Read Fatal System Error Online
Authors: Joseph Menn
Tags: #Business & Economics, #General, #Computers, #Security, #Viruses & Malware, #Online Safety & Privacy, #Law, #Computer & Internet, #Social Science, #Criminology
94
would be ruled out forever:
Interviews with PartyGaming sources.
95
IPVG, the Philippines Web company:
According to company documents.
95
into a lawsuit in which he wasn’t a defendant:
A.
Farber & Partners Inc. v. Maynard Hal Garber,
U.S. District Court in Los Angeles.
98
who had quietly been indicted by a state grand jury in Arizona:
Betancourt declined an interview request. As of late 2009, Sacco’s name appeared only in a related forfeiture case. That complaint said that “between approximately March 29, 2005 and April 23, 2007, DEFENDANT SACCO engaged in the following activity: Created, owned, maintained, managed and controlled an offshore based website known as BETCRIS that was designed to accept, record and process gambling transactions.” Under state law, an indictment itself does not become public record if the defendant has not been served with the papers.
100
exactly the same thing two years before:
The author’s
LA Times
article “Fraud Ring Taps Into Credit Data,” on the California-only disclosure, at
http://articles.latimes.com/2005/feb/16/business/fi-hacker16
prompted the fuller admission. The
Times
then reported the prior infiltration, despite denials, and that’s available at
http://attrition.org/dataloss/2005/09/choicepoint04.html
.
101
first appeared in an email group in 1993:
Net pioneer Brad Templeton, now chair of the Electronic Frontier Foundation, gives a brief history of the term “spam” on his personal page,
www.templetons.com/brad/spamterm.html
101
get-rich-quick schemes, and counterfeit pharmaceuticals:
The best account of the trade’s titans is in Brian McWilliams’s book
Spam Kings.
103
disguising the initial source of the mailing:
There was extensive press coverage of SoBig. The paper “Who Wrote SoBig” is available at
www.josephmenn.com/FatalSystemError
.
104
shut down
CSX
passenger trains:
“SoBig Worm Not Slowing Down Yet,”
http://money.cnn.com/2003/08/21/technology/sobig/index.htm
.
104
hated to imagine what the next step would be:
A colorful account of the hunt for the twentieth machine is in a January 2004
Vanity
Fair article, “The Code Warrior.”
105
accordingto Russia’s Kaspersky Labs:
Interview in Moscow with Kaspersky analysts.
106
all traces of the infections:
Interviews with Hypponen and other researchers, law enforcement on the case, and media reports on the charges against Jaschen.
108
directly benefited the makers of Send-Safe:
Sources include “Who Wrote SoBig,” that document’s author, and other researchers. The “bullshit” quote is from a story by Brian McWilliams at
www.oreillynet.com/pub/a/network/2004/11/02/sobig.html
.
108
“I’m very impressed ... ,” he wrote:
According to a copy of the email.
109
the Bagle family of viruses:
Joe Stewart’s “Who Wrote Bagle.”
112
as they became available:
Sources include Frank Eissmann, U.S. agents, and court filings against Gembe, Walker, Ashley, and Echouafni.
114
with more than 35 million identities at risk just that year:
Identity Theft Resource Center report,
www.idtheftcenter.org/artman2/publish/m_press/2008_Data_Breach_Totals_Soar.shtml
.
115
actually earned money from many instances of fraud:
Interviews with banking and retailing executives, among others. See the author’s
LATimes
article “Industry at Odds Over ID Theft Liability,” available at
http://articles.latimes.com/2005/mar/07/business/fi-idtheft7
. The most comprehensive analysis of the culpability of the financial industry in identity theft is by
USAToday
reporters Byron Acohido and Jon Swartz, in their insightful book
Zero Day Threat.
115
harassed by debt collectors after such fraud:
According to the 2003 FTC report, available at
www.josephmenn.com/FatalSystemError
.
116
advisors on the 2005 report:
The author covered the Javelin report’s problems in “Data Brokers Press for U.S. Law” at
http://articles.latimes.com/2005/dec/26/business/fi-idlobby26
.
117
the
Waff StreetJournal,
and elsewhere:
See, for example, “Net Fraud Study,”
http://query.nytimes.com/gst/fullpage.html?res=9AOOE6DD173BF934A15752C0A9639C8B63
.
117 one would expect most theft to occur there:
Interviews with Van Dyke, Greisman, and others.
118
thousands of CheckFree clients:
The hack of CheckFree was reported at
http://voices.washingtonpost.com/securityfix/2008/12/hackers
hijacked_ large_e-bill.html and elsewhere.
122
pushed to bring him aboard:
Sources include Crocker, his CV, and his colleagues.
123
accomplices in Latvia:
Sources for this section include Crocker, Trevor Dickey, and Lyon.
127
when everything was working:
Sources for this section include Ross, Smith, Crocker, Lyon, and a visit to SportingIndex.
129
grumpily sent them back:
Sources for this include Crocker and his former colleagues.
131
those were orchestrated by the FSB:
The bombings leveled four buildings in the middle of the night between September 4 and September 16, 1999, killing 295 a few months ahead of what would be President Vladimir Putin’s election. Putin, plucked from a little-seen position of power in the FSB by outgoing president Boris Yeltsin’s wealthy supporters and named prime minister, seemed destined to lose. Authorities blamed Chechens, Putin attacked, and the populace rallied around the Kremlin and voted in Putin as president. In the increased vigilance that followed the initial bombings, though, a bus driver returning home to a fifth apartment building, in Ryazan, on September 22 noticed a white Lada with a partially obscured license plate parked in front while a woman in the main entryway nervously looked around. He called police, who found a bomb in the basement with a detonator set to go off at 5:30 A.M. They evacuated hundreds from the building in a panic. The local bomb squad defused the device and found it contained hexagen, a hard-to-obtain explosive that the government said had been used in the previous attacks. Using witness descriptions of people seen in and around the Lada, police arrested two suspected terrorists within days. But they produced FSB identification and were ordered released. As questions mounted, the FSB, which had previously congratulated the building residents on escaping certain death, abruptly switched course. On September 24 the agency declared that the apparent bomb had been planted as part of an official training exercise and contained only sugar. The bomb squad’s testing equipment must have malfunctioned. The squad leader explained to journalists why that was impossible, but all the evidence was seized by the FSB. Without access to the bomb materials, there can be no proving what happened. But former
Wall Street Journal
and
New York Times
Moscow correspondent David Satter, in his 2003 book,
Darkness at Dawn,
makes a compelling case that the apartment residents correctly concluded that the FSB had intended to murder everyone in the Ryazan building, and therefore most logically had been behind the four bombings that had already killed hundreds.
131
the one on the Houston machine:
Sources for this and similar sections include Crocker, Russian legal documents, and interviews with Russian law enforcement.
134
“I trust you”:
Sources for the dynamic between Crocker and Yakovlev include Crocker, his colleagues, and people Yakovlev confided in.
135 the world’s third most expensive city:
According to Mercer Human Resource Consulting’s March 2004 Cost of Living Survey.
139
Webmoney funds sent to an account there:
Major sources for this section include Crocker, documents related to the arrests and prosecution, and interviews with Russian law enforcement.
145
Stran had organized DDoS attacks for extortion:
Major sources for this section include Crocker, documents related to the arrests and prosecution, and interviews with Russian law enforcement.
147
most likely from local or national police:
Sources on the RBN include Crocker, others in U.K. and U.S. law enforcement, Jart Armin, Kaspersky Labs, Paul Ferguson, Kim Zenz, and Zenz’s report for VeriSign, “Global Threat Research Report: Russia,” available at
http://cicentre.com/Documents/verisign_idefense_russia_Jan%2007.pdf
.
149
That meant Zet, Milsan, and Bra1n:
Sources include Crocker, Crocker’s colleagues, Russian law enforcement, and Russian and U.K. documents.
151
drove back to the hotel:
Sources include Crocker and Russian law enforcement.
154 every
timeAndymade progress:
Sources for this and following sections include Crocker, Russian law enforcement, Crocker’s former colleagues, and documents related to the investigation.
161
crawled through the Net to collect them:
Interviews with dozens of law enforcement officials, among others.
163
decided to open the site for business:
The dozens of sources on CarderPlanet and Shadowcrew include former FBI Agent E. J. Hilbert.
164
more than 9,000 people had registered:
Among other sources, a federal complaint against Script in
U.S. v. Dmitry Golubov,
U.S. District Court in Los Angeles.
164
Douglas Havard:
Sources for the material on Havard include Dickey, transcripts of Havard’s chats, documents from the British court file, and coverage in the Texas press, including a
Dallas Observer
article at
www.dallasobserver.com/2002-12-26/news/crazy-white-mother/
.
166
“will need services of another person”:
www.crime-research.org/interviews/Interview_carder2/
.
166
antivirus firm McAfee:
Interview with McAfee’s Dmitri Alperovitch.
167
according to someone who worked the case:
Sources on Stepanenko include U.S. law enforcement, the U.S. indictments in San Francisco and New York, and related press releases.
169
“go out and hire them for hacking”:
Additional sources include other FBI and Secret Service agents and those who worked closely with them.
169
Crabb told
Wired.com
:
“Tracking the Russian Scammers,”
www.wired.com/politics/onlinerights/news/2007/01/72605
.
170
David Appleyard:
Sources include the Shadowcrew court file,
U.S.v.Andrew Mantovani
in U.S. District Court in Newark, and law enforcement on the case. There was also extensive media coverage.
171
a Secret Service agent investigating Shadowcrew:
Cavicchia’s downfall was described by those who worked with him, the press, and court papers from
U.S.
v.
Nicolas Lee Jacobsen
in U.S. District Court in Los Angeles.
172
Ashcroft said in a press release:
The October 28 announcement is at
www.usdoj.gov/criminal/cybercrime/mantovaniIndict.htm
.
172
Tyukanovwas never brought to justice:
Interviews with U.S. law enforcement. Andrew Mantovani got less than three years.