Incidents

Matthew Byrne2006-11-06 00:00:00 UTC

Attacked the website of London dating agency loveandfriends.com

Cally Leeming2006-07-09 00:00:00 UTC

made more than pounds 100,000 by fraudulently buying and selling goods including laptop computers and digital cameras on the internet auction site. The scam began after the teenager was fired from his post as a computer technician at Eclipse Computers in Coventry. In an act of revenge he used his computer expertise to extract details of credit card holders, before going on an internet spending spree in which he bought goods worth pounds 750,000.

Natalie Sayers2006-07-09 00:00:00 UTC

accused of helping her then boyfriend cally leeming of carrying out a cyber scam.

Unknown 2006-06-26 00:00:00 UTC

accused of being a runner for the m00p malware, let of with no charges.

Matthew Anderson2006-06-26 00:00:00 UTC

Franchise manager aka Warpigs virus writer used malware attached to spam to spy on victims using their webcams and steal personal information.

Unknown 2006-06-21 00:00:00 UTC

Yanis is accused of having defaced several French important websites university of Strasbourg and Toulouse, website of the city of Lyon etc.., but his activity as defacer is far more complex: Zone-h, the independent observatory of cyber-crime, have monitored nearly 3000 notifications of intrusions in the last month related to the Prophet Mohammed digital Ummah protest about 710 are by Yanis while in his whole illegal “carreer” he compromised 1161 websites.

Edwin Pena2006-06-08 00:00:00 UTC

Started two companies offering wholesale phone services - smaller telco providers often buy bulk packages of minutes from such companies. But Pena wasnt buying wholesale telco minutes, he was getting them by hacking into various VoIP providers.

Robert Moore2006-06-08 00:00:00 UTC

Accused of assisting voip hacker pena.

Eric McCarty2006-04-20 00:00:00 UTC

According to the affidavit in support of the criminal complaint, on June 17, 2005, McCarty used a computer at his home to visit USCs on-line applicant website. The applicant website, which exists for persons applying for admission to the university, requires the use of a login username and password, and allows a user to apply or modify an existing application to the school. Information for more than 275,000 applicants from 1997 through the present is stored within a sequel database, and includes data such as social security numbers and birth dates. McCarty exploited a vulnerability in the sequel database to by-pass the password authentication used to protect the sequel database. After determining the vulnerability, McCarty staged an "SQL injection" attack to gain access to the database, which allowed him to access and copy several applicant records. Following the SQL injection attack, McCarty created an email account – [email protected] – which he used to report his attack to securityfocus.com. A reporter at securityfocus.com later contacted USC and informed them that its applicant website database was vulnerable. On June 21, 2005, the USC applicant website and SQL database were shut down as a direct result of the SQL vulnerability. The website remained off-line for nearly two weeks, causing considerable expense along with disruption to applicants. A subsequent investigation by the Federal Bureau of Investigation led to McCarty through the Internet protocol number on his home computer. McCarty is scheduled to make his initial appearance in United States District Court in Los Angeles on April 28. If he is convicted of the computer intrusion charge alleged in the complaint, McCarty would face a maximum possible sentence of 10 years in federal prison. A criminal complaint contains allegations that a defendant has committed a crime. Every defendant is presumed innocent until and unless proven guilty.

Kenneth Kwak2006-03-01 00:00:00 UTC

Kwak, who had been working in an office responsible for ensuring the security of Department of Education computer systems, admitted that he had placed software on a supervisors computer which enabled him to access the computers storage at will. He later used that access on numerous occasions to view his supervisors intra-office and Internet email as well as his other Internet activity and communications; Kwak then shared this information with others in his office.

You Li2006-02-17 00:00:00 UTC

The indictment was announced today by Acting U.S. Attorney Stephen Sorenson and FBI Special Agent in Charge Timothy J. Fuhrman of the Salt Lake City Office. A federal grand jury returned a sealed two-count indictment Wednesday afternoon charging Li with accessing a protected computer in attempted furtherance of fraud and obtaining information from a protected computer. Each count carries a potential maximum penalty of up to five years in prison and a $250,000 fine. According to SAC Fuhrman and Chief Scott Folsom of the University of Utah Public Safety Department, Li was arrested Friday morning by FBI special agents and officers of the University of Utah Public Safety Department. Li had an initial appearance in federal court Friday morning and was released on conditions, including surrendering his passport. The indictment was unsealed at the hearing. Defendants charged in indictments are presumed innocent unless or until proven guilty in court. According to the indictment, the Universitys math department provided Li with an account on the math department computer system. The computer system hosted individual accounts for students and faculty which were private. One user could not see anothers user files or read others e-mail. The University kept the accounts private by restricting access to each account with individual secret passwords and authorized users to access their accounts only. The indictment alleges that around October 2004, Li used a software hacking program to decrypt the password data on the math department computer system containing the password for a math department computer system user account owned by one of his professors. The indictment alleges Li accessed that professors account using the professors user name and password multiple times from a computer in Lis home. He used the professors information to access the professors account, read e-mails, and obtain passwords that the professor used for some websites and other personal information. According to the indictment, with one of the passwords he obtained, he was able to gain access to the professors personal account with Yahoo.com and, in addition to reading the professors e-mail, was able to obtain financial information and other personal information about the professor. According to the indictment, he also used the professors password to the Universitys math department computer to access that system and a file on that system and to change one or more of his grades in the professors class to better grades, including changing at least one grade from failing to passing. Li also wrote and installed, the indictment alleges, a program in the professors math department computer account that would run when the professor logged in, falsely notifying the professor onscreen that the professor needed to enter his user ID and password for the Universitys administrative computer system, a separate network and computer system and thereby, the indictment alleges, surreptitiously capture the professors user ID and password for the network and computer system. After Li had installed the program, the professor logged in and the program ran as it had been designed by Li to run, the indictment says.

Ryan Fisher2006-02-15 00:00:00 UTC

Fisher worked for SBT Internet, which provided Internet service to residential and business customers around Vernal using wireless radio signals between SBT’s radio towers and its customers’ wireless access points. Fisher left SBT over business and financial disputes and went on to work for, and eventually own, another Internet service provider in the area. Fisher admitted that he then used SBT’s computer passwords to take control of SBT’s network and reprogram its customers’ wireless access points to cut off their Internet service, including the service of one customer who was relying on electronic mail for news of an organ donor. He intentionally reprogrammed the access points to complicate SBT’s repair efforts which resulted in jammed wireless Internet airwaves that affected others outside SBT’s network, including another wireless Internet service and its customers. In total, more than 170 customers lost Internet service, some of them for as long as three weeks, and collectively caused more than $65,000 in losses.

Christopher Maxwell2006-02-10 00:00:00 UTC

The creation and use of botnets is a growing problem in cyberspace. In simple terms, a botnet is created when a computer hacker executes a program over the world wide web that seeks out computers with a security weakness it can exploit. The program will then infect the computer so that it becomes essentially a robot drone for the hacker controlling the botnet. The computer is ordered to connect to the communications channel where the hacker issues commands. Botnets can range in size from just a few computers to tens of thousands of computers doing the bidding of the hacker. “Some people consider botnets a mere annoyance or inconvenience for consumers, but they are highly destructive. In this case, the impact of the botnet could have been deadly,” said United States Attorney John McKay. The indictment alleges that MAXWELL and two unnamed co-conspirators created the botnet to fraudulently obtain commission income from installing adware on computers without the owners’ permission. For example by controlling someone’s private computer, the botnet controller can remotely install the adware and collect the commission all without the computer owner’s permission or knowledge. In this case, the government alleges that MAXWELL and his co-conspirators earned $100,000 in fraudulent payments from companies that had their adware installed. In order to set up the botnet, MAXWELL needed high powered computer servers. He used and compromised institutional computer networks at California State University, Northridge; the University of Michigan; and University of California, Los Angeles. The use of those systems disrupted the normal functions of the compromised computers.

Richard Benimeli2006-02-07 00:00:00 UTC

Count One of the indictment charges that between January 2, 2006, and January 23, 2006, Richard Benimeli, a computer consultant formerly under contract with Storefront Systems and Services, Inc. “SSS”, of North Canton, Ohio, knowingly transmitted and caused the transmission of certain computer codes, commands and information directed the computer system owned and operated by SSS, intentionally causing damage to said computer including impairing employees and authorized users from accessing the programs and data therein, and causing monetary damages in the form of lost revenue and repair costs exceeding $5,000. Count Two of the indictment charges that Between December 28, 2005, and January 23, 2006, with the intent to extort money or other things of value from SSS, Richard Benimeli knowingly transmitted in interstate or foreign commerce communications containing a threat to injure the property of another person, firm, association or corporation. The indictment charges that Benimeli was employed by SSS as a computer consultant from January 2004 through December 2005, and that Benimeli’s duties included creating a software program called AcceSSS which SSS used to manage client data and business operations. SSS is located in North Canton, Ohio, and operates a call center which handles maintenance requests by large commercial clients such as Lowes and Payless Shoe Stores. The indictment further charges that in 2005, Benimeli demanded to be paid 20% of the value of SSS in consideration for his past services. When SSS refused, on January 2, 2006, Benimeli remotely accessed the SSS computer system and transmitted codes, commands and instructions to the computer effectively preventing employees and authorized users from accessing the computer system and the programs and data therein. The indictment further charges that after SSS told Benimeli it would meet his monetary demands, Benimeli restored employees access to the computer system on January 3, 2006. However, when Benimeli’s demands had not been met by January 13, 2006, the indictment charges that he once again remotely accessed the SSS computer system and changed all of the passwords thereby preventing employees and authorized users from accessing the system, causing lost revenue and repair costs exceeding $5,000.

Jeffrey Goodin2006-01-26 00:00:00 UTC

Accused and convicted of the 2005 AOL breaches.

Mark Miller2006-01-19 00:00:00 UTC

According to a statement of facts read in court and confirmed by Miller, he developed sexual relationships with minor-aged females over the internet, usually in online chat rooms. Using a fictitious name and a photo of an unknown young male, Miller assumed the persona of the young male, and through his “chat,” persuaded the minors to engage in sexually explicit conduct in front of active webcams. Miller watched and recorded the girls, and distributed at least some of the recorded footage to others. Miller also contacted many of these minors by phone. His activities were exposed after one of the girls sent a love letter to the fictitious young male, addressed to Miller’s former place of employment. Miller’s former employer received the letter, found additional evidence relating to child pornography while cleaning out Miller’s work area, contacted some of the minors, and notified local law enforcement, which contacted the FBI. Miller was taken into custody shortly thereafter. According to the same statement of facts, Miller also “eavesdropped” on minors’ webcams. This high-tech video voyeurism entailed Miller obtaining the minors’ passwords to a popular internet portal through a scheme commonly known as “phishing,” and then using the passwords and certain readily available software known as Camseek and Firecam, to secretly gain access to the minors’ webcam sessions. When these minors activated their webcams, unbeknownst to them, Miller was watching and recording. Miller specifically targeted webcams used by minor-age females and sought to, and at times, did, obtain, view, and record at least some motion images of these minors engaged in sexually explicit conduct, without the minors knowing that Miller was watching and recording.

Unknown 2006-01-16 00:00:00 UTC

The alleged hacker "seriously compromised the correct operations and security of a maintenance dry dock for nuclear submarines" a statement said on Monday.