[ISN] Alleged WebTV 911 hacker charged with cyberterrorism

From: InfoSec News (isn@private)
Date: Fri Feb 27 2004 - 00:09:14 PST

  • Next message: InfoSec News: "[ISN] Secunia Weekly Summary - Issue: 2004-9"

    By Kevin Poulsen
    Feb 26 2004
    FBI agents arrested a Louisiana man last week under the cyberterrorism
    provisions of the USA PATRIOT Act for allegedly tricking a handful of
    MSN TV users into running a malicious e-mail attachment that
    reprogrammed their set-top boxes to dial 9-1-1 emergency response.
    According to prosecutors, David Jeansonne, 43, was targeting 18
    specific MSN TV users in an online squabble when he crafted the script
    in July 2002, and sent it out disguised as a tool to change the colors
    on MSN TV's user interface. Though the code didn't mass-mail itself to
    others, some of the recipients were sufficiently fooled that they
    forwarded it to friends, for a total of 21 victims.
    Known as WebTV before it was acquired by Microsoft, MSN TV works with
    television set-top boxes to allow users to surf the Web and send and
    receive e-mail without using a PC.
    The boxes connect to the Internet through a local dial-up number. The
    malicious script changed the dial-up to 9-1-1. If a victim didn't go
    online again after being infected, the box would summon help anyway
    when it tried to make an automatic daily call to the network at
    The code also crossmailed itself to the 18 targeted users, so it would
    appear in some cases to have come from someone the victim knew.  
    Additionally, it posted victims' browser histories to a particular
    website, and e-mailed their hardware serial number to the free webmail
    account "timmy@private"
    According to an FBI affidavit filed in the case, Jeansonne was undone
    when cyber sleuths at Microsoft's MSN unit searched e-mail logs and
    found that the "Timmy" account had previously sent beta versions of
    the malware to Jeansonne's MSN TV account. Microsoft pillaged
    Jeansonne's e-mail, and found messages between him and an online
    friend that suggested Jeansonne was responsible for the hack. In
    December, the FBI raided his home and seized his computers.
    Jeansonne is charged under a provision of the federal computer crime
    statute added in the 2001 USA PATRIOT Act, and intended to address
    what the act calls "cyberterrorism." The amended law dispenses with
    the requirement that a computer crime cause at least $5,000 in damage
    to qualify as a federal felony in cases where the attack caused "a
    threat to public health or safety."
    Playing it safe, prosecutors included a second count in the indictment
    charging Jeansonne with causing over $5,000 in damage.
    According to court records, the hack resulted in police responding 10
    times to false alarms at subscribers' homes, either in person, or by
    phoning them back. It's unclear what happened to the other 11 calls to
    In 2000, the FBI issued a public warning about a Windows virus
    circulating in the Houston area that similarly phoned for help though
    victims' modems.
    Jeansonne appeared in federal court in New Orleans last week and was
    released on $25,000 bail. Another court appearance is scheduled for
    Friday. The case is being prosecuted in the San Francisco Bay area,
    where Microsoft's MSN TV unit is based. A company spokesperson said
    nobody was available for comment Thursday. Jeansonne could not be
    reached for comment.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Feb 27 2004 - 04:31:13 PST