Thursday, October 8, 2009

HACKERS-(Kevin Mitnick, Raphael Gray)





















Kevin Mitnick

Born: August 6, 1963 (1963-08-06) (age 46)

Los Angeles, California

Occupation: Computer Consultant, Mitnick Security Consulting, Author



  • is a computer security consultant and author. He was a world-famous controversial computer hacker in the late 20th century, who was, at the time of his arrest, the most wanted computer criminal in United States history.
  • At the age of twelve, he used social engineering to by pass the punchcard system used in the Los Angeles bus system.
  • After a friendly bus driver told him where he could buy his own punch, he could ride any bus in the greater LA area using unused transfer slips he found in the trash.
  • Social engineering became his primary method of obtaining information, whether it be user names and passwords, modem phone numbers or any number of other pieces of data.
  • In high school, he was introduced by "Petronix" to phone phreaking, a method of manipulating telephones, which he often used to evade long distance charges.
  • He also became handy with amateur radios; using radio equipment, He reportedly managed to gain unauthorized access to the speaker systems of nearby fast food restaurants.


  • After a well-publicized pursuit, the FBI arrested him on February 15, 1995 at his apartment in Raleigh, North Carolina, on federal offenses related to a 2½-year computer hacking spree.
  • In 1999, he confessed to four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication, as part of a plea agreement before the United States District Court for the Central District of California in Los Angeles.
  • He was sentenced to 46 months in prison in addition to 22 months for violating the terms of his 1989 supervised release sentence for computer fraud.
  • He admitted to violating the terms of supervised release by hacking into PacBell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Louis De Payne.
  • He served five years in prison, four and a half years pre-trial and eight months in solitary confinement, because law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone".
  • He was released on January 21, 2000. During his supervised release, which ended on January 21, 2003, he was initially restricted from using any communications technology other than a landline telephone. He fought this decision in court, eventually winning a ruling in his favor, allowing him to access the Internet.
  • As per the plea deal, He was also prohibited from profiting from films or books that are based on his criminal activity for a period of seven years.
  • As for now, he runs Mitnick Security Consulting LLC, a computer security consultancy.

Confirmed Criminal Acts

  1. Using the Los Angeles bus transfer system to get free rides
  2. Evading the FBI
  3. Hacking into DEC system(s) to view VMS source code (DEC reportedly spent $160,000 in cleanup costs)
  4. Gaining full admin privileges to an IBM minicomputer at the Computer Learning Center in LA in order to win a bet

Alleged Criminal Acts

  1. Stole computer manuals from a Pacific Bell telephone switching center in Los Angeles
  2. Read the e-mail of computer security officials at MCI Communications and Digital
  3. Wiretapped the California DMV
  4. Made free cell phone calls
  6. Wiretapped FBI agents according to John Markoff,although denied by Kevin Mitnick.

Controversy

  • Kevin Mitnick's criminal activities, arrest, and trial, along with the associated journalism were all controversial.
  • Though Mitnick has been convicted of copying software unlawfully and possession of several forged identification documents, his supporters argue that his punishment was excessive.
  • Mitnick states that he compromised computers solely by using passwords and codes that he gained by social engineering.
  • He claims he did not use software programs or hacking tools for cracking passwords or otherwise exploiting computer or phone security.
  • The case against Mitnick tested the newly enacted laws that had been enacted for dealing with computer crime, and it raised public awareness of security issues involving networked computers.
  • The controversy remains, however, and Mitnick is often used today as an example of the quintessential computer criminal.
  • Supporters of Mitnick have asserted that many of the charges against him were fraudulent and not based on actual losses.

The Story behind of Kevin Mitnick?

  • Kevin Mitnick arrested in Raleigh, N.C. last February was of a 31-year old computer programmer, who had been given a number of chances to get his life together but each time was seduced back to the dark side of the computer world.
  • Kevin David Mitnick reached adolescence in suburban Los Angeles in the late 1970s, the same time the personal computer industry was exploding beyond its hobbyist roots.
  • His parents were divorced, and in a lower-middle-class environment that lacked adventure and in which he was largely a loner and an underachiever, he was seduced by the power he could gain over the telephone network.
  • The underground culture of phone phreaks had already flourished for more than a decade, but it was now in the middle of a transition from the analog to the digital world. Using a personal computer and modem it became possible to commandeer a phone company's digital central office switch by dialing in remotely, and Kevin became adept at doing so.
  • Mastery of a local telephone company switch offered more than just free calls: It opened a window into the lives of other people to eavesdrop on the rich and powerful, or on his own enemies.
  • Mitnick soon fell in with an informal phone phreak gang that met irregularly in a pizza parlor in Hollywood.
  • Much of what they did fell into the category of pranks, like taking over directory assistance and answering operator calls by saying, "Yes, that number is eight-seven-five-zero and a half. Do you know how to dial the half, ma'am?" or changing the class of service on someone's home phone to payphone status, so that whenever they picked up the receiver a recorded voice asked them to deposit twenty cents. But the group seemed to have a mean streak as well.
  • One of its members destroyed files of a San Francisco-based computer time-sharing company, a crime that went unsolved for more than a year -- until a break-in at a Los Angeles telephone company switching center led police to the gang.
  • The case was actually solved when a jilted girlfriend of one of the gang went to the police...
    That break-in occurred over Memorial Day weekend in 1981, when Kevin and two friends decided to physically enter Pacific Bell's COSMOS phone center in downtown Los Angeles. COSMOS, or Computer System for Mainframe Operations, was a database used by many of the nation's phone companies for controlling the phone system's basic recordkeeping functions.
  • The group talked their way past a security guard and ultimately found the room where the COSMOS system was located. Once inside they took lists of computer passwords, including the combinations to the door locks at nine Pacific Bell central offices and a series of operating manuals for the COSMOS system.. To facilitate later social engineering they planted their pseudonyms and phone numbers in a rolodex sitting on one of the desks in the room. With a flourish one of the fake names they used was "John Draper," who was an actual computer programmer also known as the legendary phone phreak, Captain Crunch, the phone numbers were actually misrouted numbers that would ring at a coffee shop pay phone in Van Nuys.
  • The crime was far from perfect, however. A telephone company manager soon discovered the phony numbers and reported them to the local police, who started an investigation. The case was actually solved when a jilted girlfriend of one of the gang went to the police, and Kevin and his friends were soon arrested. The group was charged with destroying data over a computer network and with stealing operator's manuals from the telephone company. Kevin, 17 years old at the time, was relatively lucky, and was sentenced to spend only three months in the Los Angeles Juvenile Detention Center, followed by a year's probation.
  • A run-in with the police might have persuaded most bright kids to explore the many legal ways to have computer adventures, but Mitnick appeared to be obsessed by some twisted vision. Rather than developing his computer skills in creative and productive ways, he seemed interested only in learning enough short-cuts for computer break-ins and dirty tricks to continue to play out a fantasy that led to collision after collision with the police throughout the 1980s. He obviously loved the attention and the mystique his growing notoriety was bringing. Early on, after seeing the 1975 Robert Redford movie Three Days of the Condor, he had adopted Condor as his nom de guerre. In the film Redford plays the role of a hunted CIA researcher who uses his experience as an Army signal corpsman to manipulate the phone system and avoid capture. Mitnick seemed to view himself as the same kind of daring man on the run from the law.
  • After he was released, he obtained the license plate "X HACKER" for his Nissan...
  • His next arrest was in 1983 by campus police at the University of Southern California, where he had gotten into minor trouble a few years earlier, when he was caught using a university computer to gain illegal access to the ARPAnet.
  • This time he was discovered sitting at a computer in a campus terminal room, breaking into a Pentagon computer over the ARPAnet, and was sentenced to six months at the California Youth Authority's Karl Holton Training School, a juvenile prison in Stockton, California.
  • After he was released, he obtained the license plate "X HACKER" for his Nissan, but he was still very much in the computer break-in business.
  • Several years later he went underground for more than a year after being accused of tampering with a TRW credit reference computer; an arrest warrant was issued, but it later vanished from police records without explanation.
  • By 1987, Mitnick seemed to be making an effort to pull his life together, and he began living with a woman who was taking a computer class with him at a local vocational school.
  • After a while, however, his obsession drew him back, and this time his use of illegal telephone credit card numbers led police investigators to the apartment he was sharing with his girlfriend in Thousand Oaks, California.
  • He was convicted of stealing software from the Santa Cruz Operation, a California software company, and in December 1987, he was sentenced to 36 months probation. That brush with the police, and the resultant wrist slap, seemed only increase his sense of omnipotence.
  • In 1987 and 1988, Kevin and a friend, Lenny DiCicco, fought a pitched electronic battle against scientists at Digital Equipment's Palo Alto research laboratory.
  • Mitnick had become obsessed with obtaining a copy of Digital's VMS minicomputer operating system, and was trying to do so by gaining entry to the company's corporate computer network, known as Easynet.
  • The computers at Digital's Palo Alto laboratory looked easiest, so every night with remarkable persistence Mitnick and DiCicco would launch their modem attacks from a small Calabasas, California company where DiCicco had a computer support job.
  • Although Reid discovered the attacks almost immediately, he didn't know where they were coming from, nor did the local police or FBI, because Mitnick was manipulating the telephone network's switches to disguise the source of the modem calls.
    ...he agreed to one year in prison and six months in a counseling program for his computer "addiction."
  • The FBI can easily serve warrants and get trap-and-trace information from telephone companies, but few of its agents know how to interpret the data they provide. If the bad guy is actually holed up at the address that corresponds to the telephone number, they're set. But if the criminal has electronically broken into to the telephone company's local switch and scrambled the routing tables, they're clueless. Kevin had easily frustrated their best attempts at tracking him through the telephone network using wiretaps and traces. He would routinely use two computer terminals each night -- one for his forays into Digital's computers, the other as a lookout that scanned the telephone company computers to see if his trackers were getting close. At one point, a team of law enforcement and telephone security agents thought they had tracked him down, only to find that Mitnick had diverted the telephone lines so as to lead his pursuers not to his hideout in Calabasas, but to an apartment in Malibu. Mitnick, it seemed, was a tough accomplice, for even as they had been working together he had been harassing DiCicco by making fake calls to DiCicco's employer, claiming to be a Government agent and saying that DiCicco was in trouble with the Internal Revenue Service.
  • The frustrated DiCicco confessed to his boss, who notified DEC and the FBI, and Mitnick soon wound up in federal court in Los Angeles. Although DEC claimed that he had stolen software worth several million dollars, and had cost DEC almost $200,000 in time spent trying to keep him out of their computers, Kevin pleaded guilty to one count of computer fraud and one count of possessing illegal long-distance access codes.
  • It was the fifth time that Mitnick had been apprehended for a computer crime, and the case attracted nationwide attention because, in an unusual plea bargain, he agreed to one year in prison and six months in a counseling program for his computer "addiction."
  • It was a strange defense tactic, but a federal judge, after initially balking, bought the idea that there was some sort of psychological parallel between the obsession Mitnick had for breaking in to computer systems and an addict's craving for drugs.
  • After he finished his jail time and his halfway-house counseling sentence for the 1989 Digital Equipment conviction Mitnick moved to Las Vegas and took a low-level computer programming position for a mailing list company. His mother had moved there, as had a woman who called herself Susan Thunder who had been part of Mitnick's phone phreak gang in the early 1980s, and with whom he now became reacquainted.
  • It was during this period that he tried to "social engineer" me over the phone. In early 1992 Mitnick moved back to the San Fernando Valley area after his half-brother died of an apparent heroin overdose. He briefly worked for his father in construction, but then took a job he found through a friend of his father's at the Tel Tec Detective Agency .
  • Soon after he began, someone was discovered illegally using a commercial database system on the agency's behalf, and Kevin was once again the subject of an FBI investigation.
  • In September the Bureau searched his apartment, as well as the home and workplace of another member of the original phone phreak gang. Two months later a federal judge issued a warrant for Mitnick's arrest for having violated the terms of his 1989 probation. There were two charges: illegally accessing a phone company computer, and associating with one of the people with whom he'd originally been arrested in 1981.
  • His friends claimed Mitnick had been set up by the detective firm; whatever the truth, when the FBI came to arrest him, Kevin Mitnick had vanished.
  • His escape, subsequently reported in the Southern California newspapers, made the authorities look like bumblers who were no match for a brilliant and elusive cyberthief.
  • In late 1992 someone called the California Department of Motor Vehicles office in Sacramento, and using a valid law enforcement requester code, attempted to have driver's license photographs of a police informer faxed to a number in Studio City, near Los Angeles. Smelling fraud, D.M.V. security officers checked the number and discovered that it was assigned to a Kinko's copy shop, which they staked out before faxing the photographs. But somehow the spotters didn't see their quarry until he was going out the door of the copy shop. They started after him, but he outran them across the parking lot and disappeared around the corner, dropping the documents as he fled. The agents later determined that they were covered with Kevin Mitnick's fingerprints. His escape, subsequently reported in the Southern California newspapers, made the authorities look like bumblers who were no match for a brilliant and elusive cyberthief.

    Raphael Gray







Born: 1982 (age 26–27)

Clynderwen, Wales, UK


Alias(es); Curador


Conviction(s): Pleaded guilty to theft and hacking offences.


Penalty: 36 months of psychiatric treatment.

  • was just 19 when he hacked computer systems around the world over six weeks between January and February 1999 as part of a multi-million pound credit card mission.
  • He then proceeded to publish credit card details of over 6,500 cards as an example of weak security in the growing number of consumer websites.

  • Gray was able to break into the secure systems using just a £800 computer he bought in his home town Clynderwen, Pembrokeshire, Wales.
  • After publishing the credit card info on his webpages Gray posted on the page that law enforcers would never find him "because they never catch anyone.
  • The police can't hack their way out of a paper bag."
  • He was dubbed the Bill Gates hacker when he sent Viagra tablets to Gates' address and then published what he said was the billionaire's own number.
  • He was tracked down by ex-hacker Chris Davis who was insulted by Gray's "arrogance".
  • It took Davis under a day to find Gray which he then forwarded to the FBI, "The FBI was actually quite easy to deal with, although technically, they didn't really understand what it was I was explaining to them.
  • The local police were also very polite, but they didn't understand it," said Davis.
  • Gray was arrested when FBI agents and officers from the local Dyfed Powys Police turned up at the door of his home, which he shared with his mother and two sisters, in March 1999.The sentencing judge ruled that Gray serve 36 months of psychiatric treatment after hearing evidence that he was suffering from a mental condition which needed medical treatment rather than incarceration.
  • Gray also obtained the credit card particulars of Microsoft founder Bill Gates, and he consequently had a batch of Viagra sent to GatesÂ’ California home. In the end, Gray did not go to jail but was issued a three-year “rehabilitation sentence” for his cybercrime.

















Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)