Read Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground Online
Authors: Kevin Poulsen
Tags: #Technology & Engineering, #Computer hackers, #Commercial criminals - United States, #Commercial criminals, #Social Science, #True Crime, #Computers, #General, #United States, #Criminals & Outlaws, #Computer crimes, #Butler; Max, #Case studies, #Computer crimes - United States, #Biography & Autobiography, #Computer hackers - United States, #Security, #Engineering (General), #Criminology
They were still planning when a white police cruiser zoomed into the garage. It stopped near them and disgorged two uniformed Newport Beach Police Department officers.
Chris’s heart sank. Another bust.
The police booked Chris at the Newport Beach Police Station just down the road from the mall, then searched his car, turning up seventy credit cards and small amounts of Ecstasy and Xanax. Once he was fingerprinted, Chris was ushered into an interrogation room, where Detective Bob Watts handed him a Miranda waiver.
Chris signed and launched into the same basic story that had gotten him out of serious trouble in San Francisco a few years earlier. He promptly admitted his real name and confessed with evident shame to using counterfeit credit cards at Bloomingdale’s and elsewhere. It was the economy, he said. He’d worked in the mortgage industry and was hit hard when the real estate market collapsed. That’s when the head of an Orange County carding ring recruited him to card merchandise for a small percentage of the profits. He was just a mule.
It was a familiar tale to Watts, who’d busted low-level cashers before. It even explained Aragon’s amateurish Bloomingdale’s run—gobbling up
thousands of dollars’ worth of Coach bags at once.
Bloomingdale’s security people didn’t like to upset the store’s customers, so when they had a suspicious one, they normally called Watts or his partner, who’d arrange for a discreet traffic stop on a “vehicle code violation” to check out the suspect away from the store. If the shopper was innocent, they’d never know that Bloomingdale’s had called the cops on them. Chris’s and Shitrit’s behavior, though, was so blatant that the store had no worries that they might be innocent. The security team called the police dispatch desk directly to make sure the men didn’t get out of the parking lot.
But Watts wasn’t buying Chris Aragon’s hard-luck story. He’d been a detective for only eight months but a cop for seven years; the first thing he’d done when Aragon came in was run him through NCIC. He’d seen that Chris’s criminal record stretched back to the seventies, and technically, he was still on probation from his most recent bust in San Francisco—for credit card fraud.
He figured he had a ringleader in his holding cell. He got a search warrant in a hurry and converged with a team of detectives and uniformed cops at the only address he could find for Chris: Trendsetter USA. One look at the baffled faces of the employees as the cops stormed the door told Watts they were innocent. After some questioning, one of the workers mentioned that their boss, Clara, ran an eBay business in the back office.
Watts opened the storage cabinets in back and took inventory:
thirty-one Coach bags, twelve new Canon PowerShot digital cameras, several TomTom GPS navigators, Chanel sunglasses, Palm organizers, and iPods, all new in the box.
Clara walked into the office in the middle of the search and was promptly arrested. In her purse, Watts found several utility bills for an address in Capistrano Beach, all in different names. Clara reluctantly admitted she lived there; her face fell when Watts told her it was his next stop.
With Clara’s house keys and a new search warrant in hand, the detectives arrived at the Aragon home and began their search. In Chris’s home
office, they found an unlocked safe in the closet. Inside were two plastic index-card cases crammed with counterfeit cards. There were more cards in the bedroom, bundled in rubber bands and stashed in the night table. An MSR206 rested on a shelf in the family room, and in the connecting garage, a box of purses sat on the floor next to the fitness machine.
Aside from the dining room and bathrooms, the only space in the house clean of evidence was the boys’ comfortable bedroom. Just two twin beds, side by side, some stuffed animals and toys.
For all his talk about credit card fraud as a victimless crime, Chris had overlooked the two most vulnerable victims of his conduct. They were four and seven, and their dad wasn’t coming home.
hat’s a fed,” Max said, indicating a sedan passing them on the street. Charity glanced skeptically at the Ford. American-made cars were just one of the many things that alarmed Max these days.
Weeks had passed since Chris’s arrest, and reading the press coverage from Orange County, Max couldn’t get over how much evidence the police had found in Aragon’s home. Using Chris’s payout sheets as a road map, the cops had rounded up his entire cashing crew; even Marcus, Chris’s pot grower and errand boy, was busted with a hydroponic dope farm growing in his Archstone apartment. After two weeks of hunting, the police converged on Chris’s credit card factory at Federico Vigo’s office in the Valley, arrested Vigo, and seized the counterfeiting gear. Chris was being held on a million dollars’ bail.
The entire operation had been dismantled piece by piece. They were calling it perhaps the largest identity-theft ring in Orange County’s history.
“Shit, I wonder what kind of records he kept on all that,” Max later wrote The3C0rrupted0ne. “I mean, if he was sloppy enough to have equipment at his house.”
Max had already ditched his prepaid cell phone and instituted a “security ban” on his former partner’s Carders Market account. They were routine precautions—he was largely unconcerned about the bust at first; it
was, after all, just a state case. Chris had been caught red-handed at the W, too, and that time he walked away with probation.
But as the weeks passed with Chris still in jail, Max started to worry. He was noticing strange cars parked on his street—an animal control van aroused his suspicion so much he got out a flashlight to peer in the windows. Then a San Francisco FBI agent called him out of the blue to inquire about Max’s long-dead arachNIDS database.
Max decided to invest in a rope ladder; he kept it by the back window of the apartment he shared with Charity, in case he had to get out fast.
He’d pause every now and then to reflect on his freedom—here he was, enjoying life, hacking, while at that very moment Chris was in a jail cell in Orange County.
Max picked a random San Francisco criminal defense attorney from the yellow pages, walked into his office, and handed over a pile of cash; he wanted the lawyer to travel to Southern California to check on Chris and see if there was anything he could do. The attorney said he’d look into it, but Max never heard back from him.
It was then that
Max finally learned about Giannone’s bust from a news article about Brett Johnson’s life as an informant. Max had lost track of Giannone, and for all his hacking, Max had never thought to run the names of his associates through the public federal court website. The news that Giannone had lost a criminal trial worried him.
“Of all the rat snitch piece of shit motherfuckers out there, Giannone is the closest to being able to finger me for the feds,” he confided in a post to the private administrators’ forum on Carders Market. “The little dipshit might actually be able to get the feds close to me.”
Max uprooted from Fox Plaza, hiding his equipment at home until he was set up with a new sanctuary. On June 7, he picked up the keys at the Oakwood Geary, another corporate apartment building carved out of gleaming marble in the Tenderloin. He was “Daniel Chance” now, just another displaced software drone relocating to the Bay Area. The real
Chance was fifty years old and bearded, while Max was clean shaven with long hair—but the fake driver’s license and genuine money order were enough to get him in.
The next evening, Max checked out a red Mustang from his neighborhood Zipcar and packed it with his computer gear. For all his paranoia, he didn’t notice the Secret Service agents tailing him on the drive to the Oakwood and watching from the street as he moved into his new safe house.
A month later, Max jolted awake, shot upright in bed, and blinked into the darkness of the flat. It was just Charity; she had crawled into bed next to him, trying in vain not to wake him.
He was growing jumpier every day.
“Sweetie, you can’t keep doing this,” Charity murmured. “You may not realize it, but I realize it. I can see it. You’re getting too sucked into it mentally. You’re losing focus of who you are and what you’re doing.”
“You’re right,” he said. “I’m done.”
A lot of time had passed since his last prison term, he thought. Maybe he could find honest work again. NightFox had already offered him a legitimate job in Canada, but he’d turned it down. He couldn’t bring himself to leave Charity. He’d been contemplating marriage, playing with the idea of luring her to Las Vegas on a vacation and popping the question there. She was fiercely independent, but she couldn’t argue that he hadn’t given her space.
It was time, he decided, for Max Vision, white hat, to return. It would be official. He visited the San Francisco courthouse and filled out the necessary paperwork. On August 14,
a judge approved his legal name change from Max Butler to Max Ray Vision.
He already had an idea for a new website that could catapult him back into the white-hat scene: a system for disclosing and managing zero-day vulnerabilities. He could seed it with the security holes he was
privy to in the underground, bringing the exploits into the white-hat world like a defector crossing Checkpoint Charlie with a suitcase full of state secrets.
But after all his work making Carders Market the top crime forum in the English-speaking world, he couldn’t bring himself to just abandon it.
Max returned to his safe house. It was August, and the heat was back—the temperature topped 90 degrees outside, and higher in his studio. His CPU was threatening to burn itself alive. He turned on his fans, sat at his keyboard, and began the work of phasing out his Digits and Aphex identities.
He logged on to Carders Market and, as Digits, posted a note that he was shunting his dumps vending to Unauthorized, one of his admins. Then, as Aphex, he announced that he was retiring from carding and was selling Carders Market. He let the announcement sit for a few minutes and then took down the site. When he brought it back up, Achilous, one of his administrators in Canada, was in charge. Max created a new, generic handle for himself, “Admin,” to help Carders Market’s new kingpin during the transition.
He was still working on his exit strategy when an instant message popped up on his screen. It was from Silo, the Canadian carder who was always trying, and failing, to hack him. Max had tracked him down and identified him as Lloyd Liske in British Columbia. He suspected Liske was an informant.
The note was odd, a long sentence about newbies making dumb mistakes. But
Silo had hidden a second message within it by strategically capitalizing nine of the letters.
They spelled out “MAX VISION.”
A guess
, Max thought.
Silo couldn’t possibly know anything
.
It was just a guess
.
• • •
The day after Max announced his retirement, Secret Service agent Melissa McKenzie and a federal prosecutor from Pittsburgh flew to California to tie up some loose ends.
The investigation was nearly complete. The Secret Service had gotten ahold of Digits’s e-mail from a contact at the Vancouver Police Department—Silo’s handler. Max had been using a Canadian-based webmail provider called Hushmail that provides high-security encryption, using a Java applet that decrypts a customer’s messages right on his own PC instead of the company’s server. In theory, the arrangement ensures that even Hushmail can’t get at a customer’s secret key or incoming e-mail messages.
The company openly marketed the service as a way to circumvent FBI surveillance.
But, like e-gold, Hushmail was another formerly crime-friendly service now being mined by law enforcement. U.S. and Canadian agencies had been winning special orders from the Supreme Court of British Columbia that
forced Hushmail officials to sabotage their own system and compromise specific surveillance targets’ decryption keys. Now the feds had Max’s e-mail.
At the same time, the agency had located Tea living in Berkeley serving a probation sentence—it turned out she’d been caught using Aragon-produced gift cards at the Emeryville Apple Store months earlier.
It was supposed to be a training run for one of Chris’s new recruits, but Tea had never cashed before, and when she impulsively added a PowerBook to her iPod purchase, she was arrested along with the trainee. Eager to avoid more trouble, she’d told the Secret Service everything she knew.
Meanwhile, the Secret Service had begun sporadic physical surveillance of Max. From Werner Janer’s proffers, Mularski had learned that Max had a girlfriend named Charity Majors. Public records provided her address, and a subpoena of her bank records showed she had a joint account with Max. The Secret Service staked out the house and eventually trailed Max to the Oakwood Geary.
Electronic surveillance confirmed that Max was operating from the Oakwood. The FBI had won a secret court order letting them electronically monitor the IP addresses connecting to Carders Market’s false front at a U.S. hosting company—the modern equivalent of taking down the license plates outside a mob hangout. Several traced back to broadband subscribers living within a block of the corporate apartment complex and running Wi-Fi.