File: THE FBI GOES AFTER ADS HACKERS Read 17 times FBI GOES AFTER ADS HACKERS [2600 - January 1984] ------------------------------------------------------------------------------- IBM must press charges before action can be taken -- Feds reveal their tactics, blow source ------------------------------------------------------------------------------- We received this bombshell from an anonymous contributor. It seems that a group of hackers was making use of one of IBM's ADS systems. (Audio Distribution Systems enable users with touch-tone phones to send voice messages back and forth to each other...) Unforturately, as is all too often the case, one of these hackers was really an FBI informant who was taking note of all of the illegitimate users (around 40 or so). Luckily for this particular group, the informant was sloppy and left many telltale clues which gave them literally months of warning. So, when the informant decided to send a message to the system operator, advising IBM to take action against the hackers and to call the FBI for more information, the hackers were ready. The system operator's account had also been penetrated by them and hence, the message was received by the hacker's first! One of them actually followed the instructions in the message and called the FBI! And for some reason, the investigator there thought he was talking to an IBM executive. This is some of what he said. ***** One of the individuals that supplies me with information from time to time has uncovered a lot of abuse within the ADS systems, not only here in the United States, but in England and Italy. I talk to this individual on a private bulletin board... We have no ability to come in as an outside investigative or law enforcement agency and do anything about it because, first off, we don't have a complainant. We don't want to step on anybody's toes, but it's been our policy to monitor bulletin boards and phone phreaking activity across the country and advise commercial computer systems and corporations if we do discover certain computers along with the passwords and account numbers being published on the board. We do this on a one on one basis. The GTE Telemail Connection That was my baby, too! As a matter of fact, that's how we came across the ADS system -- through the GTE investigation. [These] people are not just interested in data communications through terminals -- they will leave voice messages on an ADS. We have been slowly uncovering more and more on the ADS in the last two months. The major phase of [the Telemail investigation] was about 20 individuals that we had located and identified and we're looking for indictments on most of them coming down in the next month or two. We're talking about a group of highly organized people that do communicate on a daily basis all the way across the country -- from San Francisco and L.A. to Denver to upstate New York. So we have a core of individuals that we are still looking at that are using your system and then we have this peripheral that we are not as concerned about because they are not part of an out & out conpiracy or an organized network, per se. I know of at least 8 or 10 that are the central figures in this, the carryover from Telemail. And we keep hearing information of other people who are calling in with junk messages--there's no real substance to their messages. Now the reason I know that is that they have included on of my sources of information onto their system and so he gets messages from the other parties. The Communist Connection In a way we're somewhat fortunate that it's 16-year-olds or 26-year-olds as opposed to people from behind the Iron Curtain. It gives us the opportunity to see how these systems work and see if we can plug any loopholes before somebody from a not-friendly nation would try the same thing. I personally fully expect it -- I'm surprised it hasn't happened in the past. It may have. We just haven't caught it. But the kids are a little bit sloppier and they're getting caught...I hate to sound paranoid, but we're supposed to be concerned with the big picture as far as is there anything sensitive in nature. For us within the bureau, sensitive in nature first off means national security and you've got corporate trade secrets and the like that you don't want being distributed. How the FBI Wins Trust and Gets Info The subjects have an ego problem and they love to talk to other individuals about what they are capable of doing and braggin about it. They have a tendency to trade information. Everything is negotiable with them. We have never had to barter away access to systems -- we do it more on the technical information of phone networks, computer systems, and the like to where it's more of a technical information tradeoof as opposed to an access tradeoff. [An example would be the] logon procedure for a PDP-11. You integrate yourself within their confidence and their circle of friends. You feed them a little bit of bait and a lot of times they'll go for it. You enter into a dialogue with them and they end up taking you for a ride. These people are very hungry for technical avenues through which they can communicate. It used to be the personal computer bulletin boards -- public messages that anybody can read. You start finding out that they leave a phone number or address -- and you start finding out who the parties are. There's thousands of these bulletin boards across the country and you narrow in on maybe twenty or so that are the more hardcore bulletin boards that are being used for exchange of illicit information. Then they move from there to an electronic mail service, namely GTE Telemail. They caused fits within Telemail when they decided to get a little bit cocky and see if they could shut down accounts and change passwords of administrators and things like that. From there they have moved one step further to where they are now the same individuals communicating through the ADS systems and they also set up conference calls through the Bell System, so they're not just attacking one particular system or one individual avenue of communciatons -- they try to hit them all. It's an ego trip for all of them. Pen Registers We would put a pen register on the phone line of the individual (suspect) and it would record only the digits dialed on his telephone -- we would not use a full blown wiretap to record his voice. We can only put a pen register on an individual's phone for like, thirty days before we have to go back to a judge an try to get an extension and we try to minimize the use of our electronic surveillance equipment so the public does not think we're the Big Brother of 1984. (laughter) It's coming. Actually, we're already there! (hearty laughter) We have not utilized any pen registers for the specific purposes of going aftr abusers of the ADS systems. First off, we have to have an actual case presented to us or a complaint. It's a roundabout way of doing it, but it's the way that we, in the bureau, have to have somebody outside com to us. Otherwise we can carry on the whole investigation without IBM even being aware that we are monitoring activity on thier system and we don't want to become that secret police, or anything like that. We want to be above board and work with the corporations in the community. Just How Much Trouble Are These Hackers In? On the federal level we can prosecute them for telephone fraud (fraud by wire) if we can determine that the ADS in an ongoing busines operation and that you are being denied your just revenues by them sneaking onto your system and abusing your system. The strictest penalty is a $1000 fine and 5 years in jail for an actual conviction of fraud by wire violation. Those are always lax -- a more common sentence for an adult maybe a year in jail, 18 months, or a fine, sometimes they get probation, or agree to pay back an fraudulent money obtained or for service rendered or whatever to the client company -- it stays on his record for a year, he's on probation for a year and at the end of that, his record is wiped clean. Rarely do they get the maximum penalty. It just doesn't happen. Do Me a Favor Please do not disclose any geographical location because we are kind of unique in that we do not have any other source available in any other part of the coutry that could supply us with information like this. He may be one of 200 people, but if you identify Michigan you identify between 2 or 3 indiviudals and it may burn the source. ***** We'd like to make it clear that we don't intend to do this kind of thing very often, since rumours about certain people being informatns are very common in this business. But this is no rumour. This, friends, is solid fact -- we would not have printed this story if we were'nt able to substantiate the claims it makes, and we had no trouble at all doing that. Our intent is making this information known was not to screw up the FBI's fun (they're really not doing all that much out of the ordinary anyway), but rather to expose a very dangerous individual who goes by the name of Cable Pair (some say his real name is John Maxfield). This person has been posing as an extremely friendly hacker who lives in Detroit and is just bubbling over with technical information in exchange for your secrets. He claims to have been one of the nation's first phreaks, which may or may not be true. He gives out his telephone numbers freely, will do anything to communicate with somebody (like place conference calls on his own private PBX system, provided you give him YOUR phone number), and generally will use anything you say to him against you in the future. Our advice is simple: stay the hell away fromthis person. Even if you haven't done anything wrong yourself, your life can still be made miserable by him if you're even suspected of having contact with wrongdoers. This latest turn of events has saddened us -- we thought Cable Pair would be a promising contributor to this publication and instead we learned a valuable lesson: don't trust anybody. Have fun, Cable Pair. Enjoy yourself. Just don't expect to see any of us over at the Chestnut Tree Cafe with you. You're on your own now. <> SF][G8:ba003.010185 [Courtesy of Sherwood Forest ][ -- (914) 359-1517] -----End of File Call The Works BBS - 1600+ Textfiles! - [914]/238-8195 - 300/1200 - Always Open Call The Works BBS - 1600+ Textfiles! - [914]/238-8195 - 300/1200 - Always Open