Alleged 'PayPal 14' Hackers Seek Deal To Stay Out Of Prison After Nearly 2 Years In Limbo

Before he was charged in July 2011 with aiding the hacker group Anonymous, Josh Covelli lived what he considered the life of an ordinary 26-year-old. He spent countless hours on the Internet. He had a girlfriend. He was a student and employee at Devry University in Dayton, Ohio.
But after federal authorities accused him and 13 other people of helping launch a cyberattack against the online payment service PayPal, Covelli faced potentially 15 years in prison, and his life began to unravel.
His girlfriend broke up with him. He struggled to find an employer willing to hire an accused computer hacker. His friends "wanted nothing to do with me," he said, and he suffered from bouts of paranoia -- "looking out windows, not sure who to trust" -- before checking into a behavioral health center for three days.
"It was as if I got kicked off a cliff," Covelli, now 28, told The Huffington Post in an interview.
Nearly two years after the charges made headlines, the case remains an anxiety-provoking daily reality for Covelli and his 13 co-defendants. Though they come from disparate worlds -- drawn from different points on the map and stages in their lives -- the defendants collectively share a sense of unsettling uncertainty, their plans and aspirations stuck in a limbo of indeterminate duration as they await a resolution of their case.
Their wait may be nearing a conclusion. This week, the defendants -- known collectively as the "PayPal 14" -- attended a closed-door hearing in federal court in San Francisco in hopes of negotiating a settlement that could keep them out of prison. Lawyers for both sides declined to discuss the negotiations, but a joint court filing called the meeting "productive."
"We're at a delicate point," one defense attorney said in an interview.
Such a deal would mark the final chapter in a case that has been seen as one of the first major salvos in the federal government's war on Anonymous, a loose collective of hackers who say they are motivated by ideological beliefs, not financial gain. It would also bring to a close months of legal uncertainty that the defendants say has caused them both financial and emotional strain. One defendant in the case told The Huffington Post that she would "jump off the Hoover Dam" if convicted.
While the PayPal case has largely faded from public view, the law under which the 14 defendants were charged -- the Computer Fraud and Abuse Act -- has come under increased scrutiny. The government used the same anti-hacking law to prosecute Internet activist Aaron Swartz, charging him with illegally downloading millions of articles from a Massachusetts Institute of Technology computer archive. Facing the prospect of a lengthy prison sentence, Swartz committed suicide, provoking claims of prosecutorial overreach and calls to reform the law. Critics say it is overly broad and excessively punitive, meting out stiff prison terms for some computer-related crimes they deem relatively innocuous.
The PayPal arrests appeared to have done little to deter Anonymous. Six months after the indictment was unsealed, in January 2012, Anonymous launched one of its largest attacks, knocking offline the Justice Department's website in protest of the U.S. government's arrest of leaders of Megaupload.com, a file-sharing site that allegedly facilitates Internet piracy. Since then, the group has taken credit for numerous other attacks on corporate and government websites.
But the charges in the PayPal case had one noticeable impact on the hacker group -- its members became more careful. They began circulating manuals online on how to use virtual private networks, or VPNs, to shield their IP addresses from the watchful eye of law enforcement, said Gabriella Coleman, a professor at McGill University who has studied Anonymous. "The arrests led to a kind of moment of education," she said.
The case against Covelli and the 13 other defendants stems from a series of cyberattacks in December 2010. In response to PayPal's decision to cut off donations to the whistleblower site Wikileaks, Anonymous encouraged supporters to download software that bombards websites with traffic, causing them to crash. The resulting "denial of service attack," which brought down PayPal's site intermittently over four days, was nicknamed "Operation Avenge Assange" in reference to the Wikileaks founder.
On Jan. 27, 2011, the FBI executed 27 search warrants and seized more than 100 computers in 12 states in connection with the PayPal attack. That day, Covelli said he was awoken at 6 a.m. by FBI agents knocking at his door. "The FBI is here," he recalled telling his girlfriend at the time. He opened the door and "got a pistol put to my face," he said.
Six months later, authorities filed charges against 14 people, some of whom belie the stereotype of the teenage male hacker. The defendants are men and women ranging from 22 to 44 years old and living in small towns and big cities stretching from California to Florida. They include a real estate broker, a military veteran, a massage therapist and a single mother with two children.
Some knew each other before the indictment, but only by online nicknames such as "Anthrophobic" and "Reaper." They had never met in person until Sept. 1, 2011, when they made their initial court appearance together.
One defendant, Tracy Ann Valenzuela, a single mother and massage therapist, told a local ABC station in 2011 that she got involved in the PayPal attack while reading the news online.
"I saw something about PayPal shutting down payments to Wikileaks, and I clicked on some other site and joined a protest," she said. "And next thing I knew, my house was surrounded by guns."
Although 14 people were charged, PayPal collected about 1,000 IP addresses of computers involved in the attack, according to an FBI affidavit. Some observers have questioned whether those arrested in the case were high-level members of Anonymous or merely unsophisticated activists who wanted to be associated with the group and were unaware of the consequences of their actions.
"There were a handful who were core participants and a handful who were there because they were outraged that day and didn't know the consequences," said Coleman, the McGill professor.
She said the nature of the PayPal attack made it seem innocent to the untrained eye. "They were just sitting there firing requests with a piece of software from their computers," she said. "It doesn't feel all that criminal. It doesn't feel like you're causing harm."
But Mark Rasch, a former federal cybercrime prosecutor, said the Anonymous attack on PayPal should be considered a serious crime. He compared it to chaining a lock to the entrance of a store to prevent customers from entering. "If you do something illegal, the essence of civil disobedience is you run the risk of arrest and prosecution," he said.
Still, Rasch said the 14 PayPal defendants should be considered individually. "You need to look at the nature of their participation. Were they leaders or not?" he said. "It may be appropriate for some of these people to not be prosecuted or be given probation."
In interviews with The Huffington Post, defendants in the PayPal case said they have spent the past two years burdened by pre-trial conditions that restricted their Internet usage. Many also struggled to secure employment.
"When you're applying for a job and someone Googles you, you have a lot of explaining to do when you want to point out that you were standing up for free speech and a worthy cause and the government says you're a cyber terrorist," said Graham E. Archer, an attorney who represents Ethan Miles, one of the defendants.
Archer said being on pre-trial release has been "extraordinarily stressful" for Miles. Court records note that he spent time at a mental health facility.
"You have a pre-trial services officer who is in your life constantly," Archer said. "It's a form of out-of-custody incarceration for a lot of people."
Covelli, who went by the online aliases "Absolem" and "Toxic," said a brief stretch in which he was barred from using the Internet was "like a muzzle." A court-appointed officer routinely inspects his computer to ensure he is complying with pre-trial conditions that bar him from Internet chat rooms and knowingly communicating with other members of Anonymous.
Covelli said he has gone through various periods over the past two years during which "everything seemed dark and dim." He has been diagnosed with depression that is "exacerbated by the threat of prison that hangs over him," his attorney said in court filings.
"At first it was soul-crushing," Covelli told The Huffington Post. "I was like, 'Holy crap, everything is going to end. What am I going to do?'"
Today, Covelli is unemployed, living with his parents and volunteering 35 hours a week at a food pantry in Sidney, Ohio. He attended a drug treatment facility after violating pre-trial conditions by smoking marijuana, according to court records.
He now faces potentially 30 years in prison -- much longer than his co-defendants -- because he also has been charged in connection with a separate hacking case. Authorities say Covelli helped bring down Santa Cruz County's website in December 2010 in protest of a local ordinance that barred people from sleeping outdoors.
Covelli said his only possessions are a laptop and an Xbox that he received as a gift. The U.S. Marshall's Service pays for his flights to court hearings because his attorney has told the court that Covelli is indigent. "I ran out of money fast and have been living on almost nothing or from the generosity of my family," he said in an interview.
He found some work painting in Ohio but said he missed out on other job opportunities because of the charges against him. He briefly worked at a McDonald's restaurant, a gig he called "the best job I've had in two years." He lost one job because he was forced to request time off to attend a court hearing, his attorney said in court filings.
On Monday, Covelli tweeted from court that he was "bored" and suggested that supporters organize a game of whiffle ball outside the courthouse.
Another defendant in the PayPal case, Mercedes Renee Haefer, a 22-year-old sociology major at the University of Nevada-Las Vegas, told The Huffington Post that after the indictment was made public, one of her professors barred her from using her laptop in class, citing security concerns.
She said she didn't speak to her sister or father for several months and was fired from her job at a Sony retail store because of the charges. She said she has been unable to find jobs beyond part-time paralegal work for her lawyer and IT work for nonprofits. "No one will hire me," she said.
Haefer, a brunette who wears glasses and used the online aliases "No" and "MMMM," said she still believes in Anonymous, especially when the hacker group organizes attacks in defense of freedom of speech or freedom of information. "Some things they do I agree with and some things they do I don't agree with," she said.
She spoke to The Huffington Post by phone while riding her bike in Las Vegas. When a reporter suggested that activity might not be safe, she replied, "Safety is for losers."
Haefer said the case has brought her a small measure of fame, including an appearance in a recent documentary about Anonymous. "The day my indictment went public my name trended on Twitter," she recalled.
Before Monday's court hearing, she used the social media service to write: "Really excited that people are coming out to support us for court on the 13th. Makes the whole thing a little less dehumanizing. #paypal14"
In an interview, Haefer declined to discuss the PayPal attack beyond saying, "I was speaking out about an issue I feel passionate about."
She said she tries not to think about the possibility of going to prison.
"If I wake up every day thinking about 15 years in prison, I'm not really going to live my life," she said. "You can't sit and wait on your hands for three years."

Head of hacker-powered stock scam sent to prison

 

A US man was sent to prison on Monday for orchestrating a hacker-powered scam to pump up stock prices and then dump inflated shares, raking in millions of dollars.

Christopher Rad, a 44-year-old Texas resident, was described by prosecutors as the organizer of a worldwide conspiracy to cash in by using an army of virus-infected computers to manipulate stock prices.
A US federal court judge sentenced Rad to five years in prison and ordered him to pay a $30,000 fine, with restitution to be determined at a later date, according to US attorney Paul Fishman.
"Christopher Rad's use of hackers to drive his pump-and-dump scheme illustrates a trend toward the modern mechanization of old-school scams," Fishman said.
"Law enforcement is constantly anticipating and adapting as criminals operate in a more virtual - and more global - world."
Rad enlisted spammers who used networks of infected computers to unleash floods of carefully worded email messages touting stocks which he and cohorts sold after prices climbed to unworthy highs, according to prosecutors.
Hackers also broke into people's brokerage accounts and used them to buy shares of stocks to pump prices, prosecutors said.
Rad made approximately $2.8 million dollars from the "pump-and-dump" scheme between early November of 200 and the end of February 2009, according to the case against him.
A US man was sent to prison on Monday for orchestrating a hacker-powered scam to pump up stock prices and then dump inflated shares, raking in millions of dollars.

Scots hacker jailed for two years

A Scot who was part of a group of young British computer hackers who masterminded sophisticated cyber attacks on major global institutions from their bedrooms has been jailed for two years.


Jake Davis, 20, from Lerwick, Shetland along with Ryan Ackroyd, Mustafa Al-Bassam and Ryan Cleary considered themselves to be "latter-day pirates" when they masterminded sophisticated cyber attacks on major global institutions including the CIA, Sony, the FBI and Nintendo.
They were "hactivists" with the LulzSec collective behind attacks that stole sensitive personal data including emails, online passwords and credit card details belonging to millions of people.
News International, the NHS and the UK's Serious Organised Crime Agency (Soca) were also victims of the group, who lived as far apart as London and the Shetland Islands and never met in person.
Sentencing them at Southwark Crown Court in London today, Judge Deborah Taylor said some of their taunting of their victims "makes chilling reading".
What they considered a cyber game, she said, had in fact had real consequences.
"You cared nothing for the privacy of others but did everything you could through your computer activities to hide your own identities while seeking publicity," she said.
Stolen information was posted unencrypted on their website and file-sharing sites like Pirate Bay in 2011, the court had previously heard.
They also carried out distributed denial of service (DDoS) attacks, using linked networks of up to one million computers to overpower and crash websites.
Their activity collectively cost their targets millions of dollars and potentially left millions of people at risk from criminals.
All had admitted offences under the Computer Misuse Act 1990.
Davis, who used the alias Topiary and was Lulzsec's main publicist, was ordered to serve 24 months in a young offenders unit.
Cleary, 21, of Wickford Essex, known as ViraL, pleaded guilty to six charges including hacking into US air force agency computers at the Pentagon.
He was jailed for a total of two years and eight months.
Ex-soldier Ackroyd, 26, from Mexborough, South Yorkshire, was jailed for 30 months having previously pleaded guilty to one charge of carrying out an unauthorised act to impair the operation of a computer.
The Iraq veteran used the online persona of a 16-year-old girl called Kayla.
Al-Bassam, 18, from Peckham, south London, used the alias tFlow. He was at school at the time and is currently sitting his A-levels, the court heard.
He was given a sentence of 20 months suspended for two years, plus 300 hours of community work.
Davis and Al-Bassam had previously pleaded guilty to hacking and launching cyber attacks on a range of organisations, including the CIA and SOCA.
Detective Superintendent Charlie McMurdie, head of the Police Central E-Crime Unit, said the group were "the worst sort of vandals".
Speaking outside court she said they were told about the group by the FBI.
When they raided Cleary's home he was in the middle of attacking a website, she said.
She said LulzSec had been "running riot causing significant harm to businesses and people".
"Theirs was an unusual campaign in that it was more about promoting their own criminal behaviour than any form of criminal financial profit," she said.
"In essence they were the the worst sort of vandal, acting without care of cost or harm to those they affected, whether this was to cause a company to fold and so costing people their jobs, or to put at threat the thousands of innocent Internet users whose logins and passwords they made public.
"In the case of the (Arizona) police force whose employee details they revealed, the group's reckless publication of confidential material could very well have threatened lives.
"They claims to be doing it for a laugh, but real people were affected by their actions."
One director of a company targeted by LulzSec had to move his family after details leaked online lead to death threats against him, the court heard.
Al-Bassam left court without speaking to journalists.
Andrew Hadik, the Crown Prosecution Service London reviewing lawyer, said the group's actions had been "cowardly and vindictive".
"Co-ordinating and carrying out these attacks from the safety of their own bedrooms may have made the group feel detached from the consequences of their actions," he said.
"But to say it was all a bit of fun in no way reflects the reality of their actions.
"They were in fact committing serious criminal offences for which they have been successfully prosecuted.
"This case should serve as a warning to other cyber-criminals that they are not invincible."
After he was arrested, Cleary told police: "Sure, it's a crime, obviously.
"But it is not as if it is that f****** serious."
His solicitor Karen Todner issued a statement today in which she said he accepted his guilt and regretted his actions.
"Mr Cleary has Asperger's but does not seek to excuse his behaviour," she said.
"We believe the pleas that we entered do cover all aspects of Mr Cleary's criminality and therefore we do not anticipate that he will be in receipt of an application for extradition from the United States of America."
The court had heard that there are grand jury indictments being prepared in the case and that some members of the group may face extradition requests in the future.
Cleary also admitted three charges of possession of indecent images relating to 172 child pornography pictures found on his hard drive. He will be sentenced for those at a later date.

Hacker who targeted Cambridge University is jailed

A man who used his IT expertise to launch cyber attacks on the websites of Cambridge and Oxford universities has been jailed for two years.
Lewys Martin, 21, formerly of Dover Road, Walmer, Kent, also knocked Kent Police’s public-facing website offline for more than an hour during a bid to bring it down.
He pleaded guilty at Maidstone Crown Court last month to nine charges, including committing “unauthorised acts with intent to impair operation of or prevent/hinder access to a computer” and “unauthorised access to computer material”, Kent Police said.
Martin tried to disrupt the websites of Cambridge and Oxford universities by overwhelming them with requests for information between January 29 and February 1.
Police said the universities had “solid protection programmes” in place and, although no sensitive information was disclosed, their websites were offline for up to an hour and 20 minutes.
Then on February 1 and 2, Kent Police suffered an attack at the hands of Martin, leading to its public-facing website also going offline temporarily for an hour and 17 minutes.
Martin was arrested and charged in November last year before admitting his crimes last month. Following sentencing, detectives said cyber crime was a “nuisance” which can cause countless damage for organisations.
It has been estimated that two weeks’ worth of man hours were spent dealing with the cyber attacks on the websites of Oxford and Cambridge universities.
Detective constable Nicky Holland-Day, of Kent Police, said: “Cyber attacks are a nuisance and cause aggravation as well as costs to countless private and public organisations up and down the country.
“Most websites have systems in place to prevent them being compromised, and none of those attacked in these instances suffered any more than a temporary disruption.
“However, those who try to carry out these attacks will be traced and brought before the courts, like Martin, to face the consequence of their actions.

Hacker jailed for nearly three years

 

Hacker jailed for nearly three years

A COMPUTER hacker, who launched cyber attacks against the CIA and the Pentagon, has been jailed for nearly three years.
Ryan Cleary, 21, of South Beech Avenue, Wickford previously admitted carrying out the internet attacks with fellow hackers who formed the LulzSec cyber gang.
He also admitted charges in connection with posessing pornographic images of children.
The hacking gang wreaked havoc with their cyber attacks which targeted corporations and government agencies on both sides of the atlantic.
He was jailed today at Southwark Crown Court for two years and eight months.

T-ara's management agency decides to forgive the hacker

T-ara's management agency decided to forgiver the hacker who hacked their official website.

On May 16th, Core Contents Media said, "We requested the cyber investigation team of Gangnam district police department to forgive the 17 year old hacker."

The hacker was found out to be a 17 year old high school student who lives in Gangwon province, and he turned himself in with his mother.

Core Contents previously sued him for many troubles he caused.

However, the hacker was a 17 year old high school student, and the student visited the company with his parents to make an apology.

The student told that he hacked the website just in pure curiosity, and also because he wanted to show his friends.

Core Contents Media told that even though the company had to heavily suffer, they decided to forgive the student, and asked him to never do such a thing again.

On the other hand, the official website of Core Contents Media got hacked on May 15th.

Infamous hacker and Internet troll Andrew Auernheimer, better known as Weev, said he wasn't afraid of going to prison. But he is now being held in "administrative segregation," which is a euphemism for solitary confinment.
His lawyer and supporters claim he's being punished for tweeting and posting messages to SoundCloud from behind bars. But, is that really why he's locked alone in a cell for 23 hours a day?
Auernheimer was recently sentenced to 41 months in prison for getting his hands on the email addresses of 114,000 AT&T iPad 3G customers — which were stored on openly accessible URLs — and later sharing this information with Gawker. After the sentencing, he was put away in a detention center in Brooklyn, N.Y., before being tranferred to a federal low-security prison in Allenwood, Pa.
During his time in prison, as Mashable has reported, Auernheimer had been able to remain online, tweeting through a friend. And he had even been able to make his voice heard by taking advantage of a PBX server set up to automatically post his calls to SoundCloud.
According to Auernheimer himself, it's for those actions that he's been put in solitary confinement, since April 28.

He's likely spending 23 hours a day in a cell alone, with just one hour a day for showers and exercise

He's likely spending 23 hours a day in a cell alone, with just one hour a day for showers and exercise, which usually takes place in another room. "They took away all my electronic comm[unication]s methods and put me in the special housing unit where I am under 24/7 lockdown," Auernheimer wrote in a letter (embedded at the bottom of this story) to his friend, fellow hacker and security researcher Shane MacDougall.

"All this for the high crime of blogging."

"All this for the high crime of blogging." For more than a week, his lawyer Tor Ekeland hasn't heard from Auernheimer, nor has he been able to talk to him on the phone. And during that time he hadn't even been able to get in touch with prison officials.
So, while Ekeland can't confirm whether Auernheimer's punishment is really due to his online activities, he believes "that's a reasonable hypothesis."
Ekeland explains that Auernheimer's email access was cut off a few days after he used it to, basically, live-tweet his experience in prison. And his telephone access was cut off shortly after he used it to post three messages to his SoundCloud account.
"You've got a coincidence there, certainly," Ekeland told Mashable.
When Ekeland was finally able to talk to prison officials on Friday, they confirmed that Auernheimer is indeed in administrative segregation for "investigative purposes." But when Ekeland asked what he was being investigated for, according to Ekeland, the official simply answered: "I can't tell." To find out more about Auernheimer's situation, Ekeland is going to visit him on Sunday.

SEE ALSO: Convicted Hacker 'Weev:' I'm Not Nervous About Going to Jail

Mashable reached out to officials at the prison but a spokesperson simply replied in an email that "due to Bureau of Prisons' policy and in accordance with maintaining the inmate's privacy, we are not authorized to release the information you requested." The prison did not respond to additional requests for comment.
To further support the theory that authorities were bothered by Auernheimer's online activities, his friend Jaime Cochran, who had set up the PBX server along with Kevin Gallagher to automatically post to Soundcloud, revealed to Mashable that around two days after his last SoundCloud message, the server received two calls. According to Cochran, the caller IDs on those two calls read: "US GOVERNMENT" and "FEDERAL BUREAU OF PRIS."
Paul Wright, editor of Prison Legal News, a magazine and website that covers all news related to inmates, isn't surprised by any of this. While Wright hasn't followed Auernheimer's case closely, he said that it doesn't seem as though he's broken any laws or regulations. Wright explained that prisoners enjoy basically the same First Amendment protections as any other citizen. That means that they can express their views and opinions, even online, through intermediaries that post them on their behalf. In fact, many are prolific writers — and even have websites.
"I was in prison for 17 years and I started the magazine Prison Legal News from there, and I published literally thousands of articles, including two books, while I was in prison," he said.

For example, Wright points to the case of Eric Rudolph, a terrorist responsible for bombing the Olympic Park in Atlanta in 1996 — killing one person and injuring 111 others — and three more anti-abortion and anti-gay attacks. He's now serving a life sentence but, even from prison, he's written regularly, publishing anti-abortion essays on a website called the Army of God.
Wright adds that there are many other examples, including that of David Lane, a white supremacist who regularly wrote for Nazi periodicals and websites while in jail. According to Wright, none of these prisoners were punished for communicating with the outside world to disseminate their views. But others are.
"The reality is that, typically, the prisoners who are retaliated against, or the government tries to silence, are those who are critical of the government, that are critical of the status quo, and complain about prison's conditions," he said.
Amy Fettig, senior staff counsel for the American Civil Liberties Union’s National Prison Project, isn't surprised at all, either. Even though she stresses that we obviously don't know all the facts, she said

"this case sounds like the typical overuse of solitary confinement,"

"this case sounds like the typical overuse of solitary confinement," which is common in the American prison system. Solitary confinement, she explained, is used far too often to retaliate against prisoners who speak out against their prison's officials for violating their constitutional rights.
"To throw somebody into solitary confinement is a way to really, really punish them and make sure they stay quiet the next time," Fettig said.
Auernheimer's supporters and friends have no doubts. "It's silly to me, considering he's not some fucking mafioso running some crime syndicate from prison, where he needs all his communique cut off," wrote Cochran in an email. "It's pretty ridiculous."
"It seems like a vendetta by prisoners officials and nothing more," said MacDougall.
Meanwhile, Auernheimer, who now has no access to the outside world except for snail mail, wonders if he still matters online, where his shenanigans made him a household name in the hacker community.
"Has the Internet forgotten about me," he writes in the letter he sent to MacDougall, "or am I still a hot topic?"
UPDATE May 17, 3:45 p,m.: The article has been updated to reflect that the PBX server had been set up by both Jaime Cochran and Kevin Gallagher. And a previous version of this article stated that the caller ID read FEDERAL BUREAU PRISON, whereas it actually was FED BUREAU PRIS.

Data provided by Pastebin.com - Download Raw - See Original

5/5/2013
 
Shane,
 
        How are you doing? How are the chops? I am disgusted to have to write an actual
paper letter but they took away all my electronic comms methods and put me in the special
housing unit where I am under 24/7 lockdown. All this for the high crime of blogging,despite
nation B.O.P. officials having made public statements that what I was doing wasn't against
the rules. Meredith had a conversation with the guy even.
 
        It has been a week of this and I feel completely alone and abandoned. I don't even
have my loved ones or attorney's address (they took most of my papers and I happened to
have your address on a property slip they didn't toss). and am unsure when or if anyone will
find out about my situation.
 
        I refused to consent to a payment plan for the fine levied against me from my commissary
funds, so now I can't buy food I can eat from the prison store anymore. Things are really
depressing. Please have people send books. I need them badly in 24/7 lockdown with no
library access.
 
        I miss everyone, also food and sunlight. I was hoping people would send m tweets and
news articles about me but nobody has. Has the Internet forgotten about me or am I
still a hot topic?
 
                                                                                Miss you all dearly,
                                                                                Weev #10378-010
 
(I really wish my attorney would call, only he can)

FBI, city of Akron investigating hacker attack that compromised identities of 8,000 taxpayers

Cyber hackers from Turkey hacked into the city of Akron's website and replaced city messages with politically-motivated ones on Thursday. Also, nearly 8,000 taxpayers had their personal information stolen including their names, addresses, and social security numbers.
The city of Akron is working to get its website back up and running. There are still error messages, but the message from Turkish hackers that some residents saw on Thursday is gone.
"We get hits every day. Someone trying to get in, and until yesterday we thwarted all attempts to get in,” Deputy Mayor Richard Merolla said.
The city said the hackers also accessed a sensitive internal database, and posted the information online.
The city believes taxpayers who filed their income tax return through the city's website are vulnerable. While the victims are estimated at 8,000, the city continues to check if there are more.
“That's not good. Not good at all. I wouldn't doubt that mine is one of them," said Fred Jessee.
"We as people don't need to be leaked out," said Devante Coats.
The city of Akron contacted 5,369 people by email. An additional 5,614 will be notified by reverse alert calls Friday night. Those without email or phone numbers on file will receive a letter.
"We thought we were secure. We never would have allowed anyone in without a fight," Merolla said.
Joe DeSantis responds to these types of attacks for SecureState .
We asked: Are these hackers really good at this or are cities not doing enough?
“It’s a combination of both. The hackers aren’t getting any better, but the tools they get are more automated. There’s a lot less thinking involved, which is why you seen an increase in attacks,” DeSantis said.
DeSantis said many businesses don't take enough steps until the hackers strike and cause damage. Once that happens, it’s hard to restore trust.
“It starts to reduce the confidence of people accessing the website,” DeSantis said.
DeSantis expects these attacks will continue, and many companies and cities are at risk.
"If you have sensitive data, or you are a significant avenue of information on the Internet, you can be targeted. You can be attacked. And your data can be stolen," DeSantis said.
Protecting your identity
If you have not received an email from the city of Akron and still have questions, call 311. On your mobile phone, the number is 330-375-2311. You can also call the city’s income tax office at 330-375-2290.
You can pick up on fraudulent activity by periodically checking your credit report. You can do it for free once a year through Annual Credit Report. There are three credit agencies that participate in this free report, and if you check your credit from one agency every four months, you can keep tabs on your credit year round. If you do this, always access the check through Annual Credit Report to ensure it’s free.
Helpful numbers
Identity Theft Resource Center 888-400-5530
Ohio Attorney General’s Office 800-282-0515
Security Freeze
If you are a victim, you may want to add a security freeze to your file. This will prevent new lines of credit from being opened in your name. You need to request this freeze through the three credit bureaus.
Equifax : 800-685-1111 (Option 3), Equifax Security Freeze, P.O. Box 105788, Atlanta, GA 30348
Experian : 888-EXPERIAN (888-397-3742), Experian Security Freeze, P.O. Box 9554, Allen TX 75013 or
TransUnion : 888-909-8872, TransUnion, Fraud Victim Assistance Department, P.O. Box 6790, Fullerton, CA 92834

Hacker won’t help Saudi spies

Moxie Marlinspike (Credit: Twitter)

What do you do when you’re a hacker specializing in secure communications protocols, and you get a request to help the Kingdom of Saudi Arabia spy on its own people? For San Francisco’s Moxie Marlinspike, a respected computer security expert, the experience provoked a thoughtful examination of the current state of hacker culture.
Not so long ago, hackers often perceived themselves as standing in opposition to authority and governments. Moreover, the subcategory of hackers who specialized in discovering and publicizing security vulnerabilities — referred to as “exploits” in the security trade — did so out of a belief that the best way to improve the integrity of our communication systems was by publicizing dangerous security holes.
Times have changed. As Joseph Menn documented in a breakthough special report for Reuters last week, today’s security-minded hackers often end up working directly for defense contractors, hand in hand with the U.S. government. Identifying exploits and selling them off to the highest bidder has become a lucrative business. Worst of all, the buyers of these exploits aren’t interested in improving security, but instead often plan to deploy these vulnerabilities for their own purposes.
Marlinspike spoke with Salon on Tuesday morning to explain how his Saudi Arabian encounter encouraged him to challenge the hacker community to rethink its values.
A week ago you were approached by a Saudi Arabian telecom company. What did they want and why did they come to you?
The company Mobily is actually from the United Arab Emirates, but they are one of the three major telecoms that operate in Saudi Arabia. They’d gotten a requirement from the regulator in Saudi Arabia to be able to both monitor and block mobile application data — data transmitted from apps on phones. They were trying to meet that requirement and were looking for help on the surveillance.
You said they came to you because you had written some software tools that targeted security holes in communications software? Can you explain what that means?

A lot of these apps use a secure protocol for communicating with their server called SSL. I have spent some time doing security research in that area, and I’ve published a number of vulnerabilities concerning SSL over the years. I think they saw that and assumed that I would be able to help them intercept SSL communications.
Why had you chosen to focus on exposing such vulnerabilities?
For a bunch of reasons. I’m just interested in security protocols, for whatever weird reason. And SSL is probably the most popular secure protocol on the Internet, so focusing work in that area just makes a lot of sense, you know, bang for the buck. I’m also interested in doing research in secure protocols and specifically SSL because more and more that’s what we depend on for the security of our communications, and more and more there are people who are interested in intercepting that communication, and I think we have to look at it really critically to make sure that it is as secure as we want it to be.
Ultimately, you turned Mobily down. Why?
Well, I’m not interested in helping them surveil the private communications of millions of people.
That led to the Mobily guy saying to you: “If you are not interested then maybe you are indirectly helping those who curb the freedom with their brutal activities.” Kind of a,”if you’re not with us, you’re against us” moment. How did that make you feel?
Obviously concerned. But I do think it was a really great example of the same logic we are going to be confronted with over and over again. There’s sort of an ongoing debate in the security community about what our role is in this new dynamic where governments are weaponizing the insecurities that are out there. Over and over again we hear it’s us or them, you’re with us or against us, your choice is either bombs or exploits. That it is something that we in the security community need to be talking about and be aware of.
Joseph Menn’s Reuters article on how the U.S government is one of the biggest purchasers of these exploits was a real eye-opener. It’s weird to see security hackers co-opted by the military-industrial complex — selling exploits to the highest bidder. How did that happen?
I don’t know. Slowly. But it is shocking how far it has come. For instance, the most popular security conference in the United States is called DefCon. In the early days of DefCon, there was a game that was sort of collectively played by everyone there called “Spot the Fed.” The idea was that you would get points for every government employed agent that you could identify who was at the conference. Now, some of the major conference organizers actually work for the Department of Homeland Security. So, there’s been a major transition in terms of that culture.
Isn’t that a betrayal of hacker culture?
I’m wary of trying to define who is a hacker and who is not a real hacker. Betraying our true nature, or whatever. But I am interested in trying to talk more about what it is that we value and prioritize and who it is that we want to reward. To think intentionally about that. A lot of it just has to do with money. When you go back to the origins of the hacker community, our skills weren’t valued by these players. And now they really are. Money has certainly changed this for a lot of people, this is where their bread is buttered. But I still think that as a community we can think about culture and try to influence that.
Do you think there is potential here for a counter-reaction? A return to this idea that exposing these vulnerabilities ultimately makes us more safe? A sense that the market for exploit sales has gotten completely out of hand?
I think there is a growing narrative along those lines. So far the discussion has focused a lot on legality, whether it should be legal to sell exploits or not, whether it should be regulated, whether Congress should step in. But I think simultaneously, it would be good to have a conversation about exploit sales in the context of culture. What does this community value and prioritize?
Are you talking morality? Ethics?
I wouldn’t use the word “morality” — I’m talking about cultural norms. I think that it is getting easier to talk about because there is more information about what is going on. All this stuff was so opaque for awhile that it was hard to really have a real conversation about what was happening. This Saudi Arabia stuff is a great example. If someone is selling exploits to U.S. defense contractors, those same exploits could very easily end up in the hands of the Kingdom of Saudi Arabia through the corporate partnerships that the U.S. has established with that government.
How has this affected what you focus on in your own work? Has it changed your research interests?
It has. Specifically, I spend a lot more time now working on developing tools for secure communications, and working on proposals to strengthen the secure protocols that we already have, whereas before I probably spent more time doing research, looking for holes that could be exploited.

Hacker breaks into local accounting firm

A hacker stole data from a Fairfield County accounting firm in a breach that may have impacted as many as 900 customers, authorities say.
Lyons & Lyons, a certified public accountant firm in Ridgefield and Fairfield, is currently working with the U.S. Secret Service, the Internal Revenue Service and the IRS’s Criminal Investigation unit on an ongoing “cyber breach” criminal investigation.
An arrest may be near.
David Lyons, a partner at Lyons & Lyons, confirmed the breach occurred at his company’s office, but offered few specifics.
“We did have a security incident that may have caused exposure of some personal information,” Mr. Lyons said.
He said he could not comment how many clients’ information had been hacked, exactly what information had been taken or when the breach took place, because the investigation is pending.
However, Jaclyn Falkowski, a spokesperson for the office of the Connecticut attorney general, said, “It’s our understanding that about 900 Connecticut residents were notified that their information may have been compromised in this breach and that federal law enforcement authorities are also involved.”
She added that companies that keep personal information, as defined by statute, are required to notify her agency of any security breaches, which Lyons & Lyons did.
“While we are still assessing the matter, our primary concern is for the security of those consumers affected, and we will work to ensure that the needs of those individuals are met and that the company take adequate measures to prevent exposure of personal information in the future,” she wrote.
Mr. Lyons did not confirm whether or not tax return information was falsified or stolen, or whether the perpetrators got complete files.
He said the Secret Service has a suspect and the agency expects to make an arrest soon.
He added that the Secret Service has told him that the suspect has no affiliation with Lyons & Lyons.
“The suspect is not a current or former employee and is not a current or former client — that has been confirmed to us by the Secret Service,” Mr. Lyons said. “I have no idea who the individual is at the time, but the suspect has no connection to the firm.”
Calls to the Secret Service and IRS Criminal Investigation unit were not returned.
Mr. Lyons said his office is installing a new credit monitoring system to ensure a breach like this doesn’t happen again.
“We are working with all the agencies to bring this to a conclusion as soon as possible,” said Mr. Lyons. “We are obviously concerned about the security of our clients’ information and we are taking this very seriously.”
Additionally, he said, “we have arranged for clients to get identity theft protection.”
Ms. Falkowski, of the state’s attorney general’s office, said the investigation will be made public as soon as it concludes.
“It’s a matter of time; the investigation is still open,” she said.
Police advice
Police recommend that people avoid giving out important information over the phone or online.
“Don’t give away anything too easily,” said Capt. Tom Comstock. “Unless you initiated the conversation with the accountant, then you shouldn’t be revealing stuff like your Social Security number over the phone to a complete stranger.”
He added that this advice is “standard safety protocol that we tell people all the time.”
“Keep a close eye on all your accounts, and if there’s anything out of the ordinary, report it right away.”
Lyons & Lyons’ Ridgefield office is at 898 Ethan Allen Highway. Its Fairfield office is at 75 Hillside Road.
Ms. Falkowski described how many people can get help.
“Affected consumers who have concerns about this matter are encouraged to contact ID Experts, the credit monitoring firm Lyons & Lyons has retained in this matter, at 1-888-760-4871. Consumers can also call our consumer protection unit at 1-860-808-5400 or email attorney.general@ct.gov.”

Teenage Indian hacker gets paid by US organization for dropping off college

An Indian immigrant is set to become the most accomplished hacker in US as he is being paid for dropping college studies and engaging himself in Silicon Valley's entrepreneurial environment.
Diwank Singh Tomer, 19 has enrolled himself with the Facebook's first investor and the co-founder and former CEO of PayPal, Peter Thiel, who is paying 100,000 dollars to 20 teenagers to launch a business of their own, ABC News reports.
Tomer, who is designing an interactive learning environment with funding from the Thiel Foundation, had dropped out from an Indian University after continuing only for less than a month when the computer science major realized that he can launch a startup to help people learn to code while learning coding basics himself.
Tomer said that he believes that dropping out is an important part of the growing up process, adding that instead of promoting students to ask questions, traditional Indian schools force the students to only appear smart.
The unconventional entrepreneur also said that people learn best when they have access to mentors and the ability to learn in a way that suits them.
The Thiel Foundation mentors the young entrepreneurs during the two year fellowship as they pursue advance studies and practices in everything from robotics to fashion but does not entitle them to join school or get employed during the period without special approval from the foundation.
Stating that the entrepreneurs have exceeded the Foundation's expectations, Thiel said that the company's intention was to help a small number of creative people learn and accomplish more than they might have otherwise.
Not fearing failure, Tomer has developed an algorithm that will respond to the user's actions, where the program will direct the user to take cues fro the ways he interacts with the site is he yearns to learn about a small area of coding, the report added.

Hackers stole ₹2.4 crore from Mumbai Bank in 3 hours

 

Cybercriminals hacked into the Mumbai-based current account of the RPG Group of companies and stole Rs 2.4 crore within 3 hours on May 11, Times of India reported.

The TOI report says money has been transferred to 13 different bank accounts in Chennai, Coimbatore,Tirunelveli, Bangalore,Hyderabad and other places.

The bank blocked those accounts but the gang have already managed to withdraw some funds.

The police has arrested three members of the crew who came to withdraw the money in Coimbatore and Hyderabad.

It appears the Company fell victim when the company officials opened the malware attached mail sent by the gang.  The gang then probably harvested the bank login credentials using the malware.

Earlier this year, cyber criminals stole Rs 1 crore in Mulund from the current account of a cosmetics company.

ATM Hacker Boanta invents "Secure Revolving System(SRS)" to prevent ATM thefts

"The only person who know how to secure your system is the person who know how to break- Hacker." BreakTheSec.

A Romanian cybercriminal , who is six months into a 5-year sentence for supplying gadgets that conceal ATM skimmers has invented a new device that prevents ATM thefts, Reuters reported.

Valentin Boanta, 33-year-old, who was arrested in 2009 said his arrest made him happy because it helped him to get of his Blackhat hacking addiction.

"Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction." Reuters quoted as Boanta saying. "So that the other part, in which I started to develop security solutions, started to emerge."

Secure Revolving System-SRS:SRS device, funded by a technology firm called MB Telecom, can be installed in any existing ATM that prevents the operation of skimming devices.

The Detailed story:::

Valentin Boanta, sitting in his jail cell, proudly explains the device he has invented which, he says, could make the world's ATMs impregnable even to tech-savvy criminals like himself.

Boanta, 33, is six months into a five-year sentence for supplying gadgets an organized crime gang used to conceal ATM skimmers, which can copy data from an unsuspecting ATM user's card so a clone can be created.

He said he had started to make the devices for the sheer excitement of it and denies ever planning to use them himself, saying he only sold them to others.
Boanta says his arrest in 2009 and trial brought contrition, as he realized the impact of his actions and felt an urge to make amends. It also brought the former industrial design student a flash of technical inspiration.
"When I got caught I became happy. This liberation opened the way to working for the good side," Boanta said.
"Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction," he said. "So that the other part, in which I started to develop security solutions, started to emerge."
It was during his trial that he got down to work. The stage for Boanta's product pitch these days is the book-lined cell in the northeastern Romanian town of Vaslui he shares with five pickpockets and burglars.
"All ATMs have ageing designs so they are prone to vulnerability, they are a very weak side of the banking industry," he said.

"Every ATM can be penetrated through a skimming crime. My security solution, SRS, makes an ATM unbreachable."

Boanta says his "Secure Revolving System-SRS" can be installed in any ATM. It allows the bank card to be inserted longer side first and then rotates it to prevent skimmers being able to lock on to the magnetic data strip. The system returns the card to its user with a reverse rotation.
Outwardly it is a trapezoidal metallic box around 6 inches long with the card slot in the middle.
The SRS, funded and developed by a technology firm near Bucharest called MB Telecom, is patented and won an award this year at the International Exhibition of Inventions in Geneva. The inventor and company are not yet saying how much it will cost, but insist it will be available soon.
"He fully deserves such recognition," said SRS co-inventor and MB Telecom president Mircea Tudor. "He's taking part in improving Romania's image abroad and he'll surely join our team when released."
Romania has a deep well of technical expertise stemming from the time of communist dictator Nicolae Ceausescu, who backed computer research and technical education.
Digital piracy flourished after his violent overthrow in 1989, as people who could not afford proprietary products bought cheap copies instead.
Romanian hackers stole about $1 billion from U.S. accounts in 2012, according to the U.S. embassy in Bucharest. A report by Verizon said Romania was the world's second-biggest hacking centre after China. The FBI has even set up an office in Romania and helped to train specialist police agents.

Hunting for Syrian hackers’ chain of command

It’s the question of the moment inside the murky realm of cybersecurity: Just who, or what, is the Syrian Electronic Army?
The hacking group that calls itself the SEA struck again Friday, this time breaking into the Twitter accounts and blog headlines of the Financial Times. The attack was part of a crusade that has targeted dozens of media outlets as varied as the Associated Press and The Onion, the parody news site.
But just who is behind the SEA’s cyber-vandalism remains a mystery. Paralleling the group’s boisterous, pro-Syrian government activity has been a much quieter internet surveillance campaign aimed at revealing the identities, activities and whereabouts of the Syrian rebels fighting the government of President Bashar Assad.
Now sleuths are trying to figure out how much overlap there is between the rowdy pranks playing out on Twitter and the silent spying that also increasingly includes the monitoring of foreign aid workers. It’s a high-stakes search. If researchers prove the Assad regime is closely tied to the group, foreign governments may choose to respond because the attacks have real-world consequences. The SEA nearly crashed the stock market, for example, by planting false tales of White House explosions in a recent hijacking of the AP’s Twitter feed.
The mystery is made more curious by the belief among researchers that the hackers currently parading as the SEA are not the same people who started the pro-Assad campaign two years ago.
Experts say the Assad regime benefits from the ambiguity. “They have created extra space between themselves and international law and international opinion,” said James A. Lewis, a security expert with the Centre for Strategic and International Studies.
BEGINNINGS DURING THE 2011 UPRISINGS
The SEA emerged during the Syrian uprisings in May 2011, they said, to offer a pro-Assad counternarrative to news coming out of Syria. In speeches, Assad likened the SEA to the government’s own online security corps, referring to the group as “a real army in a virtual reality.”
In its early incarnation, researchers said, the SEA had a clearly defined hierarchy, with leaders, technical experts, a media arm and hundreds of volunteers. Several early members belonged to the Syrian Computer Society, a technical organization run by Assad before he became president. Until last month, digital records suggest, the Syrian Computer Society still ran much of the SEA’s infrastructure. In April, a raid of SEA web domains revealed that the majority were still registered to the society.
SEA members initially created pro-Assad Facebook pages and spammed popular pages like President Barack Obama’s and Oprah Winfrey’s with pro-Syrian comments. But by fall 2011, SEA activities had become more premeditated. They defaced prominent websites like Harvard University’s with pro-Assad messages, in an attack a spokesman characterised as sophisticated.
At some point, the SEA’s key players disappeared and a second crop of hackers took over. The current group consists of roughly a dozen new actors led by hackers who call themselves “Th3 Pr0” and “The Shadow” and function more like Anonymous, the loose hacking collective, than a state-sponsored brigade. In interviews, people who now identify as the SEA insist they operate independently from the Assad regime. But researchers who have been following the group’s digital trail aren’t convinced.
“The opportunity for collaboration between the SEA and regime is clear, but what is missing is proof,” said Jacob West, a chief technology officer at Hewlett-Packard. As governments consider stronger responses to malicious cyberactivity, West said, “the motivation for Syria to maintain plausible deniability is very, very real.”
SURVEILLING DISSIDENTS
Long before the SEA’s apparent changing of the guard, security researchers unearthed a stealthier surveillance campaign targeting Syrian dissidents that has since grown to include foreign aid workers. Morgan Marquis-Boire, a researcher at the Citizen Lab at the University of Toronto, uncovered spyware with names like “Dark Comet” and “BlackShades” sending information back to Syria’s Ministry of Communications. The software, which tracked a target’s location, read emails and logged keystrokes, disguised itself as an encryption service for Skype, a program used by many Syrian activists.
Marquis-Boire has uncovered more than 200 IP addresses running the spyware. Some were among the few kept online last week during an internet disruption in Syria that the government blamed on a “technical malfunction,” but experts described as a systematic government shutdown.
SEA members deny spying on Syrian civilians. “We didn’t do that and we will not,” the hacker who identifies himself as Th3 Pr0 wrote in an email. “Our targets are known,” he wrote, referring to its public Twitter attacks. Researchers have tracked several of those attacks, including that on The Onion and another against Human Rights Watch in March, to a server in Russia, which they believe is redirecting attacks from Syria. Last weekend, researchers traced one attack back to a Syrian IP address registered to Syriatel, a telecommunications company owned by Rami Makhlouf, Assad’s first cousin.
Dissidents say that connection is proof the SEA is backed by the Assad regime, and claim the Twitter attacks are just the outward-facing component of a deeper surveillance campaign.
“There is no doubt they are the same,” said Dlshad Othman, a Syrian in Washington who helps dissidents get rid of the spyware.
The smoking gun, Othman and others say, was an SEA attack last year on Burhan Ghalioun, a Syrian opposition leader. Shortly after Ghalioun’s Facebook page was hacked, it began serving spyware to fans. Ghalioun’s emails also showed up on an SEA leak site.
The other potential link, they say, is a list of opposition leaders that surfaced in July, after SEA members boasted they could help the regime quickly search for the names of opponents. Othman said the boasts were proof the SEA worked with the regime and kept tabs on dissidents.
Ironically, that opposition search most likely led to the SEA’s internal shake-up. Activists say encryption on the document was cracked, and in July it popped up on Pastebin, a website for anonymous postings.
“There was a view that the government blamed the SEA for the leak,” said John Scott-Railton, a Citizen Lab research fellow.
In the days that followed, Facebook accounts for known SEA members went dark. SEA aliases that researchers had been tracking suddenly vanished. New members with different monikers assumed the group’s name. Researchers say the hackers behind the recent spate of Twitter hacks are far less organized.
Outside Syria, the Twitter attacks made people take note of the SEA. But inside Syria, they barely registered. Dissidents there are more concerned with the mounting spyware infections and imprisonments. And researchers have seen the spyware tracking a new target: aid workers.
“The Syrian opposition are quite paranoid and aware of the stakes,” Marquis-Boire said. “But then you get foreign aid workers who show up to do good work, but are not as paranoid about their operational security.”
“It’s a smart move if you think about it,” he added

AT&T Phone Hacked to Call Somaila & $500,000 Bill

The sound of a ringing phone is normally a good thing for Melissa Bream, owner of Remax Stars Real Estate Company.
"The phone is everything and your phone number is everything," she said. But when all seven lines at her office started ringing constantly one Saturday in March, it turned out trouble was on the other end.

"Our phones were hacked into by an outside person," said Bream. "Most of the calls were made to Guinea and Somalia.

Bream says nobody in her office has any reason to call those countries. But that didn't stop the bills from rolling in. She was hit with charges from Sprint, a long distance company called Var Tec, more than $14,000 in fees from Charter Communications and more than $500,000 from AT&T.
"I was flabbergasted and shocked," said Bream.
She doesn't have an account with any of those companies except Charter. So she challenged the charges and started doing research. She found she's not the only small business to be victimized. According to the Salem News, a company near Boston had a similar situation in 2009 that also involved outrageous charges from AT&T. Those charges were eventually forgiven.
A spokesman for A Better Answer, the company that installed Bream's phone system, says it's impossible to hack. He says there's no way the volume of calls charged to Bream could get through her system and that this is a network problem.
AT&T seems to agree.
"They actually told me that they know we did not make those phone calls," said Bream.
The company sent NewsChannel 5 a statement that reads: "We are working with the business and plan to remove any charges resulting from the fraudulent calls on our network."
On Thursday Bream got an email from AT&T saying the charges were reversed. Soon after, an employee got a similar call from Charter Communications.