Arrested

DerEngel

IRL Name: 
Ryan Harris
Biography: 

Project Organizer of TCNiSO, a group specializing in cable modem hacking. On November 2nd, 2009 was charged in Boston with conspiracy and aiding and abetting computer intrusion and wire fraud.

References

Dmitri Galushkevich

IRL Name: 
Dmitri Galushkevich
Biography: 

Dmitri Galushkevich is a Russian hacker living in Tallinn in the Baltic state of Estonia. He was apparently upset over the relocation of a bronze statue commemorating the Russian soldiers who died in Estonia during World War II, and launched one of the largest cyber wars in history in retaliation. Using a botnet of "tens of thousands of compromised computers", he launched DoS attacks against state government, political parties, leading newspapers and financial institutions, effectively putting the entire country in an "internet gridlock". ATM's, websites and government systems were all disabled by the attacks, and some sites were redirected to images of Soviet soldiers and quotations from Martin Luther King about resisting "evil".

Estonia, one of the most "wired" countries in the world and home of the Internet phone-call company Skype, was effectively cut off from the Internet for several days. Estonian officials blamed Russia for the attacks at the time, though it was nearly impossible to trace them back to their sources. Enlisting the help of NATO, they were eventually able to track down Galushkevich in 2007. He was fined the equivalent of $1,600 American dollars for his efforts.

References

Nessun

IRL Name: 
Jason Michael Downey
Biography: 

Nessun, aka Jason Michael Downey is an American hacker from Covington, Ky, and founder of the Rizon IRC network. He ran a botnet consisting of over 6000 compromised PC's to send spam emails and launch DDoS attacks, as well as administered the Yotta-Byte.net server, the alleged origin of a nasty variant of the Agobot worm. The worm disabled anti-virus protection and harvested software keys and user identification to sell on the black market.

On May 25, 2007 as part of Operation: Bot Roast, Downey was charged by the FBI with using a botnet in 2004 to launch Denial-of-service attacks against other computer networks, including rival IRC networks such as IRCHighway.

Downey was sentenced on October 23, 2007 to 12 months in prison and was ordered to pay $21,110 in damages to 3 companies that were affected by his DDoS attacks.

References

Maksik

IRL Name: 
Maksym Yastrzemski
Biography: 

Maksik, aka Maksym Yastrzemski is a Ukrainian hacker linked to nearly every major breach of U.S. retail networks in the past four years. He is well-known in the underground as a top seller of stolen credit and debit card information, and for hacking into at least 12 Turkish banking systems. It has been reported that he earned more than $11 million selling stolen credit and debit card numbers and magstripe swipes from 2004 to 2006 alone. Yastrzemski reportedly held stolen card information from 37 coutries, including Turkey, the United States, Russia, the Netherlands, France, Argentina, Italy, Sweden, China, the Ukraine and Japan.

He was arrested and charged with infiltrating 12 Turkish banking systems, and was sentenced to 30 years.

References

Joybubbles, Whistler

IRL Name: 
Josef Carl Engressia, Jr.
Biography: 

Joybubbles, aka Josef Carl Engressia, Jr., was born in Richmond, Virginia on May 25, 1949 and died August 8, 2007 from natural causes. He was an early phone phreaker, and at five years old, discovered he could dial phone numbers by clicking the hang-up switch, also known as "tapping". At the age of 7, he accidentally discovered that whistling at certain frequencies could activate phone switches, and in the late 1960s, he was given the nickname “Whistler” due to his ability to place free long distance phone calls by whistling the proper tones.

Joybubbles “reverted to his childhood,” in May 1988, and remained there until his death claiming that he was five years old.

He legally changed his name to Joybubbles in 1991.

Pictures: 
References

Black Baron

IRL Name: 
Christopher Pile
Biography: 

Black Baron, aka Christopher Pile, was an English hacker born in 1969. After reading Ross Greenberg's comments about virus authors (which was critical of virus authors and even went as far as calling them 'slime buckets'), he accepted the challenge to write a virus that Greenberg couldn't disarm. In the mid-1990's, he wrote a series of computer viruses using an advanced polymorphic technique he called 'SMEG'. Three variants of SMEG were developed and distributed; Pathogen, Queeg and Smeg 3.

A general description of the methods used in his polymorph engine can be found here, written by Black Baron himself.

References

Coolio

IRL Name: 
Dennis M. Moran
Biography: 

Dennis M. Moran, aka Coolio, is an American hacker who at 17, was accused of a series of smurf attacks that shut down some of the most popular sites on the web, and defaced the websites of DARE and RSA Security. While acknowledging the defacement of DARE and RSA, he flatly denied the DoS attacks on Yahoo, eBay, and others.

He was eventually arrested and plead guilty to the defacement charges, as well as unauthorized access of US Army and Air Force computer systems and was sentenced to 9 months in prison.

Mirrors of the defaced DARE and RSA sites can be found here. The DARE site is particularly amusing.

Pictures: 
References

Kwyjibo, VicodinES, Alt-F11

IRL Name: 
David L. Smith
Biography: 

David L. Smith is author of the Melissa Worm, which was one of fastest spreading viruses of all time. First found in March 1999, it quickly spread to networks the world over, effectively overwhelming private, commercial, government and military computer systems and causing over $80 million in damage.

Pictures: 
References

LSDigital

IRL Name: 
Robert Matthew Bentley
Biography: 

A US-based hacker sentenced to 41 months in jail for breaking into corporate computers in Europe and making them part of a money-generating botnet. In addition, he was ordered to perform three years of supervised release once his prison time is over and to pay $65,000 in restitution, according to federal prosecutors in Pensacola, Florida.

In March, Bentley, who sometimes went by the alias LSDigital, pleaded guilty to two felony counts related to his botnet activities, which inflicted more than $150,000 worth of damage on Newell Rubbermaid. Starting as early as December 2006, Bentley and several unnamed co-conspirators installed customized bots on hundreds of the company’s computers. The malware generated so much traffic on Rubbermaid’s servers that its network stopped functioning.

New infections from the attack were being detected as recently as March, four months after Bentley was arrested. Federal agents continue to investigate the uncharged suspects. At least one of them lived in Philadelphia name unreleased

Federal prosecutors began their case after the Metropolitan Police Computer Crime Unit in London fielded a complaint from Rubbermaid representatives in Europe. According to court documents, Bentley and his cronies generated “thousands of dollars” by installing adware from DollarRevenue.com on the infected machines.

References

Unix Terrorist, Jim Jones, the_ut, zmagic, yu0

IRL Name: 
Stephen Huntley Watt
Biography: 

Stephen Watt is a computer hacker who went by Jim Jones and then Unix Terrorist (the_ut for short). In the late 1990s and early 2000s, that hacker was part of a band of self-proclaimed black hats that opposed the publication of security vulnerabilities and resisted the hacking scene’s shift from recreational network intrusions to legitimate security research. Under the rubric Project Mayhem, the gang managed to hack into the accounts of a number of prominent “white hat” hackers and publish their private files and e-mails. At the 2002 DefCon hacker conference, Watt took the stage with two friends to personally share some of the hacked e-mails.

He was arrested and convicted of writing customized code to help Gonzalez breach networks, including the “blabla” sniffer, which was stored on a server in Latvia and used to steal tens of millions of credit and debit cards from TJX in 2006 and from Dave & Buster’s in 2007. According to court documents, the Secret Service recovered 27.5 million stolen numbers from a server in Ukraine and 16.3 million numbers from a server in Latvia.

The breach cost TJX $200 million according to its 2009 SEC filing.

“I figured out his name years ago, Stephen Huntley Watt, and then the guy wound up getting indicted on the TJ Maxx thing,” says former hacker Kevin Mitnick.

In a profile in Phrack Magazine in 2007, “Unix Terrorist” reflected on the old days:
“Looking back on my involvement in computers, I am very happy that the peak of my activity occurred right during the turn of the 20th century,” he wrote. “Hacking was no longer as simple as manual labor (wardialing, etc.) but finding vulnerabilities and writing exploits and tools was not exactly as tedious and prohibitively time-consuming as it is currently. To say that I would rather commit seppuku than adapt to the challenges of a changing world by auditing code for SQL injection vulnerabilities and client-side browser exploits is not an exaggeration.”

Pictures: 
References
Syndicate content