Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier (24 page)

BOOK: Underground: Tales of Hacking, Madness and Obsession from the Electronic Frontier
12.06Mb size Format: txt, pdf, ePub

Phoenix from Australia.

_________________________________________________________________

Chapter 5 -- The Holy Grail
_________________________________________________________________

So we came and conquered and found

riches of Commons and Kings

-- from ‘River Runs Red’, on Blue Sky Mining by Midnight Oil There it was, in black and white. Two articles by Helen Meredith in The Australian in January 1989.2 The whole Australian computer underground was buzzing with the news.

The first article appeared on 14 January:

Citibank hackers score $500,000

An elite group of Australian hackers has lifted more than $US500,000 ($580,000) out of America’s Citibank in one of the more daring hacking crimes in Australia’s history.

Australian federal authorities were reported late yesterday to be working with American authorities to pin down the Australian connection involving hackers in Melbourne and Sydney.

These are the elite ‘freekers’ of white collar crime ...

The Australian connection is reported to have used a telephone in the foyer of Telecom’s headquarters at 199 William Street in Melbourne to send a 2600-hertz signal giving them access to a trunk line and ultimately to a managerial access code for Citibank.

Sources said last night the hackers had lifted $US563,000 from the US bank and transferred it into several accounts. The money has now been withdrawn ...

Meanwhile, Victorian police were reported yesterday to be systematically searching the homes of dozens of suspects in a crackdown on computer hackers ...

An informed source said Criminal Investigation Bureau officers armed with search warrants were now searching through the belongings of the hacking community and expected to find hundreds of thousands of dollars of goods.

An informed source said Criminal Investigation Bureau officers armed with search warrants were now searching through the belongings of the hacking community and expected to find hundreds of thousands of dollars of goods.

The second article was published ten days later: Hackers list card hauls on boards

Authorities remain sceptical of the latest reports of an international hacking and phreaking ring and its Australian connection.

Yesterday, however, evidence continued to stream into the Melbourne based bulletin boards under suspicion ...

In the latest round of bulletin board activity, a message from a United States hacker known as Captain Cash provided the Australian connection with the latest news on Australian credit cards, provided by local hackers, and their illegal use by US hackers to the value of $US362 018 ($416112).

The information was taken from a computer bulletin board system known as Pacific Island and used actively by the Australian connection.

The message read: ‘OK on the 5353 series which we are closing today--Mastercard $109 400.50. On the 4564 series--Visa which I’ll leave open for a week

$209417.90. And on good old don’t leave home without someone else’s: $43 200.

‘Making a grand total of

$362018.40!

‘Let’s hear it for our Aussie friends!

‘I hear they are doing just as well!

‘They are sending more numbers on the 23rd! Great!

‘They will be getting 10%

as usual...a nice bonus of

$36 200.00!’

The bulletin board also contained advice for phreakers on using telephones in Telecom’s 199 William Street headquarters and the green phones at Spencer Street Station in Melbourne--to make free international calls ...

Phoenix, another local bulletin board user, listed prices for

‘EXTC’- tablets ...

Late Friday, The Australian received evidence suggesting a break-in of the US Citibank network by Australian hackers known as The Realm

...

The gang’s US connection is believed to be based in Milwaukee and Houston. US Federal authorities have already raided US hackers involved in Citibank break-ins in the US.

A covert operation of the Bureau of Criminal Intelligence has had the Australian connection under surveillance and last week took delivery of six months’ of evidence from the Pacific Island board and associated boards going by the name of Zen and Megaworks ...

The Australian hackers include a number of Melbourne people, some teenagers, suspected or already convicted of crimes including fraud, drug use and car theft. Most are considered to be at the least, digital voyeurs, at worst criminals with a possible big crime connection.

The information received by The Australian amounts to a confession on the part of the Australian hackers to involvement in the break-in of the US Citibank network as well as advice on phreaking

... and bank access.

The following is taken directly from the bulletin board ... It was stored in a private mailbox on the board and is from a hacker known as Ivan Trotsky to one who uses the name Killer Tomato:

‘OK this is what’s been happening ...

‘While back a Sysop had a call from the Feds, they wanted Force’s, Phoenix’s, Nom’s, Brett Macmillan’s and my names in connection with some hacking The Realm had done and also with some carding meant to have been done too.

‘Then in the last few days I get info passed to me that the Hack that was done to the Citibank in the US which has led to arrests over there also had connections to Force and Electron ...’

DPG monitoring service spokesman, Mr Stuart Gill, said he believed the Pacific Island material was only the tip of the iceberg.

‘They’re far better organised than the police,’ he said.

‘Unless everyone gets their act together and we legislate against it, we’ll still be talking about the same things this time next year.’

Yesterday, the South Australian police started an operation to put bulletin boards operating in that state under surveillance.

And in Western Australia, both political parties agreed they would proceed with an inquiry into computer hacking, whoever was in government.

The Victoria Police fraud squad last week announced it had set up a computer crime squad that would investigate complaints of computer fraud.

The articles were painful reading for most in the computer underground.

Who was this Captain Cash? Who was the Killer Tomato? Many believed they were either Stuart Gill, or that Gill had forged messages by them or others on Bowen’s board. Was the underground rife with credit card frauders? No. They formed only a very small part of that community.

Had the Melbourne hackers stolen half a million dollars from Citibank?

Absolutely not. A subsequent police investigation determined this allegation to be a complete fabrication.

How had six months’ worth of messages from PI and Zen found their way into the hands of the Victoria Police Bureau of Criminal Intelligence?

Members of the underground had their suspicions.

To some, Stuart Gill’s role in the underground appeared to be that of an information trader. He would feed a police agency information, and garner a little new material from it in exchange. He then amalgamated the new and old material and delivered the new package to another police agency, which provided him a little more material to add to the pot. Gill appeared to play the same game in the underground.

A few members of the underground, particularly PI and Zen regulars Mentat and Brett MacMillan, suspected chicanery and began fighting a BBS-based war to prove their point. In early 1989, MacMillan posted a message stating that Hackwatch was not registered as a business trading name belonging to Stuart Gill at the Victorian Corporate Affairs office. Further, he stated, DPG Monitoring Services did not exist as an official registered business trading name either.

MacMillan then stunned the underground by announcing that he had registered the name Hackwatch himself, presumably to stop Stuart Gill’s media appearances as a Hackwatch spokesman.

Many in the underground felt duped by Gill, but they weren’t the only ones. Soon some journalists and police would feel the same way. Stuart Gill wasn’t even his real name.

What Gill really wanted, some citizens in the underground came to believe, was a public platform from which he could whip up hacker hype and then demand the introduction of tough new anti-hacking laws. In mid-1989, the Commonwealth Government did just that, enacting the first federal computer crime laws.

It wasn’t the journalists’ fault. For example, in one case Helen Meredith had asked Gill for verification and he had referred her to Superintendent Tony Warren, of the Victoria Police, who had backed him up. A reporter couldn’t ask for better verification than that.

And why wouldn’t Warren back Gill? A registered ISU informer, Gill also acted as a consultant, adviser, confidant and friend to various members of the Victoria Police. He was close to both Warren and, later, to Inspector Chris Cosgriff. From 1985 to 1987, Warren had worked at the Bureau of Criminal Intelligence (BCI). After that, he was transferred to the Internal Investigations Department (IID), where he worked with Cosgriff who joined IID in 1988.

Over a six-month period in 1992, Tony Warren received more than 200

phone calls from Stuart Gill--45 of them to his home number. Over an eighteen-month period in 1991-92, Chris Cosgriff made at least 76

personal visits to Gill’s home address and recorded 316 phone calls with him.3

The Internal Security Unit (ISU) investigated corruption within the police force. If you had access to ISU, you knew everything that the Victoria Police officially knew about corruption within its ranks. Its information was highly sensitive, particularly since it could involve one police officer dobbing in another. However, a 1993 Victorian Ombudsman’s report concluded that Cosgriff leaked a large amount of confidential ISU material to Gill, and that Warren’s relationship with Gill was inappropriate.4

When Craig Bowen (aka Thunderbird1) came to believe in 1989 that he had been duped by Gill, he retreated into a state of denial and depression. The PI community had trusted him. He entered his friendship with Gill a bright-eyed, innocent young man looking for adventure. He left the friendship betrayed and gun-shy.

Sad-eyed and feeling dark on the world, Craig Bowen turned off PI and Zen forever.

[ ]

Sitting at his computer sometime in the second half of 1989, Force stared at his screen without seeing anything, his mind a million miles away. The situation was bad, very bad, and lost in thought, he toyed with his mouse absent-mindedly, thinking about how to deal with this problem.

The problem was that someone in Melbourne was going to be busted.

Force wanted to discount the secret warning, to rack it up as just another in a long line of rumours which swept through the underground periodically, but he knew he couldn’t do that. The warning was rock solid; it had come from Gavin.*

The way Force told it, his friend Gavin worked as a contractor to Telecom by day and played at hacking at night. He was Force’s little secret, who he kept from the other members of The Realm. Gavin was definitely not part of the hacker BBS scene. He was older, he didn’t even have a handle and he hacked alone, or with Force, because he saw hacking in groups as risky.

As a Telecom contractor, Gavin had the kind of access to computers and networks which most hackers could only dream about. He also had good contacts inside Telecom--the kind who might answer a few tactfully worded questions about telephone taps and line traces, or might know a bit about police investigations requiring Telecom’s help.

Force had met Gavin while buying some second-hand equipment through the Trading Post. They hit it off, became friends and soon began hacking together. Under the cover of darkness, they would creep into Gavin’s office after everyone else had gone home and hack all night.

At dawn, they tidied up and quietly left the building. Gavin went home, showered and returned to work as if nothing had happened.

Gavin introduced Force to trashing. When they weren’t spending the night in front of his terminal, Gavin crawled through Telecom’s dumpsters looking for pearls of information on crumpled bits of office paper. Account names, passwords, dial-up modems, NUAs--people wrote all sorts of things down on scrap paper and then threw it out the next day when they didn’t need it any more.

According to Force, Gavin moved offices frequently, which made it easier to muddy the trail. Even better, he worked from offices which had dozens of employees making hundreds of calls each day. Gavin and Force’s illicit activities were buried under a mound of daily legitimate transactions.

The two hackers trusted each other; in fact Gavin was the only person to whom Force revealed the exact address of the CitiSaudi machine. Not even Phoenix, rising star of The Realm and Force’s favoured protégé, was privy to all the secrets of Citibank uncovered during Force’s network explorations.

Force had shared some of this glittering prize with Phoenix, but not all of it. Just a few of the Citibank cards--token trophies--and general information about the Citibank network. Believing the temptation to collect vast numbers of cards and use them would be too great for the young Phoenix, Force tried to keep the exact location of the Citibank machine a secret. He knew that Phoenix might eventually find the Citibank system on his own, and there was little he could do to stop him. But Force was determined that he wouldn’t help Phoenix get himself into trouble.

The Citibank network had been a rich source of systems--something Force also kept to himself. The more he explored, the more he found in the network. Soon after his first discovery of the CitiSaudi system, he found a machine called CitiGreece which was just as willing to dump card details as its Saudi-American counterpart. Out of fifteen or so credit cards Force discovered on the system, only two appeared to be valid. He figured the others were test cards and that this must be a new site. Not long after the discovery of the CitiGreece machine, he discovered similar embryonic sites in two other countries.

Force liked Phoenix and was impressed by the new hacker’s enthusiasm and desire to learn about computer networks.

Force introduced Phoenix to Minerva, just as Craig Bowen had done for Force some years before. Phoenix learned quickly and came back for more. He was hungry and, in Force’s discerning opinion, very bright.

Other books

Days of Heaven by Declan Lynch
Emissary by Fiona McIntosh
To Honor by Krieger, D.F.
The Start-Up by Hayes, Sadie
The Nightmare by Lars Kepler
Cara Darling by Destiny Blaine
Bitter Harvest by Sheila Connolly
Siberius by Kenneth Cran
Matilda Wren by When Ravens Fall