[ISN] "Deceptive Duo" suspects hit in FBI raid

From: InfoSec News (isnat_private)
Date: Thu May 16 2002 - 00:13:30 PDT

  • Next message: InfoSec News: "[ISN] Open source review would aid Windows security: Gartner"

    http://news.com.com/2100-1001-914848.html?tag=fd_top
    
    By Robert Lemos 
    Staff Writer, CNET News.com
    May 15, 2002, 6:10 PM PT
    
    update - The FBI has issued search warrants against two former online 
    vandals it believes to be the members of a "patriot" hacking group 
    called the Deceptive Duo. 
    
    As first reported by CNET News.com, agents raided the homes of two
    teenagers earlier this week. The FBI on Sunday seized equipment in
    Florida from The-Rev, a former member of the hacking group Sm0ked
    Crew, according to a friend of the Deceptive Duo hackers.
    
    Separately, the Contra Costa county district attorney's office
    confirmed that agents acting on a warrant issued in the Deceptive Duo
    case confiscated computer equipment from Robert Lyttle, the previously
    convicted pro-Napster defacer, in California on Monday.
    
    The California raid prompted a Wednesday juvenile parole hearing for
    Lyttle, who is now 18. Lyttle has been confined to his home as a
    result of the criminal hearing.
    
    "He has been placed on a higher level of supervision," said a source
    familiar with the proceedings, who asked not to be identified. "He has
    to wear an ankle bracelet, which tells them where he is. If he walks
    away from the house, it sends a signal to the probation department."
    
    The Deceptive Duo has defaced dozens of U.S. government and military
    sites with pro-American messages lambasting the poor security of the
    nation's critical systems. The hacked sites have included those of the
    Defense Department and the Sandia National Laboratories, which is
    associated with the U.S. Department of Energy's National Nuclear
    Security Administration.
    
    No charges have yet been filed against either suspect, said Chris
    Murray, a spokesman for the FBI's Washington Metropolitan Bureau.  
    However, the search warrants and affidavit used in the case have been
    sealed and are not available for public viewing, he said. Because the
    Deceptive Duo hit government and military sites, the case is being
    administered from the Washington D.C. Metropolitan office of the FBI.
    
    An FBI representative in San Francisco confirmed that the bureau had
    issued a search warrant on Monday. A spokesperson for the FBI office
    in Miami Beach, Florida, could not be reached.
    
    Dodie Katague, deputy district attorney for California's Contra Costa
    county, confirmed that Lyttle had appeared in a probation hearing
    Wednesday to discuss how his probation status would be affected by the
    new charges.
    
    "Now that he is an adult--he is 18--we are letting the Feds handle
    it," said Katague. "And he is going to be in a lot more trouble than
    before." Lyttle was convicted of defacing dozens, and perhaps
    hundreds, of Web sites with a pro-Napster message. He is on probation.
    
    Kelly Hallissey, a Las Vegas resident who bills herself as an "online
    mom" to several hackers including the two suspects, said she argued
    with The-Rev and Pimpshiz--Lyttle's online monicker--to stop defacing,
    but they wouldn't.
    
    "They knew that they were going to get caught," she said. Hallissey
    worried that the teenagers would be made an example under new laws
    passed as part of the U.S.A. Patriot Act and maintains that they truly
    thought they were helping the security cause.
    
    "This is their part in helping after 9-11," Hallissey said. "A lot of
    kids they knew went into the service after 9-11. Their skills lie in
    hacking, however. It sounds corny, but they mean it and they believe
    it."
    
    The Deceptive Duo's defacements mimicked a secret agent file. In the
    first hack in late April, the Duo wrote: "We are two U.S. Citizens
    that understand how sad our country's cybersecurity really is. The
    Deceptive Duo's continuous mission is to define the weaknesses that
    lie upon us. Our lives revolve around the use of electronic
    communication, we must protect our formation of controlling technology
    one way or another."
    
    Many security experts have been critical of the tactics employed by
    the duo in the name of helping computer security.
    
    "There are probably better ways to tell people that their security
    sucks," said Dragos Ruiu, an independent security consultant. "In one
    way, it's an excuse to play around, because they probably would have
    done it anyway."
    
    Yet in a previous e-mail interview with CNET News.com, the Deceptive
    Duo said they believed they had already helped the cause of U.S.  
    security.
    
    "There is quite an improvement in security," they wrote. "Because the
    systems we were once able to breach are no longer susceptible to
    attack...Not only are our targets more secure, but we strongly believe
    that witnesses to this entire ordeal will see that everything is a bit
    more realistic. This will force them to act on their own system
    security if so inclined."
    
    Lyttle's attorney, San Francisco-based Omar Figaeroa, believed that
    the 18-year-old hacker will be released in the end.
    
    "When all the facts are in, Robert will be exonerated, because he had
    no criminal intent," he said. "He was acting in good faith."
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu May 16 2002 - 03:36:52 PDT