AOH :: P28-12.TXT

Phrack World News XXVIII Part 4

                                ==Phrack Inc.==

                    Volume Three, Issue 28, File #12 of 12

            PWN                                                 PWN
            PWN        P h r a c k   W o r l d   N e w s        PWN
            PWN        ~~~~~~~~~~~   ~~~~~~~~~   ~~~~~~~        PWN
            PWN               Issue XXVIII/Part 4               PWN
            PWN                                                 PWN
            PWN                 October 7, 1989                 PWN
            PWN                                                 PWN
            PWN          Created, Written, and Edited           PWN
            PWN               by Knight Lightning               PWN
            PWN                                                 PWN

Woman Indicted As Computer Hacker Mastermind                      June 21, 1989
by John Camper (Chicago Tribune)

A federal grand jury indicated a Chicago woman Tuesday for
allegedly masterminding a nationwide ring of computer hackers
that stole more than $1.6 million of telephone and computer
service from various companies.

The indictment charges that Leslie Lynne Doucette, 35, of 6748
North Ashland Ave, and 152 associates shared hundreds of stolen
credit card numbers by breaking into corporate "voicemail"
systems and turning them into computer bulletin boards.

Voicemail is a computerized telephone answering machine.  After a
caller dials the machine's number he punches more numbers on his
telephone to place messages in particular voicemail boxes or
retrieve messages already there.

The indictment charges that the hacker ring obtained more than
$9,531.65 of merchandise and $1,453 in Western Union money orders
by charging them to stolen bank credit card numbers.

It says the group used stolen computer passwords to obtain
$38,200 of voicemail service and stolen telephone credit card
numbers to run up more than $286,362 of telephone service.

But the biggest haul, more than $1,291,362, according to the
indictment, represented telephone service that was stolen through
the use of Private Branch eXchange (PBX) "extender codes."

A PBX system provides internal telephone service within a
company.  If a PBX system is equipped with an extender, a person
can call the PBX system, punch in a code, and dial long distance
at the expense of the company that owns the

The only corporate victims of the alleged fraud named in the
indictment are August Financial Corporation of Long Beach
California, and A-1 Beeper Service of Mobile, Alabama.

Doucette has been held without bond in the Metropolitan
Correctional Center since May 24, when she was arrested on a raid
on her apartment that netted 168 telephone credit card numbers
and 39 extender codes, federal authorities said.  The indictment
does not name any members of the alleged ring, but authorities
said the investigation is continuing.

United States Attorney Anton R. Valukas said the indictment is
the nation's first involving abuse of voicemail.

"The proliferation of computer assisted telecommunications and
the increasing reliance on this equipment by American and
international business create a potential for serious harm," he

Authorities said they discovered the scheme last December after a
Rolling Meadows real estate broker reported that hackers had
invaded his company's voicemail system and changed passwords.

Authorities said they traced the calls into the Rolling Meadows
voicemail system to telephones in private homes in Chicago,
Columbus, Ohio, and suburban Detroit, Atlanta and Boston.

Checks on those phones led them to voicemail systems in companies
around the country, they said.

[For more information see Phrack World News XXVII/Part One and
the article entitled, "Computer Intrusion Network in Detroit,"
dated as May 25, 1989 --KL]

Phreaks Abuse East St. Louis Phone Card
September 24, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ East
St. Louis, IL, a dirt-poor minority suburb of the larger Missouri
city by the same name was victimized for several months by
phreaks without realizing it until the phone bills for a one year
period were audited recently.

According to a recent story in the Belleville, IL
(News-Democrat), the city is being billed for phone calls to
dial-a-porn services and from points as far flung as Florida and

The monthly phone bill for the city of East St. Louis averages
$5000, and over the past year it has included calls to nearly
every state as well as to "900" area adult talk lines.  City
Treasurer Charlotte Moore said the number of questionable calls
in each month's phone bill, which is usually two inches thick,
shows the "need for better policing of phones."

No kidding!  The (News-Democrat) obtained copies of the phone
bill for several months under the Freedom of Information Act, and
set about reviewing the places and people called.  For example,
from March through May of this year, hundreds of dollars in calls
were made from places in Texas, Florida and elsewhere, and
charged to a Calling Card number assigned to the city.

In one instance, a caller in northern Florida made a 288-minute
call to Miami that cost East St. Louis $39.27.  The
(News-Democrat) called the Miami number, and reached a man named
John, who refused to give his last name, and claimed he "...had
never even heard of East St. Louis..."

Calls from one certain number in Houston to places all over the
United States accounted for more than $1000 in charges over
several months.  A man who answered the phone at the Houston
number refused to give his name and refused to discuss the
matter, or explain how his phone might have been used for the
fraudulent calls.

Prior to intervention by the newspaper, the city had done
nothing.  Apparently they were not even aware of the abuse.  On
notification, the local telco cancelled all outstanding PINS, and
issued new ones.  Meanwhile, the city of East St. Louis continues
to plead poverty.  They are barely able to meet payroll for city
employees, and have skipped a couple of paydays at that.  The
city has an extremely poor tax base, and will likely file
bankruptcy in the near future.

The Cuckoo's Egg
October 1, 1989 ~~~~~~~~~~~~~~~~
    The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer
         Espionage by Cliff Stoll, Doubleday, 1989, ISBN
         0-385-24946-2 ($19.95)

          Book Review by Louise Bernikow, Cosmopolitan, October

Here is a first -- the true story of a man who notices a
seventy-five cent discrepancy in a computer's accounting system
and runs the error down until it leads to a real live spy ring.
Even if you don't know a byte from a bagel, this book will grip
you on page one and hold you as ferociously as the best mystery

It is astrophysicist-turned-systems-manager Cliff Stoll's first
week on the job at a lab in Berkeley, California.  The error
turns up, and he tries to figure out why, partly as an exercise
in learning about the computer system he's going to be working
with.  Almost immediately, he discovers that somebody had been
breaking into the computer network using a fake password.  That
discovery leads him to other break-ins in other computers,
including some in military installations.  He alerts the FBI,
which, since he has lost neither half a million dollars nor any
classified information, says, "Go away, kid."

Stoll presses on, sleeping under his desk at night, monitoring
the system -- a hound waiting for the fox to come out in the
open.  There is suspense aplenty, but it's the intensely human,
often funny voice of the man on the trail that makes this book so
wonderful.  Stoll's girlfriend, Martha, a law student, seems like
one smart and delightful cookie, and she puts up with his
obsession pretty well.  In the end, Stoll becomes a national
hero.  The play-by-play is nothing short of fascinating.

                  [I wonder if anyone got those cookies --KL]

Hackwatch Spokesman Charged
October 2, 1989 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Taken from Computing

Self-styled computer security expert Paul Dummett, alias Stuart
Gill, has been charged with making false reports to the Victoria
Police following an investigation into claims he made in the
daily media late in 1988 and early this year.  The articles often
quoted Gill, introducing himself as a spokesman for either
"Hackwatch" or the "DPG monitoring service".

Gill claimed hackers in Australia had gained access codes from
others in the US and lifted $500,000 (US) from the International
Citibank, United States.  Other claims include credit card
numbers had been posted on bulletin boards for BBS users' access;
drugs, including steroids, were being sold using bulletin boards;
evidence of this had been given to the police by informers; and
in response, the police had raided several hackers' homes.  The
police, including the Criminal Investigation Bureau and the Fraud
Squad's Computer Section, repeatedly denied the claims.

Gill had disappeared, but returned again on September 22 and was
charged in the Frankston Magistrates' Court under his real name,
Paul Dummett.  According to court documents, police investigating
Dummett's claims allegedly found Citibank's computer network had
not been illegally accessed on its New York number as Dummett had
claimed.  When Dummett appeared in court his legal aid counsel
Serge Sztrajt applied successfully to adjourn the case until
October 20.  Dummett did not enter a plea.

                                PWN Quicknotes ~~~~~~~~~~~~~~ 1.
                                Hire A Hacker? -- "Some very
                                notable people in the computer
    industry started out as hackers tinkering around in a
    mischievous fashion," Ron Gruner, president of Alliant
    Computer Systems Corporation told Computerworld why he would
    probably hire Robert T. Morris Jr., of Cornell and creator of
    Internet worm.  - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - 2.  Computer Hackers Rip
    Off Corporate 800 Lines -- Computer hackers pride themselves
    on never having to pay for long distance calls.  How do they
    do it?  Sam Daskam, president of Information Security
    Association (ISA), explains:  Hackers call corporate numbers
    until they find one with an automated switchboard.  The
    fingers do not do the walking.  Automatic caller software is
    used.  Then they link their computer to try all combinations
    of three or four-digit numbers until they find one which
    connects them to the company's outside toll or 800 line.
    Once they get a dial tone, they can make calls anywhere at
    the firm's expense.  Taken from the Security Letter 1989.  -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - 3.  900 Service Considered -- There has been
    talk among some companies about switching from using the 800
    toll free numbers to 900 numbers since the ease of use of the
    900 numbers has been shown so vividly.  This would save the
    corporations a large degree of money.  - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 4.
    Grocery Store "Hackers" Sell Drugs And Women -- The VMB
    (voice mailbox) system of a wholesale grocer in Los Angeles
    was commandeered to a small band of "hackers," who used the
    system to run a prostitution ring and disseminate data about
    drugs.  Finally, valid VMB users complained that they could
    not use the service since their passwords were invalidated.
    An investigation disclosed that the "hackers" overrode
    security features and acquired 200 VMBs for their own use.  -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - 5.  Phone Phreaks Busted In Upstate New York
    -- Once again it seems that Syracuse, New York is ripe for
    the picking for law officials to grab hackers involved
    computer related crimes.  In August the Federal
    Communications Commission (FCC) put a local area police
    sergeant in charge of contacting a list of local computer
    users that were using a local long distance service that
    offered national and international calling.

    It seems that one user of the service contacted the company
    about a large bill, $10,000, that he received.  The company
    then put a trap on the code and accumulated a list of
    unauthorized users to that code.  So far the local
    authorities, the state police, and the FBI have been brought
    in on the case.  They have been interviewing those on the
    list and so far most have cooperated fully with the police
    (most offenders are underage).  One user called Gunter has
    even allowed the police to use his computer bbs accounts.
    The service used by those caught (25 people) where to place
    long distance calls to France, Dominican Republic, Kenya, and
    Germany.  The callers also used the service to call locally
    in Syracuse, as one person said that it cleaned up the line
    noise.  - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - 6.  Bulletin Board Scanning Saves
    Boy (August 24, 1989) --Undercover police in San Jose,
    California, have been watching bulletin boards for several
    years, looking for computer users who boast about their
    criminal exploits.  It was such activity that led them to
    Virginians Dean Ashley Lambey, 34, and Daniel T. Depew, 28,
    who have been accused of conspiring to kidnap a young boy to
    be filmed as they molested him and then killed him.  (Article
    by Tracie L. Thompson of the San Francisco Chronicle.) - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - 7.  German Hackers Attempt To End Smoking (August
    29, 1989) -- On Saturday, August 26, 1989, ZDF (the second
    German television station and one of the 2 nationwide
    television channels) asked their viewers whether they thought
    smoking should be banned in public areas.  The viewers could
    reply by telephone, dialing one telephone number for "yes"
    and another telephone number for "no."  Within a time frame
    slot of 14 minutes, 52,942 telephone calls came in, with a
    ratio of 54:46 in favor of prohibiting smoking.  This means
    that 29,669 voted in favor of a prohibition, and 25,273
    opposed it.

    On Monday, August 28, 1989, a group of South German hackers
    claimed to have manipulated the quota by dialing the "yes"
    number with 83 personal computers at a rate of 4 times a
    minute; virtually all of their calls came through so that
    about the maximum of 4,648 "yes" votes came from their
    computers.  These circumstances led to new results in the
    poll: "Yes" = 25,021 and "No" = 25,273, giving the "no" group
    a small majority.

                           Story by Klaus Brunnstein - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- 8.  Immigration Chief Proposes National Computer Screen (June
    1989) --LA JOLLA, CA, -- The Commissioner of Immigration and
    Naturalization, Alan C. Nelson, today proposed a nationwide
    computer system to verify the identities of all job
    applicants in order to halt the widespread use of fraudulent
    documents by illegal aliens seeking jobs.

    Mr. Nelson also suggested standardized identity cards for
    immigrants so as to get fuller compliance with a 1986 law
    prohibiting employment of illegal aliens.

    Creating a national identity card and other ways of checking
    legal status or identity have been repeatedly suggested in
    Congress as tools in fighting unlawful immigration, but have
    also been consistently rejected as potential infringements on
    civil liberties.

    The national computerized database on everybody is one bad
    idea that simply refuses to stay dead, no matter how many
    times we drive a stake through its heart -- if the INS didn't
    resurrect it, the drug czar or the FBI would.  "Eternal

                    Story by Roberto Suro (New York Times) - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - 9.  West German Computer Hackers Accused Of Spying For
    (Aug. 17, 1989) -- Associated Press (Frankfurt) -- Three
    computer hackers, suspected of giving the Soviet Union
    information from military and industrial computers worldwide,
    have been indicted on espionage charges, prosecutors said
    yesterday.  The West German government called the breakup of
    the spy ring, which gave the KGB secret data from 12
    countries, including the United States, "a major blow" to the
    Soviets.  In a four-page statement, Kurt Rebman, the chief
    federal prosecutor, said it was the first time his office had
    prosecuted hackers for endangering national security.  Taken
    from the Boston Globe - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - 10. Challenge To
    Phreaks! (August 31, 1989) -- Nippon Telegraph & Telephone
    Corp. (Tokyo) is offering a $7,000 reward to any person or
    organization that can invade its FEAL-8 private communication
    and data system, according to an Associated Press report that
    NTT America Inc. officials could not confirm.  The reward
    offer supposedly expires 8/31/91.  No telephone number or
    other information was included.  Taken from the Wall Street
    Journal.  - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - 11. Shadow Stalker Loses Out
    (August 7, 1989) -- A 17-year-old Michigan boy has been
    charged with posting stolen long-distance telephone codes on
    a bulletin board system operated in his home.  Brent G.
    Patrick, alias "Shadow Stalker" online, was arraigned this
    week on one count of stealing or retaining a financial
    transaction device without consent.  Patrick was released on
    $2,500 bond, pending his hearing.  The youth faces a maximum
    of four years in prison and a $2,000 fine if convicted.  His
    bulletin board, Wizard Circle, has been closed.  - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - 12. Philadelphia Hackers Change Speed Limit -- Recently
    an unknown hacker got into the computer that controlled the
    speed limit on the Burlington-Bristol Bridge.  He proceeded
    to change the speed limit from 45 m.p.h. to 75 m.p.h. A lot
    of people were stopped and ticketed and judges say they will
    not hear any appeals because, "the public should know better
    than that no matter what the sign says."  The police claim to
    have leads, however this is doubtful.  - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 13.
    Two Story Jump To Escape From Secret Service (July 26, 1989)
    -- Red Rebel, a known hacker in Florida was busted by the
    United States Secret Service and local authorities.  It seems
    that in attempt to to escape he actually jumped out a second
    story window and ran for a while.  The Secret Service
    confiscated two computers and a load of disks.

    To make matters worse, similar to Oryan QUEST, Red Rebel is
    not an American citizen and is likely to be deported.  Red
    Rebel is charged with resisting arrest, interfering with
    evidence, and something concerning credit card fraud.
    Information provided by The Traxster.  - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 14.
    Fraud Alert (September 1989) -- PBX fraud is busting out all
    over.  Long distance carriers are being overwhelmed by
    corporate customers demanding refunds for fraud perpetrated
    on them.  No long distance carrier covers their customer's
    long-term fraud.  If you got fraud you got to pay.  This is
    not like stolen credit cards.  This is real serious stuff.
    Thieves are dialing into 800 INWATS lines and, via auto
    attendants, hacking their way to overseas.  The big calls go
    to drug-related countries, especially Colombia, Pakistan,
    Dominican Republic, and Ecuador.  But no one really knows
    which countries are drug-related and which aren't.  Taken
    from Teleconnect Magazine.  - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - 15. Motorola
    Introduces Network Encryption System (August 4, 1989) --
    Motorola Government Equipment Group (GEG) has introduced its
    Network Encryption System (NES), which features the latest in
    security services for the protection of Local Area Networks
    (LANs).  Designed in accordance with Secure Data Network
    System (SDNS) standards including SDNS electronic key
    management, the NES is a flexible internet security solution
    for Type I applications.

    The NES is unique in COMSEC technology because the protocol
    software is loaded via diskette.  The NES is installed in the
    drop cable between the computer and the transceiver, or as a
    gateway device separating a LAN from a backbone network.  The
    product supports both DoD and ISO internet standards allowing
    protection over wide area networks.

    The initial product accommodates connection to IEEE 802.3 and
    IEEE 802.4 medias.  Motorola Inc. has a Memorandum of
    Agreement with the National Security Agency and anticipates
    product endorsement in the first quarter of next year.  The
    LAN product represents the first of a family of SDNS products
    that will provide complete, interoperable system security
    solutions.  Additional information on the NES can be obtained
    from Joe Marino at (602) 441-5827.  - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - 16. The
    Death of Shadow 2600:  No Accident (July 6, 1989) -- The
    following is a message taken from The Central Office:

                     89Jul06 from fdg @ The Central Office

    all realize WHY a 22 year old died?  It says one thing to me.
    He was killed by some insane ex-CIA types.  Most likely under
    orders from the idiots who tried to prosecute him in 1985.
    This kind of thing is getting more common under President
    Bush.  He ran the CIA, and he is now encouraging the same
    dirty tricks to silence people who cause "problems."  Abbie
    Hoffman was done in the same way.  A small hypodermic full of
    prussic aced.  You will hear about more ex-hippies, yippies,
    and hackers/phreaks dying mysteriously in the foreseeable

    You have been warned.  And who am I to know all this?
    Believe me, friends, I am highly placed in the government.
    You will see more friends die.  You may laugh now, but I
    decided to leave a public message in hopes of saving a few
                           Special Thanks to Epsilon
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17. Legion Of Doom Members Raided In Atlanta (July 21, 1989) --
    The Leftist, The Urvile, and The Prophet, all of the world
    famous hacking group known as the Legion of Doom, were raided
    on July 21, 1989.  The day in question is interesting because
    two years prior, that was the same day that a nationwide
    sweep netted over 80 hackers across the country including
    famous names such as Oryan QUEST, Solid State, and Bill From

    The charges against the LOD members range from toll fraud to
    illegal entry into government computer systems, although as
    it is told, the government systems were entered by the Urvile
    sweep netted over 80 hackers across the country including
    famous names such as Oryan QUEST, Solid State, and Bill From

    The charges against the LOD members range from toll fraud to
    illegal entry into government computer systems, although as
    it is told, the government systems were entered by the Urvile
    and the other two had nothing to do with it.  Currently, all
    three LOD-Atlanta members are still waiting to find out what
    will happen to them as charges have not yet been brought
    against them, very similar to what happened to the hackers in

    It has been said by security personnel at Michigan Bell that
    these LOD busts were a spinoff of the supposed arrest of Fry
    Guy on July 19 for his role in the Delray Beach, Florida
    probation officer scam (detailed last issue).  It is believe
    that he had been working closely with LOD-Atlanta (especially
    The Leftist) and when caught for the probation office scam,
    he got scared and turned over what he knew about LOD.

AOH Site layout & design copyright © 2006 AOH