Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground (33 page)

Read Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground Online

Authors: Kevin Poulsen

Tags: #Technology & Engineering, #Computer hackers, #Commercial criminals - United States, #Commercial criminals, #Social Science, #True Crime, #Computers, #General, #United States, #Criminals & Outlaws, #Computer crimes, #Butler; Max, #Case studies, #Computer crimes - United States, #Biography & Autobiography, #Computer hackers - United States, #Security, #Engineering (General), #Criminology

BOOK: Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground
3.67Mb size Format: txt, pdf, ePub
Chapter 1: The Key

  
1
As soon as the pickup truck rolled up to the curb:
Interviews with Max’s friend Tim Spencer. The confrontation was also described in less detail by Kimi Mack, Max’s ex-wife. Though Max could intimidate bullies, he was never forced into a physical confrontation with them.

  
2
Max’s parents had married young: State of Idaho v. Max Butler
, 1991. District Court of the Fourth Judicial District, Ada County, Case No. 17519.

  
3
Robert Butler was a Vietnam veteran: State of Idaho v. Max Butler
and interviews with Max.

  
4
Weather Channel and nature documentaries:
Interviews with Kimi Winters and Max, respectively. Max’s parents declined to be interviewed.

  
5
relaxed, and full-bore insane:
Interviews with Tim Spencer and with “Amy,” Max’s ex-girlfriend. Max’s emotional problems at this time are also reflected in court records in
State of Idaho v. Max Butler
. Max acknowledges that his parents’ divorce had a deep effect on him.

  
6
One day he emerged from his home:
Interview with Tim Spencer. Max confirms the incident but says he lit the fire in a field adjacent to Spencer’s house.

  
7
The Meridian geeks had found the key ring:
The account of the master-key incident comes from interviews with Tim Spencer. Court records confirm Max’s juvenile conviction. Max admits the trespass and chemical theft but declined to detail
what occurred inside the school. John, his uncharged accomplice in the burglary, declined comment.

  
8
Max became “Lord Max”:
Max described his run-in with the Secret Service in an interview. Also referenced in a letter Max wrote that was filed in
State of Idaho v. Max Butler
.

Chapter 2: Deadly Weapons

  
1
THIS is the Rec Room!!!!: From MUDs to Virtual Worlds
, Don Mitchell, Microsoft social computing group (March 23, 1995).

  
2
three hundred thousand host computers:
Numerous sources, including
“Illuminating the net’s Dark Ages,”
Colin Barras, BBC News, August 23, 2007.

  
3
At Max’s urging:
The events surrounding Max’s assault conviction are based on transcripts and other documents in
State of Idaho v. Max Butler
, as well as interviews with Max and “Amy.” Where there are significant factual disputes, they are noted herein.

  
4
Then the dark truth:
“The Dreaming City,” Michael Moorcock,
Science Fantasy
47 (June 1961).

  
5
Like a few of them, he started hacking the computer right away:
The hacking at BSU was described by Max and David in interviews. David described Max’s speed and impatience. BSU professor Alexander Feldman discussed Max’s computer ban in an interview and said Max had probed other computers.

  
6
The sheriff called BSU’s network administrator at two in the morning:
Interview with Greg Jahn, a former BSU system administrator responsible for locking down Max’s account and preserving his files.

Chapter 3: The Hungry Programmers

  
1
Idaho’s Supreme Court ruled: State v. Townsend
, 124 Idaho 881, 865 P.2d 972 (1993).

  
2
Max found an unprotected FTP file server: Cinco Network, Inc. v. Max Butler
, 2:96-cv-1146, U.S. District Court, Western District of Washington. Max confirms this account but says he was primarily interested in distributing music files, not pirated software.

  
3
Chris Beeson, a young agent:
The details of Max’s assistance to the FBI come from court filings by the defense attorney in his subsequent criminal case,
USA v. Max Ray Butler
, 5:00-cr-20096, U.S. District Court, Northern District of California. Details of his recruitment and his relationship with the agents come from interviews with Max and Max’s Internet writings immediately following his
guilty plea. See
http://www.securityfocus.com/comments/articles/203/5729/threaded
(May 24, 2001). Max says he did not consider himself an informant and only provided technical information.

Chapter 4: The White Hat

  
1
The first people to identify themselves as hackers:
The seminal work on the early hackers is Steven Levy,
Hackers: Heroes of the Computer Revolution
(New York: Anchor Press/Doubleday, 1984). Also see Steve Wozniak and Gina Smith,
iWoz: From Computer Geek to Cult Icon: How I Invented the Personal Computer, Co-Founded Apple, and Had Fun Doing It
(New York: W. W. Norton and Company, 2006).

  
2
Tim was at work one day:
This anecdote was recalled by Tim Spencer. Max later recalled Spencer’s advice in a letter to his sentencing judge in Pittsburgh.

  
3
If there was one thing Max:
Details of Max’s relationship with Kimi come primarily from interviews with Kimi.

  
4
Max went up to the city to visit Matt Harrigan:
Harrigan’s business and his work with Max were described primarily by Harrigan, with some details confirmed by Max.

Chapter 5: Cyberwar!

  
1
In 1998, security experts discovered the latest flaw in the code:
This account of Max’s BIND attack draws primarily from court records, including Max’s written confession, interviews with Kimi, and interviews with former air force investigator Eric Smith. E-mail snippets between Max and the FBI are from court records. Technical details come primarily from a contemporaneous analysis of Max’s code that can be found at
http://www.mail-archive.com/[email protected]/msg01857.html
.

  
2
issued an alert:
“Inverse Query Buffer Overrun in BIND 4.9 and BIND 8 Releases,” CERT Advisory CA-98.05.

  
3
He sent Paxson an anonymous note:
The note was provided to the author by Vern Paxson. Max confirmed that he sent it.

Chapter 6: I Miss Crime

  
1
Kimi came home from school:
Kimi described this portion of the FBI search and its aftermath.

  
2
The FBI agents saw an opportunity in Max’s crime:
The details come from court
filings by the defense attorney in
USA v. Max Ray Butler
, 5:00-cr-20096, U.S. District Court, Northern District of California.

  
3
Max was in heaven:
Interviews with Max and Kimi.

  
4
Carlos Salgado Jr., a thirty-six-year-old computer repairman:
Details of the Salgado caper come from interviews with Salgado, Salgado’s intended buyer, the former system administrator of the ISP he hacked, and court records in
USA v. Carlos Felipe Salgado, Jr.
, 3:97-cr-00197, U.S. District Court, Northern District of California. The FBI declined to comment on the case or to identify the victim of the credit card breach.

  
5
The next day, Max met Harrigan at a Denny’s:
Interviews with Matt Harrigan and Max.

Chapter 7: Max Vision

  
1
In late 1998, a former NSA cybersecurity:
Interview with Marty Roesch.

  
2
The reason I signed the confession:
Interviews with Kimi. In interviews with the author, Max expressed the sentiment that his attachment to Kimi worsened his legal situation.

  
3
“It’s his stuff”:
Snort IDS mailing list, April 3, 2000. (
http://archives.neohapsis.com/archives/snort/2000-04/0021.html
).

  
4
Patrick “MostHateD” Gregory: “Computer Hacker Sentenced,”
U.S. Department of Justice press release, September 6, 2000 (
http://www.justice.gov/criminal/cybercrime/gregorysen.htm
).

  
5
Jason “Shadow Knight” Diekman: “Orange County Man in Federal Custody for Hacking into Government Computers,”
U.S. Department of Justice press release, September 21, 2000 (
http://www.justice.gov/criminal/cybercrime/diekman.htm
).

  
6
Sixteen-year-old Jonathan James: “Juvenile Computer Hacker Sentenced to Six Months in Detention Facility,”
U.S. Department of Justice press release, September 21, 2000 (
http://www.justice.gov/criminal/cybercrime/comrade.htm
).

Chapter 8: Welcome to America

  
1
The two Russians:
The details of the Invita sting and the background of the Russian defendants come primarily from court records, particularly
USA v. Vassily Gorshkov
, 2:00:mj:00561, U.S. District Court, Western District of Washington, as well as an interview with a former FBI agent who worked on the operation. The description of the Russians’ attire and the reference to “the Expert Group”
comes from the excellent
Washington Post
story “A Tempting Offer for Russian Pair” by Ariana Eunjung Cha, May 19, 2003. Quotes from within the Invita office come from a transcript of the surveillance tape, with minor grammatical changes for readability.

Chapter 9: Opportunities

  
1
Max wore a blazer and rumpled cargo pants:
The author was present at Max’s sentencing hearing: see “As the Worm Turns,” SecurityFocus,
Businessweek
online, May 21, 2001 (
http://www.businessweek.com/technology/
content/jul2001/tc20010726_443.htm
). The letters written on Max’s behalf are filed in
USA v. Max Ray Butler
, 5:00-cr-20096, U.S. District Court, Northern District of California.

  
2
Kimi was talking to him on the phone:
Interview with Kimi.

  
3
Max took the news with eerie calm:
Interview with Max.

  
4
“I’ve been talking to some people”:
Interview with Kimi.

  
5
Jeffrey James Norminton:
Three of Norminton’s close associates, Chris Aragon, Werner Janer, and an anonymous source, described Norminton’s alcoholism, and Aragon discussed its effect on Norminton’s criminal productivity. Federal court records show Norminton’s assignment to a drug and alcohol rehabilitation center, and local court records reflect two DUI arrests in 1990 (Orange County Superior Court cases SM90577 and SM99355).

  
6
Norminton’s latest caper: USA v. Jeffrey James Norminton
, 2:98-cr-01260, U.S. District Court, Central District of California.

  
7
Norminton made it clear that he saw real potential in Max:
Interviews with Max, Chris Aragon, Werner Janer, and another source familiar with Max’s and Norminton’s jailhouse planning.

  
8
Max refused to sign:
Kimi and Max agree on this. Max says he refused to sign because Kimi appeared to be wavering in her commitment to divorce him.

  
9
I have been showing up at places:
Max’s plea to the security community is archived at
http://seclists.org/fulldisclosure/2002/Aug/257
.

10
Even the Honeynet Project:
Max says the project shunned him. Founder Lance Spitzner did not answer an inquiry from the author.

11
A global survey:
Conducted by the Belgian computer security company Scanit by way of a free online vulnerability assessment tool, July 9, 2003.

Chapter 10: Chris Aragon

  
1
Max met his future friend and criminal partner Chris Aragon:
Chris Aragon provided this account of his first meeting with Max. Max doesn’t remember where they first met.

  
2
The first robbery:
The first attempted bank robbery and the final successful one are described in court records for
USA v. Christopher John Aragon and Albert Dwayne See
, 81-cr-133, U.S District Court for the District of Colorado. Additional details, including the Dumpster incident and Aragon’s lifestyle at the time, come from the author’s interviews with Albert See, Aragon’s former crime partner. In interviews, Aragon generally acknowledged his bank robbery conviction and his use of cocaine in this period.

  
3
he delved into credit card fraud:
Per Aragon, and confirmed by his former associate Werner Janer and Max.

  
4
busted in a nationwide DEA undercover operation:
Kathryn Sosbe, “13 arrested in marijuana bust/Colombian cartel used Springs as distribution point,”
Colorado Springs Gazette-Telegraph
, September 13, 1991. The Federal Bureau of Prisons confirmed Aragon’s conviction and sentencing on a charge of travel in interstate commerce in aid of a business enterprise involving the distribution of marijuana.

  
5
They wound up at the twenty-seven-story Holiday Inn:
The descriptions of Max and Aragon’s work together here and throughout this book come primarily from interviews with Max and Aragon, as well as their associates Werner Janer, Jonathan Giannone, Tsengeltsetseg Tsetsendelger, and another source involved in their crimes. Statements provided by Jeffrey Norminton to the FBI, summarized in court documents, also confirm many of the details.

  
6
a white-hat hacker had invented a sport called “war driving”:
“Evil” Pete Shipley. See the author’s “War Driving by the Bay,”
Securityfocus.com
, April 12, 2001 (
http://www.securityfocus.com/news/192
).

  
7
Janer offered to pay Max $5,000 to penetrate the computer of a personal enemy:
According to Aragon, Max, and other sources. Janer says the money was a loan. Charity confirms she received the check on Max’s behalf.

  
8
Charity had only the broadest notion of what Max was up to:
Interviews with Charity Majors.

  
9
On a whim, he cracked Kimi’s computer:
Interview with Max.

Other books

Eve Silver by His Dark Kiss
Shadows of Doubt by Corcoran, Mell
Beneath a Winter Moon by Shawson M Hebert
Killer Run by Lynn Cahoon
Night Unbound by Dianne Duvall