous the
anonymous community to work together towards some goal, and they
can create a little splinter group or spinoff group. It's
(14:27):
very loosey goosey. The hacking skills and anonymous also run
the spectrum. There are undoubtedly some accomplished hackers among the group,
while others fall more into the realm of script kitties.
These are folks who have downloaded tools that do most
of the work for them. But because membership is fluid
and you know Anonymous, I can't really give more specifics
(14:48):
than that. I can talk a bit more about Anonymous
before we move on to our next hacker. But before
we do that, let's take a quick break to thank
our sponsors. So we're back. I've got a little bit
more to say about Anonymous before we move on. Some
(15:10):
high profile operations that are at least suspected to be
the work of Anonymous, because again, the loose organization of
the group means that some operations could be the work
of a subset or a splinter group of the overall
group and not reflective of the group as a whole.
Because of its loose association, it's really hard to attribute
(15:30):
anything to the overall group, Like even something that might
have the support of most members of Anonymous might not
have total support. So the nature of Anonymous itself makes
it difficult to use any definitive phrases. But Operation Darknet
was one that Anonymous engaged in. Anonymous went after sites
(15:52):
that hosted child pornography. They infiltrated some of those sites.
They skimmed user information and published user information online, essentially
revealing people who were frequently going to these child pornography sites,
and they called for law enforcement to take action against
the pornographers. So that was one of those cases where
Anonymous said it was taking up action to defend the
(16:15):
defenseless and to call for justice against people who were
committing really terrible acts against vulnerable folks, in this case children.
In twenty twelve, Operation Russia targeted several high profile Russian
officials and exposed a scheme in which these officials were
apparently paying bloggers to promote pro Kremlin and more to
(16:37):
the point, pro putin propaganda. Operation Bahrain was actually not
targeting Bahrain directly, but Formula one. So why do that? Well,
at the time, the Arab Spring was in full bloom.
That was a series of protests and movements throughout the
Arab world in which citizens were protesting against various authorities,
(17:00):
government officials and regimes and agencies, and Formula one was
preparing for the twenty twelve Bahrain Grand Prix in cooperation
with the government, and Anonymous was siting with the anti
government protesters and viewed Formula one as participating in sportswashing,
that is, using a sporting event to spread government propaganda.
(17:22):
During the operation, Anonymous carried out DIDOS attacks against Formula
one and leaked information gathered during a data breach on
Formula one systems. In more recent years, Anonymous members have
participated in operations against Israel in protests for that country's
ongoing conflict with Palestinians, as well as an operation targeting
(17:42):
Russia for its ongoing war against Ukraine. And it's been
more than twenty years since a group of Internet trolls
started just causing grief online, and the group is still
active today, possibly because it is so hard to define.
I don't know that you could call it the same group.
In fact, I don't know how many people who were
(18:03):
part of Anonymous in the earliest days are still active
in the community today. I do think if we're going
to talk about Anonymous, one place to start is just
the group's own slogan. We are Anonymous, we are legion.
We do not forgive, we do not forget, expect us. Okay,
(18:25):
with that cheerful message, let's swap on over to a
different hacker, someone who was very much identified, someone who
was responsible both for committing several high profile, high impact
acts of theft and wirefraud as well as a guy
who helped take down other hackers. His name is Albert Gonzalez,
(18:45):
and he sometimes went by handles that included soup Nazi
as a Seinfeld reference or Kumba Johnny So. Gonzalez was
born in nineteen eighty one in Cuba and brought up
in the United States, and he was interested in computers
at a young age. According to a piece written by
James Verini in The New York Times magazine back in
(19:06):
twenty ten, an early hint that the young Albert Gonzalez
was a potential thorn in the side of the law
came in the nineteen nineties when it was discovered that
he had penetrated NASA's computer systems when he was just
fourteen years old. The FBI paid him a little visit
at school about that. Apparently he had developed a rather
(19:28):
distinct disdain for authority, and meanwhile, he and some friends
were fascinated with learning how various systems worked. Now he
was more interested in systems than in programming. He liked
learning how networks worked, and not just computer networks, but
like networks of people. He would probe at these different systems,
(19:50):
and often it didn't take very long for him to
find a vulnerability. So back in the early days of
the Internet, security protocols were very much a work in
pro and not everyone was on the same page. A
lot of people and companies had incredibly lacks security practices,
and you could think of that as just being a
(20:12):
common feature in the Internet, kind of like how the
web pages at that time almost all had the obligatory
under construction graphic posted somewhere on their web page. Now, Gonzales,
like I said, he wasn't really a coder a programmer.
He would rely on other hackers for building code instead.
He was just really good at understanding how systems worked
(20:35):
and then navigating through those systems and finding the valuable
information stored within them. He was also really adept at
social engineering. He was great at manipulating people to get
what he needed, whether that was a login password or
information about Wi Fi networks or whatever. He also was
reportedly a pretty serious drug user. Typically he relied on
(20:59):
stimulants like cocaine when he was pulling long hours while
infiltrating systems, and that would become a pretty big issue
for him. Among his go to activities would be sniffing
out credit card numbers either by finding a database belonging
to say, a business like a retailer, and then just
siphoning off numbers that were stored in there, because not
(21:21):
everyone stored their numbers and encrypted formats, which meant if
you had access to the database, you had access to numbers.
He also made friends with other hackers who specialized in
building programs specifically to skim credit card numbers, one of
those being Stephen Watt, who was sometimes known by handles
like Jim Jones or sometimes the Unix Terrorist. And as
(21:42):
a young adult, Gonzales joined a group of like minded
hackers that would call themselves the Shadow Crew, and it
was kind of like a forum for hackers, but not
just that, it was also a trading place. At Shadow Crew,
people could buy and sell information like stolen credit card
or debit card numbers, and they also could find tutorials
(22:04):
about how to carry out various criminal activities and how
to do things like how to get blank cards and
then emboss them and print magnetic strips on them and
imprint the stolen card information you had onto card blanks
so that you could then take those cards to like
an ATM and potentially withdraw tons of cash in the process.
(22:28):
In fact, that's actually what Gonzales was doing when he
first got caught. Shadow crew had built up an enormous
database of stolen card numbers, and Gonzales had made a
bunch of fake cards, and he set out to hit
some ATMs in North Manhattan in New York City. By chance,
there was this plain clothes NYPD detective who just spotted
(22:50):
Gonzales and thought Gonzales looked an awful lot shady. Gonzalez
was wearing a woman's wig at the time and a
fake nose ring, and the detective was actually on the
lookout for a totally different kind of criminal because there
had been some car thieves who had been hitting some
neighborhoods in Upper Manhattan, and so this detective started following
(23:11):
Gonzalez thinking that maybe he found one of the people
who had been boosting cars in the area. But it
wasn't cars that Gonzalez had boosted. It was card numbers,
not cars. So the detective follows Gonzalez, sees Gonzalez go
up to an ATM notices that Gonzalez is very likely
in disguise, like he's wearing like a hoodie and everything,
(23:31):
but also, like I said, a wig and a nose ring,
and Gonzalez starts using cards to access an ATM and
withdraw cash, and then just switch to a different card
and withdraw more cash. So the detective figured that Gonzalez
wasn't stealing automobiles, but he was definitely doing something that
was questionable. And so Gonzales got picked up by the police,
(23:54):
not because the cybersecurity team figured out who he was,
but because someone in the real world spotted him and
suspected that something was pinky. So Gonzalez ended up turning
informant on the Shadow Crew. This was largely to protect
himself so he wouldn't have to go to prison, and
he thought, well, I can end up helping the law
(24:15):
enforcement identify and catch other hackers. Now, Gonzales didn't necessarily
know who everyone was in Shadow Crew. In fact, he
didn't know who most of them were. The whole point
of the hacker culture was to create these personas that
while you know it was connected to you, you couldn't
trace it back to a person easily. However, Gonzales had
(24:35):
built up a lot of trust in the community, so
he ended up helping the Secret Service identify various high
level members of Shadow crew. But even while he was
working with the authorities to put away his fellow hackers,
he also kept up his own criminal activities. In fact,
he really stepped it up. He targeted large retail organizations
(24:58):
and so one of the things he started to do
was tap into these businesses through their own Wi Fi networks.
He and his colleagues would engage in a practice called
war driving. So war driving just involves driving around, typically
with like a laptop, and you're searching for Wi Fi networks,
and once you find a Wi Fi network, the next
(25:19):
step is to prod the network and see if there's
any vulnerabilities you can exploit. Now, that doesn't necessarily involve
any high tech stuff like it can, but it doesn't
have to. Sometimes all it takes is just a working
knowledge of generic login and password credentials, you know Wi Fi.
Especially at the time when Gonzalez was doing this in
the mid two thousands, it was fairly new and not
(25:42):
everyone actually took the trouble to, you know, do things
like change the default settings on their Wi Fi networks,
which meant that it was trivial to infiltrate those systems.
You might as well not use any security at all.
If you're not changing things like the default password, right,
because then all you have to do is know which
companies use default words, you know which default passwords, and
just go through and start using those until you get
(26:04):
into the system. And that was a large part of
what Gonzales in his group was doing. So even in
cases where someone did think to make this change, where
they did go so far as to change the defaults,
sometimes just a little social engineering could go a long
way toward getting you what you wanted. You know, you
trick someone into sharing log in credentials and you're in
(26:24):
the game. You just tell them, oh, I'm here to
improve your internet connection, to speed things up or whatever,
or to fix a problem. And you get login information
from someone, a lot of people will just hand it
over because they're like, well, that's outside of my expertise,
I don't know what I'm doing. Sure, this person seems
like they're on the up and up. Here's my log
(26:44):
in information. And then you snoop around long enough in
a system, you might find a way to access higher
level files. Right, you might be able to get administrator
level access to a system. That's kind of what Gonzales
was really good at doing. And that's where the profit is,
because that's where you're able to access the most sensitive information.
(27:05):
So Gonzales breached numerous databases that had pretty poor security
controls but lots of customer data, and so he got
access to even more credit and debit cards through major
retailers and consumer facing companies like TJ Max, OfficeMax, Barnes
and Noble Dave and Busters and lots more. He also
(27:25):
double crossed a few hackers in his community at this time.
In that New York Times magazine article, it's revealed that
while he was working with the Secret Service, Gonzales secretly
sold a junk database of stolen credentials. Those credentials were
no longer really active and so they weren't really useful.
It was just junk. But he sold this database to
a hacker because he knew that hacker was also under
(27:49):
the scrutiny of the Secret Service and they were closing
in on the hacker. So he makes money from this hacker.
The hacker gets caught and it looks like the hacker
is the one who actually stole the database of credentials
in the first place, so Gonzalez is able to offload
a worthless database of information onto someone who then takes
(28:11):
the fall for having stolen it in the first place.
By two thousand and seven, gonzalez Is working relationship with
the Secret Service was kind of falling apart, but he
was still really just getting started, and he had graduated
to SEQL injection attacks SQL. So essentially, a sequel injection
uses commands written in structured query language and it exploits
(28:34):
a vulnerability. It doesn't just work on its own. There
has to be a poorly designed system, and such systems
will sometimes accept commands that are in SQL without even
the formal logging in process. It's like you bypassed the
bit where the bouncer has to ask for your ID,
like you found a different way in, and it doesn't
(28:55):
give you full access to the building, but because you
happen to have like this one, you then can get
access to other stuff. That's essentially what sequel injection does.
It gives commands, and if the system is not hardened
against such attacks, the system's programmed to respond to those commands.
So this is one way that hackers would create backdoor
(29:18):
entry points into systems where they could come and go
as they pleased. So that's what Gonzales and his colleagues
were doing. Now, ultimately, he began to breach point of
sale machines like where cards were actually getting swiped. I
remember when this happened because news about how major retailers,
the big one being TJ Max as I recall, but
(29:39):
it was lots of them, not just TJ Max, but
all these different companies were starting to report these security
breaches in which someone had somehow managed to access credit
card numbers, sometimes credit card scanners right at the point
of sale and just grabbing numbers in real time. That's
someone was Gonzales and his crew. Okay, I've got more
to say about gonz and wrapping up his story. Plus
(30:02):
we have another hacker to talk about, but first let's
take another quick break. So we're back now. While Gonzalez
had a history of using stolen credit card and debit
card numbers personally, the really big money was in selling
(30:26):
databases filled with just hundreds of thousands of credit card
numbers to other people. And he had really accumulated tens
of millions of card numbers over his various exploits, and
he would sell them to people all over the world.
But one of his big buyers was a guy located
in Ukraine, and Gonzales felt comfortable working with this guy
(30:49):
because the extradition laws in Ukraine at the time weren't
very scary, so if his contact was picked up, then
he would probably just kind of get off without too
much trouble. He certainly wouldn't get extradited to the United States,
and Gonzalez himself would remain insulated, so he felt that
there was a lower risk working with criminals in Ukraine.
(31:10):
But then this contact took a little trip to Turkey
and got snatched up by authorities and things went south
in a hurry, so ultimately that did not work out
so well for Albert Gonzalez. Law enforcement was looking into
the various data breaches, and through tracking down people on
the outskirts of this crime, they were slowly circling in
on Albert Gonzalez himself. That also included some tailtale signs
(31:34):
at Dave and Busters, which played another part in kind
of narrowing down the search. See the program that Gonzalez's
crew was using to skim credit card numbers at the
daven Buster's locations had a limitation. It would not reset
if the computer systems had been shut down. And then
turned back on. So if the computer systems reset, the
(31:56):
skimming program did not reset with those comput systems that
needed to be reinitiated. So that meant that the hackers
would have to revisit Dave and Busters on a fairly
frequent basis. And then eventually David Busters starts to figure
out that these frequent customers are also shady customers and
suspicions raise. The investigation culminated in a May seventh, two
(32:19):
thousand and eight, raid on a hotel room near Miami Beach, Florida.
So Miami was Gonzales' hometown. He moved there after he
worked with the Secret Service back in the earlier two
thousands and was helping them unveil and unmask and capture
various hackers. He moved to Miami and that's where he
(32:40):
operated for much of the mid to late two thousands.
Really and law enforcement arrested Gonzales in this raid, and
Gonzales eventually led authorities to dig up a barrel containing
more than a million dollars in cash that was buried
in his parents' backyard. Whether or not that was the
(33:02):
majority of his money or all of it, who knows.
Maybe it was just a bit to throw a bone
to the authorities and keep the rest secretly locked away.
But Gonzalez pled guilty to all the charges that were
filed against him. He was sentenced to two concurrent twenty
year prison sentences, meaning he was serving out both of
them at the same time. His buddy, Stephen Watt aka
(33:26):
Jim Jones, would get two years in prison and a
quarter of a million dollars in fines for having coded
the sniffer programs that Gonzalez was relying upon, though Wats
himself argued that he didn't know what Gonzalez was really
doing with the stuff he had built. I don't fully
know if that's believable, but he did say that he
(33:46):
definitely didn't agree with some of the targets that Gonzales
wanted to go after that Watt just felt that that
was not really appropriate. Another hacker named Damon Patrick Towey,
who did a lot of Gonzales' leg work, got hit
with a five year prison sentence, now equated to multiple articles.
Gonzales would be in prison till eligible for parole, which
(34:07):
wouldn't be until twenty twenty five, but apparently he was
released last year on September nineteenth according to the Bureau
of Prisons. If you do a research of him on
the Bureau of Prisons, it says he is no longer
in custody. Oddly enough, I couldn't find any articles about
his release. But if someone is in prison long enough,
I figure the folks who covered their crimes will have
(34:27):
moved on. So it's quite possible that no one just
noticed that he was released from prison. Assuming he's on
the outside now, the question is will he stay on
the straight and narrow or return to his system exploiting ways. Now,
our final hacker that we're covering in this episode is
a tragic story and it's also connected to Albert Gonzales,
(34:50):
so this guy has a relation to that story. It's
the story of Jonathan James. He was born in nineteen
eighty three, so he was just a couple of years
younger than Gonzales. His father was a computer systems analyst,
and young Jonathan James developed a keen interest in computers
as well, so keen that years later, when Jonathan James
(35:11):
would get picked up by authorities for breaching secure systems,
his father would claim, quote, I've been in computers for
twenty years, and I can't do what he was doing
end quote. Now, what he was doing was mainly snooping around.
He was using computers and the young Internet to explore
different computer systems, and like Gonzales, that included some systems
(35:33):
that he absolutely positively was not supposed to be able
to access. In nineteen ninety nine, Jonathan James allegedly infiltrated
more than a dozen computers belonging to the National Aeronautics
and Space Administration good old NASA, again just like Gonzales
had done when he was fourteen years old. The computers
were located at NASA's Marshall Space Flight Center in Alabama,
(35:57):
and the intrusion, once detected, prompted the agency to show
down some of those computers for the better part of
a month. James would later be accused of having stolen data,
including highly sensitive information about the International Space Station, and
that he had downloaded software from NASA during his unauthorized
tour of their computer systems, and authorities would later estimate
(36:18):
that his activities had cost the agency around forty thousand
bucks in various ways, from having to replace compromise systems
to paying folks to fix vulnerabilities though one could argue
that in that case, at least James had kind of
done NASA a service because James didn't have darker motivations
against the agency. And one could argue that if someone's
going to bust into your computer systems and reveal that
(36:40):
there's a big security vulnerability, you would rather it be
a sixteen year old kid than an actual terrorist. But
that's not to say that Jonathan James was a naive, innocent,
curious boy. He certainly was curious, that was definitely true.
But he really enjoyed the challenge of hacking into supposedly
secure systems, and he would claim that his motivation to
(37:01):
do this was mostly just to see if he could
do it, and also to brag about this to other
hackers so that he could get some, you know, kind
of clout in the hacker community. In the hacker community,
he took on the handle Comrade, with the O and
comrade being a zero instead of the letter O. That
might have been a little brash considering some of his targets,
(37:22):
Like to use a term that has its connections to Russia,
might have been a little brash because one of his
targets was the defense threat Reduction Agency, which itself is
part of the US Department of Defense. So this is
still in the summer of nineteen ninety nine, when James
was just sixteen years old. The agency in this case
(37:43):
was responsible for monitoring potential threats to the United States,
including stuff like nuclear or biologic weaponry, so this is
definitely highly classified information we're talking about. James uncovered a
ton of information while he was poking around. He intercepted
thousands of messages between different agency members and gained access
(38:03):
to nearly twenty different log in credentials. While he was
doing all this, the agency noticed that someone was snooping around, however,
and over the course of the next few months, law
enforcement was able to trace those intrusions back to Jonathan
James's home. Now, according to his dad, Jonathan's identity was
discovered largely through the cooperation with ISPs, so Internet service
(38:25):
providers worked with law enforcement to trace back the traffic
that was coming from Jonathan James's home and leading into
the Department of Defense. James was brought up on charges
as a juvenile, and he pled guilty to those charges.
If he had been an adult when he carried out
these hacking activities probably would have faced some pretty serious
(38:46):
jail time and some fines, but as it stood, he
was sentenced to six months of detention in a juvenile facility.
The Justice Department said he was the first juvenile to
actually serve time for hacking now. Unfortunately for James, the
consequence of his actions followed him well after his release
from juvenile detention. He found it difficult to secure employment.
(39:07):
While some hackers have leveraged their experiences into a job
in cybersecurity, James found it hard to do the same.
He also was still in touch with some other hackers,
and while he was determined to avoid a legal activity,
his circles included folks that were connected to Gonzalez, and
Gonzales showed far less concern about the legality of his actions.
(39:29):
So when Albert Gonzalez's crew started stealing thousands of credit
card numbers from around a dozen major companies, the Secret
Service decided to look in on James. They found references
to a j. J in those in those those hacker communications,
and Jonathan James couldn't that be JJ. As it turns out,
(39:52):
JJ may have meant Jim Jones aka Stephen Watt, who
was one of Gonzalez's colleagues, and the Secret Service was
looking at James. I mean, James had proven himself to
be an adept hacker, far capable of gaining access to
what were supposed to be secure systems. But Jonathan James
(40:12):
was already battling depression due to his struggles of getting
a stable life post detention, and the suspicion directed at
him probably exacerbated things. Not to say that it caused
what would follow to happen, but that it certainly was
another element on top of a lot of other stresses
(40:33):
that were already leading to some serious depression. Because on
May eighteenth, two thousand and eight, just eleven days after
authorities had brought Albert Gonzales into custody, Jonathan James committed suicide.
He left behind a note that claimed he had no
connection with the recent attacks against TJX and the other
companies that Gonzales had targeted, but he also had quote
(40:56):
no faith in the justice system end quote. Further, he
tragically revealed that he felt he had no control over
his own life and only by taking his life could
he regain control, which is an incredibly tragic ending. And
just a note here because I do think this is important.
If you are ever in a place where you're having
(41:18):
suicidal thoughts, please reach out to a crisis hotline. There
are many such lifelines around the world. Here in the
United States, the national lifeline is nine to eight eight,
and talking to someone can be a huge help. But
that's it for this episode about famous hackers. There are
lots more, and I'll probably do more episodes where I'll
(41:39):
talk about some others. You know, I didn't even mention
Kevin Mitnick in this one, and that's a big one,
so we'll come back to this topic. Obviously, there's seven
more on that Kaspersky list I could talk about, but
I felt that getting some insight into the motivations and
techniques used by some of these hackers would be kind
(42:01):
of interesting. I hope everyone out there is doing well.
Hope you're healthy and happy, and I will talk to
you again really soon. Tech Stuff is an iHeartRadio production.
For more podcasts from iHeartRadio, visit the iHeartRadio app, Apple Podcasts,
(42:24):
or wherever you listen to your favorite shows.
TechStuff News
Hosts And Creators
Oz Woloshyn
Karah Preiss
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!