==Phrack Inc.== Volume One, Issue Six, Phile #12 of 13 :.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.: *-=+^ Phrack World News ^+=-* Issue Five/Part 4 Compiled and Written By Knight Lightning :.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.: Grown-Up Laws Sought For Computer Criminals ------------------------------------------- By Dave Skidmore (Associated Press) WASHINGTON-Teen-age computer hackers are giving way to a new generation of people who steal information from computers for profit rather than fun, the head of a House crime panel said Wednesday. "The hackers were the first generation we saw. Now we have a lot of professionals who are getting into the business of accessing computer data bases," said Rep. William J. Hughes, D-N.J. [609/645-7957 or 202/225-6572], the sponsor of legislation aimed at helping law enforcement authorities better cope with the problem. Hughes commented as the House subcommittee on crime, which he heads, studied the proposed Computer Fraud and Abuse Act. Teen-age computer hobbyists, motivated fun and desire for status among fellow hobbyists, use home computers and the telephone to "hack" into government and industry data bases. Now, Hughes said, hackers' techniques are being increasingly used by industrial spies who sell trade secrets gleaned from corporate computers and thieves who change bank records to steal millions of dollars. "Computer crime is probably one of the fastest growing areas of crime. (It's) going to make the old robbery and burglary a little passe with certain professionals," he said. Hughes' bill, cosponsored by Reps. Bill McCollum, R-Fla [202/225-2176], and Bill Nelson, D-Fla [202/225-3671], creates three new offenses. 1. It forbids unauthorized access to a computer and drops a requirement that the government prove information in the computer was used or altered. 2. It outlaws "pirate bulletin boards" used by hackers to trade secret computer codes and passwords. 3. It makes it a felony punishable by up to five years in prison and a $250,000 fine to maliciously cause damage in excess of $1,000 to a computer program or data base. That section of the bill would apply to so-called "Trojan Horse" programs which, when achieving access to another computer, destroy all the data and programs in that computer. The legislation is intended to plug loopholes in anti-crime legislation passed by Congress in 1984, Hughes said. It applies to computers used by the federal government or its contractors and bank and loan association computers. Hughes said he expected his bill and similar legislations sponsored by Sen. Paul S. Trible Jr., R-Va [804/771-2221 or 202/224-4024], to reach the House and Senate floors sometime in May. Information Provided by Blue Buccaneer ------------------------------------------------------------------------------- The following is a critical breakdown of the above article. ------------------------------------------------------------------------------- Blue Buccaneer: Concerning this law: I always thought it would be more fun to hack for cash, but hey... Anyway, the three new offenses are what I am not to fond of: 1) "forbids unauthorized access to a computer" (Gosh, really?) "and drops a requirement that the government prove information in a computer was used or altered" Now what kinda law is that?! The government can just arrest someone and not have to prove anything? COME ON! 2) "It outlaws 'pirate BBSes'" When will these people learn the correct terminology? Pirates trade warezzzz, not 'secret passwords and codes'. The point is, that because this is a federal law, it will apply to all states. We aren't talking pussy-laws anymore. Wouldn't it be damn awful if just running the stupid BBS was a crime? Besides that, I thought we had a right to freedom of the press. Again, COME ON! 3) "and a $250,000 fine to maliciously cause damage in excess of $1000 to a computer program or data base". Excuse me for asking, but can one "maliciously" destroy data? And isn't a quarter of a million dollars a bit much for a teen-ager on a regular allowance? And that much for $1000 damage? Shit, I wish my insurance company paid like that when I wreck my car. Once again, COME ON! And then, I guess this is the journalist's fault, but what the hell does that paragraph on Trojan Horses have to do with this shit? I mean really! Do you think Joe Blow in the street is going to go: "Whew, for a minute there I was afraid that new bill might just skip over those Trojan Horse things." I'd kinda assume Trojan Horses were covered under the "maliciously" destroying data rule. Above written by Blue Buccaneer _______________________________________________________________________________ Computer Kids, Or Criminals? ---------------------------- Mr. Slippery, age 12, never thought playing on his home computer amounted to much more than harmless fun -- until a mysterious call from a stranger one day proved otherwise. "I got a funny phone call from someone offering me money to destroy a bank's records," said Slippery, identified by his hacker alias. "At that point in time, I realized that that's an incredible way to launder money. That if I was real smart, I would move out of the whole thing, because that was an obvious point at organized crime, to me." Hacking, or using a personal computer to trespass by phone lines into the private computer systems of corporations, foundations, universities and banks, is a new form of organized crime, say experts. In the last year or two, a new, sophisticated breed of hacker has emerged. Their ages vary, from the early hackers who started at 14, and have now entered college, to adults who operate computerized crime networks, but their motives are similar: criminal. When Mr. Slippery started hacking seven years ago he as an exception among pimply faced, curious kids whose computers were toys for cheap, and typically harmless, thrills. For four years, he lived up to his alias, eventually penetrating top security government computers at the Department of Defense (DOD) and the National Security Agency (NSA). Mr. Slippery remained undetected until his last several weeks as a hacker. He was never caught, never convicted. Toward the end, he realized government security agents were following him and decided to put away his phone modem for good. "After about four years of this, though, I started realizing that an entirely new crowd had sprung up," observes Mr. Slippery, now a 19-year-old ex-hacker. "You now have the 14 year olds who were running around destroying things seeing how much trouble they could cause." Computer crime experts say the hacker problem is getting worse, even though industries are increasingly reluctant to discuss the topic. "The malicious hacker problem is continuing to increase drastically and is getting far more serious," said Donn B. Parker, author of Fighting Computer Crime and a computer and data security consultant at SRI International, a California-based, non-profit research institute. "The lowering costs of equipment, the attraction of it for new kids coming into it as a rite of passage, points to increasing vulnerability of American business to the hacker problem." Parker's expertise got him hired as a technical consultant to the movie War Games about two teen-age hackers who penetrate government defense computers. Where there is evidence of serious computer hacker crime is on electronic bulletin board systems (BBSes), where hackers share gathered intelligence. "Phone companies have huge investments in their equipment that is highly vulnerable to the hackers, who have figured out how to beat them, and have used pirate boards for their intelligence purposes," said SRI International's Parker. "A large proportion of these kids are, in fact, juvenile delinquents with other arrest records." Recently, a hacker posted this on a local BBS: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - I live in Cleveland and the Pheds are fucking everywhere. This guy who goes by the alias Lou Zer got caught and they told him if he narced on like 5 people he would get off with probation so he did that. Now like half the 2300 club has been busted and this kid has a lot of problems in the future. Also I have seen cops that I know of dressed as fucking federal express guys. Try and avoid using them. Also, here's some PBXs to fuck with. They belong to Standard Oil. --Later, Sir Gallahad - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Other BBSs post lists of telephone numbers of Fortune 1000 corporations, banks, credit bureaus, universities, and foundations. Admittedly, many of the numbers are invalid, say experts. Though there are BBSes that admit members only by invitation and operate as part of a computer underground, others can be accessed by anyone with a computer and a phone modem. Often the boards carry foreboding names like The Sanctuary, Future World, Dark Side, Deathtrap and Speed Demon Elite. Computer crime is sometimes called the perfect crime. Its perpetrators are anonymous hackers using aliases like Phantom Phreaker, Big Brother, Bootleg, Sigmund Fraud, and Scan Man. John Maxfield is a computer security consultant who lives in a downriver suburb. Maxfield spends most of his working hours scanning BBSs, and is known by computer crime experts as a hacker tracker. His investigative work scanning boards has resulted in more prosecutions of computer hackers than anyone else in the field, say sources familiar with his work. Maxfield, who accepts death threats and other scare tactics as part of the job, says the trick is knowing the enemy. Next to his monstrous, homemade computer system, Maxfield boasts the only file on computer hackers that exists. It contains several thousand aliases used by hackers, many followed by their real names and home phone numbers. All of it is the result of four years of steady hacker-tracking, says Maxfield. "I've achieved what most hackers would dearly love to achieve," said Maxfield. "Hacking the hacker is the ultimate hack." Maxfield estimates there are currently 50,000 hackers operating in the computer underground and close to 1,000 underground bulletin boards. Of these, he estimates about 200 bulletin boards are "nasty," posting credit card numbers, phone numbers of Fortune 500 corporations, regional phone companies, banks, and even authored tutorials on how to make bombs and explosives. One growing camp of serious hackers is college students, who typically started hacking at 14 and are now into drug trafficking, mainly LSD and cocaine, said Maxfield. This is an example of a recent BBS posting: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - WANTED: LSD, of any kind. Leave me mail if you're willing to talk prices, I'll take anything up to $5 a hit. $3 is more likely. --urlord - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The BBSs are versatile teaching tools, too. Hackers post detailed tutorials on: HACKING: Using a personal computer and modem to trespass into the private computer systems of corporations, foundations, universities, and banks. CARDING: Using valid credit card numbers obtained from discarded carbons, accounts posted at video rental stores, or even by hacking credit bureau computers. TRASHING: Sifting through trash to find discarded credit card carbons, receipts, computer passwords, code words, confidential phone company directories. PHREAKING or FONING: Manipulating phone systems, usually to make long-distance calls at no charge. ------------------------------------------------------------------------------- Below is an excerpt from a four-part tutorial on credit card fraud posted on an exclusive East Coast BBS for elite advanced hackers: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Carding! By Music Major. Believe it or not, without carding, a damper would be put on the computer users of America (and especially Canada). Can you imagine trying to save enough money to BUY a 2400 baud modem and a 30 meg drive for a BBS? Oh, of course it can be done, but considering that a majority of the active computer users are still in school, and most do not have a steady job, it will take too long, and cost too much for this average person to spend on a BBS. Working at minimum wage at a part-time job, it would take 30 weeks of CONSTANT saving to put up the BBS (with good modem and good drive). Not a pretty thought! When the going gets tough, the tough go carding! Music Major goes into more detail on later, he warns younger hackers about the possible risks of trying a method he claims he invented: "I have called this method foning for cards. To be convincing, you MUST have a fluent tongue and a semi-deep voice (skip this part if your voice is still cracking--refer back when you get a real voice)." - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Maxfield's operation is called BoardScan. He is paid by major corporations and institutions to gather and provide them with pertinent intelligence about the computer underground. Maxfield also relies on reformed hackers. Letters of thanks from VISA and McDonald's decorate a wall in his office along with an autographed photo of Scottie, the engineer on Star Trek's Starship Enterprise. Often he contacts potential clients about business. "More often I call them and say, I've detected a hacker in your system," said Maxfield. "At that point, they're firmly entrenched. Once the hackers get into your computer, you're in trouble. It's analogous to having roaches or mice in the walls of your house. They don't make their presence known at first. But one day you open the refrigerator door and a handful of roaches drop out." Prior to tracking hackers, Maxfield worked for 20-odd years in the hardware end of the business, installing and repairing computers and phone systems. When the FBI recruited him a few years back to work undercover as a hacker and phone phreak, Maxfield concluded fighting hacker crime must be his mission in life. "So I became the hacker I was always afraid I would become," he said. Maxfield believes the hacker problem is growing more serious. He estimates there were just 400 to 500 hackers in 1982. Every two years, he says, the numbers increase by a factor of 10. Another worrisome trend to emerge recently is the presence of adult computer hackers. Some adults in the computer underground pose as Fagans, a character from a Charles Dickens novel who ran a crime ring of young boys, luring young hackers to their underground crime rings. Courtesy of Galaxy Girl and Silicon Thief Major Editing by Knight Lightning Written by Lisa Olson (News Staff Writer for Detroit News) ------------------------------------------------------------------------------- A few notes: It is my assumption that Music Major's Carding Tutorial was from KL actually four posts made on the Carding Subboard on Stronghold ------- East. If this is true then it would mean that at the time or previous to the time of this article Maxfield was on SE. This post was probably taken in before the MASSIVE user purge on Stronghold East. _______________________________________________________________________________  oî5Ý-œs”>íF-ôizxàÎ…»ÿ Downloaded From P-80 International Information Systems 304-744-2253 12yrs+