[ISN] Charges filed in 'Deceptive Duo' hacks

From: InfoSec News (isn@private)
Date: Mon May 03 2004 - 00:33:06 PDT

  • Next message: William Knowles: "[ISN] Network Card Theft Causes Internet Outage"

    http://www.securityfocus.com/news/8559
    
    By Kevin Poulsen
    SecurityFocus 
    May 3 2004 
    
    A Florida man has been charged in federal court in Washington DC for
    his alleged role as one-half of the high-profile hacking team "The
    Deceptive Duo," responsible for defacing dozens of governmental and
    private Web sites with patriotically-themed messages exhorting the
    U.S. to shore up cyber defenses.
    
    Benjamin Stark, 22, faces a single count of breaking into and damaging
    computers in concert with an "unnamed individual" in the spring of
    2002. A second unrelated count accuses him of trafficking in stolen
    credit card numbers a year earlier. The charges are in the form of an
    "information," rather than an indictment, which legal experts say
    telegraphs that Stark has likely entered into a plea agreement with
    prosecutors. A spokesman for the U.S. Attorney's Office in Washington
    declined to comment on the case. Reached by telephone, Stark referred
    inquiries to his mother, who also declined comment.
    
    The Deceptive Duo first drew public attention in April 2002 for
    cracking government websites and defacing them with a patriotic
    "mission outline" in which they described themselves as anonymous U.S.  
    citizens determined to save the country from cyberterrorists by
    exposing security holes in critical infrastructures. "Tighten the
    security before a foreign attack forces you to," the Duo's defacements
    typically read. "At a time like this, we cannot risk the possibility
    of compromise by a foreign enemy." Accompanying the text was the
    group's logo: two handguns against the backdrop of a tattered American
    flag.
    
    Among their earliest hacks, the pair defaced a Federal Aviation
    Administration (FAA) server and posted samples from an FAA database
    detailing passenger screening activity at various U.S. airports in the
    year 2000, with each screener's name, the number of passengers he or
    she screened, and the number of guns, explosives or chemicals
    intercepted. At the time, the FAA downplayed the sensitivity of the
    database, claiming that it had been prepared for Congress, and was
    therefore public information. But in the charges against Stark filed
    earlier this month, prosecutors describe the list as a "sensitive
    database."
    
    The Deceptive Duo's campaign came to an abrupt end in May 2002, less
    than three weeks after it began, when FBI and Defense Department
    investigators raided Stark's home, and searched the California home of
    then 18-year-old Robert Lyttle, who was already on juvenile probation
    for an earlier Web site defacement spree. Using the handle "Pimpshiz,"  
    Lyttle had replaced some 200 Web pages with electronic graffiti
    supporting Napster.
    
    In early March, Lyttle said he expected to face federal charges in
    Northern California for some of the Deceptive Duo hacks, but that his
    case had been delayed when his prosecutor was reassigned. On Friday
    his attorney, Omar Figuroa, said he wasn't troubled by the prospect of
    Stark making a plea deal, even if it turns out he's rolling over on
    his former partner. "What's Ben going to say, that they hacked into
    the systems? Sure. But Robert has a great necessity defense," says
    Figuroa, who's argued that the Deceptive Duo's hacking was aimed at
    preventing terrorist attacks on the information infrastructure. "I'm
    confident that Robert would be completely exonerated if charges were
    filed."
    
    The Washington DC case charges Stark with a single felony for 10 of
    the Deceptive Duo's alleged intrusions. The U.S. government agencies
    listed as victims are the Federal Aviation Administration, the
    Department of Transportation's Federal Highway Administration, the
    Defense Logistics Agency, the Department of Defense's Health Affairs
    office, the Department of Energy's Sandia National Lab, the Naval Air
    Systems Command, and the Air Force Publishing Office. Two private
    companies are also listed: Dynamic Systems Inc., and Wisconsin-based
    Midwest Express.
    
    Bundled into the same offense is the 2001 defacement of a U.S. Army
    Corp of Engineers website under Stark's pre-Deceptive Duo moniker,
    "The-Rev." A second charge accuses Stark of another solo mission:  
    allegedly selling a bundle of 447 stolen credit card numbers in an IRC
    chat room for $250 in June 2001.
    
    Each of the Deceptive Duo intrusions allegedly resulted in financial
    damage ranging from about $1,000 to $15,000 each, except for the
    Midwest Express hack, which cost the company $57,500, the government
    claims. In some intrusions, the pair gained access to personal
    identifiable information like passport and social security numbers.
    
    Stark is scheduled to enter a plea on May 19th.
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Mon May 03 2004 - 05:22:38 PDT