Forwarded from: William Knowles <wk@private> http://www.startribune.com/stories/535/4304797.html David Phelps dphelps@private Star Tribune January 7, 2004 Federal authorities said Tuesday they thwarted an extortion plot against Best Buy Co. Inc. by a man who sent the company an e-mail threatening to expose what he claimed were weaknesses in the retailer's computer system unless he was paid $2.5 million. Thomas E. Ray III, a 25-year-old Jackson, Miss., resident, made his first Minnesota court appearance Tuesday before U.S. Magistrate Judge Earl Cudd. He pleaded not guilty and was released on $10,000 bail. Ray faces two felony charges of making extortion threats to damage property or reputation and extortion threats to damage computers. He is being represented by Minneapolis attorney Rick Petry. He was indicted in federal court in Mississippi in mid-December and accused of making a series of threats in October to Richfield-based Best Buy about the security of its BestBuy.com site. No security breaches were made into the system, Best Buy said. Federal investigators became involved after security officials at Best Buy contacted federal authorities about the demands. The Minnesota CyberCrime Task Force also took part in the investigation, as did America Online and Netscape, Internet service providers that Ray used. According to the indictment, Ray made the e-mail demands to Best Buy under the name and Internet address of "Jamie Weathersby, IPC Corp." According to an FBI search warrant, the first e-mail demand came on Oct. 16. It said there was a flaw in Best Buy's Web site that would allow the sender to "review all customer accounts and assume complete ownership of www.bestbuy.com by moving it to another register or server." The e-mail also offered to establish an unspecified business relationship between the sender and Best Buy, adding: "Without your response, we are obligated to share the security hole with the public for their protection. As a result, Best Buy may experience a loss in business, thefts and lawsuits." The search warrant, which had been kept under court seal until this week, said a Best Buy employee attempted to respond to gain more information from the sender but could not locate any firm called IPC Corp. A second e-mail came the next day offering "a step-by-step summary of how we were able to penetrate your Web site" for $2.5 million. If Best Buy did not agree to the deal, the e-mailer said he would list all of Best Buy's customers and their credit card numbers on BestBuy.com. Best Buy then contacted the e-mailer and on Oct. 22 received another demand for $2.5 million. The money would have to be paid by Oct. 24 or Best Buy customer information would be posted online Oct. 27, the e-mailer said. The federal search warrant was obtained the morning of Oct. 24 and allowed the FBI, with Best Buy's cooperation, to use an Internet device known as an Internet Protocol Address Verifier. It contained a program that automatically sent back a response to Best Buy after the company sent a message to the e-mail address. The response allowed investigators to identify Ray as the sender of the e-mail threats, according to the government. Assistant U.S. Attorney Paul Luehr said the address verifier was one of several investigative tools the government used to track Ray down. "It was a tool that helped us confirm that other leads were moving in the same direction," said Luehr, who declined to discuss details of the investigation. Ray faces a maximum of two years in prison and a $250,000 fine for property and reputation extortion. He faces a maximum sentence of five years in prison and a fine of $250,000 for threats to damage computers. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Jan 07 2004 - 06:38:28 PST