---------- Forwarded message ---------- Date: Thu, 12 Jun 2003 20:52:22 -0400 (EDT) From: security curmudgeon <jerichoat_private> To: defaced-commentaryat_private Subject: [defaced-commentary] Guilty plea in Al-Jazeera site hack Guilty plea in Al-Jazeera site hack By Robert Lemos Staff Writer, CNET News.com June 12, 2003, 12:30 PM PT http://news.com.com/2100-1002-1016447.html A central California man plead guilty Thursday to two charges stemming from an attack on the Web site of the Arab news service Al-Jazeera during the early days of the Iraq conflict. In a plea agreement with the U.S. Attorney's office for the Central District of California, John William Racine II, a 24-year-old Web designer, admitted to tricking VeriSign subsidiary Network Solutions into giving him ownership of the aljazeera.net domain. Racine said he then redirected visitors to that Internet address to another site, where they were greeted by an American flag and the phrase "Let freedom ring." The Norco, Calif., resident turned himself in to FBI agents on March 26, according to the plea agreement. "Racine gained control of the aljazeera.net domain name by defrauding Network Solutions, where Al-Jazeera maintained an account for its domain name and e-mail services," the U.S. Attorney's office said in a statement. Racine, also known as "John Boffo," used a false photo identification card and forged signature to impersonate an Al-Jazeera systems administrator and get control of Al-Jazeera's account, according to the plea agreement. In doing so, he gained control of where any data sent to aljazeera.net--including Web page requests and e-mail--ultimately ended up. The actual defacement appeared on a free Web site service provided by NetWorld Connections. Technically known as a "redirect," the hack caused Web browsers that attempted to go to www.aljazeera.net--as well as the English-language site, english.aljazeera.net--to be surreptitiously redirected to the content hosted on NetWorld's servers and see the American flag instead. For an entire week in late March, Al-Jazeera had to contend with technical problems and hackers that caused the site to be unavailable as often as not. The Arabic and English news service, based in Doha, Qatar, found itself the focus of controversy during the war in Iraq for its coverage of the conflict. Opponents charged the Arab news group with bias, but many others have tuned into the young network's TV broadcasts and Web site for an alternative view of the issues surrounding the war and America's occupation of the Middle Eastern country. Al-Jazeera also had to face its reporters being barred from the New York Stock Exchange and the Nasdaq after the Pentagon criticized the news agency coverage of the war. Some U.S. officials commented that pictures and video that showed prisoners of war and dead American soldiers violated the Geneva Conventions on the treatment of captured soldiers and casualties. The plea agreement states that on March 24, after the initial verbal salvos between U.S government officials and Al-Jazeera, Racine searched the Internet and found that Muhammed Jasim AlAli was listed as the administrative contact for the Arab news service's Internet domain, aljazeera.net. He then created an account on Microsoft's Hotmail and impersonated AlAli in telephone messages and e-mail to VeriSign, claiming that he needed to have the account password changed. Unable to answer a challenge question by a VeriSign employee, he said he would call back later. Racine then created a false photo identification card with the name "Mohammed Jasim AlAli" and forged an authorization form that requested VeriSign change the password. He sent the documents to VeriSign subsidiary Network Solutions and followed up with a telephone call. Based on that documentation and the phone call, VeriSign changed the password on March 25, the plea agreement stated. On March 27, after the defacement gained media attention, VeriSign suspended the Al-Jazeera account. By then, Racine had already contacted the FBI and provided the agency with evidence of what he had done, the plea agreement stated. Racine "admitted that he knew his conduct was unlawful and voluntarily provided the documents and information to the FBI to assist in its criminal investigation," the agreement said. Racine could have faced up to 25 years in prison and a fine of $500,000. However, the U.S. Attorney's office has agreed to request a much lighter sentence: three years of probation and 1,000 hours of community service. The ultimate decision on the sentence, however, resides with the judge. Racine signed the plea agreement on Thursday, said the U.S. Attorney's office. He will be arraigned in court Monday. VeriSign couldn't immediately comment on the case. - The information and commentary is Copyright 2003, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. Commentary Archive: http://www.attrition.org/security/commentary/ The Attrition Mirror: http://www.attrition.org/mirror/attrition/ Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html Contacting Attrition Staff: staffat_private To subscribe to Defaced Commentary, send mail to majordomoat_private with "subscribe defaced-commentary" in the BODY of the mail (without quotes). To unsubscribe, include "unsubscribe defaced-commentary" in the BODY of the mail. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 13 2003 - 03:44:21 PDT