Ten of the most infamous ‘Black Hat’ hackers

As British hacker Gary McKinnon fights to avoid extradition to the US, we look at some of the most well known cases of malicious acts online - and the damage it caused.

By Asavin Wattanajantra, 19 Jun 2008 at 12:08

Gary McKinnon’s fight against extradition to the US for hacking into military computers has focused attention on ‘Black Hat’ hackers and cyber criminals – those who attack computer systems for malicious reasons such as terrorism, vandalism or financial gain.

Here is a list of some of the most well-known such individuals and their work, which offers insight into the many ways computer systems can be breached. But it is important to remember that many of them don’t follow the current trend in hacking for financial gain, and this just describes the individuals who got caught...

The military superhacker - Gary McKinnon

The ‘superhacker’ Gary McKinnon, currently fighting his extradition to the US, is accused of committing the ‘biggest military computer hack of all time’. Between 2001 and 2002 he allegedly hacked into US Army, Navy, Air Force as well as NASA computers causing around $700,000 damage. Perhaps most seriously, he is also accused of altering and deleting files at a US Naval Air Station and causing its computer systems to shut down not long after 11 September 2001.

McKinnon is alleged to have carried out his hacking from his North London home. He has been arrested though never charged in the UK, but could face life rather than a couple of years in jail if he refused a plea bargain and was found guilty. He has never denied the charges, claiming he was motivated by curiosity and found his way in due to poor security.

The social engineer - Kevin Mitnick

Computer security consultant Kevin Mitnick hacked into Motorola, Nokia, Sun Microsystems and Fujitsu Systems, among others. According to Mitnick, he did not use software programs or hacking tools to compromise computers but instead used social engineering to gain passwords and codes. He is now in charge of his own computer security consultancy.

In his book ‘The art of deception’, he said that it was innocuous information that was the prized target of social engineers. He said: “Penetrating a company’s security often starts with the bad guy obtaining some piece of information or some document that seems so innocent, so everyday and unimportant, that most people in the organization don’t see any reason why the item should be protected and restricted.”

The Russian wire-frauder - Vladimir Levin

The Russian programmer was responsible for one of the largest and best-organised wire fraud schemes, where he transferred around $10 million from Citibank into bank accounts in Europe and the US. According to the bank, all but $400,000 was recovered as his accomplices around the world tried to withdraw funds.

In 1995, he was arrested in transit going through Heathrow Airport and, in 1998, extradited to the US where he was sentenced to three years in jail. It was not revealed how Levin managed to break into the Citibank systems, but it was claimed he did not have the technical ability to break into systems but may have been able to purchase the information needed for just $100.

The creator of the first worm - Robert Morris

Currently an associate professor at MIT, Morris was responsible for creating the first computer worm on the internet in 1988 – the Morris Worm, which security experts said changed the face of online security.

Morris said that it was first intended to gauge the size of the internet by self-replicating and not intended to cause damage. However the code contained a bug which allowed a worm to self-replicate in a single machine multiple times, causing thousands of computers to grind to a halt.

Although he was punished with a fine, he was lauded by some for revealing flaws in the online security. Morris later became one of the founders of the company Viaweb, which was later sold to Yahoo for around $45 million to be renamed Yahoo Store.

The mail attacker - David L. Smith

Smith was the writer of the Melissa Worm, which in 1999 became the first major e-mail macro virus. He deliberately posted an infected document to an alt.sex usenet newsgroup from a stolen AOL address. The worm, believed to be named after a stripper he knew in Florida, forwarded itself to the first 50 accessible addresses in Microsoft Outlook address books.

Companies like Microsoft, Intel, Lockheed Martin and Lucent Technologies were believed to have had to shut down their email gateways due to the large amount of email the virus was generating. In his federal plea, he acknowledged that he cost caused more than $80 million to North American business, and was sentenced to 20 months in jail.

The Canadian teen – MafiaBoy

MafiaBoy was the alias for a 15-year old Canadian boy who launched a denial-of-service attack that crippled sites such as Amazon, Dell, eBay eBay and Yahoo in 2000, which led to an estimated $1.7 billion cost in damages. The affected sites were bombarded with thousands of simultaneous messages, preventing users from accessing for up to five hours.

Although by Canadian law his name was not released by authorities, media outlets later revealed that his name was Mike Calce. Courts sentenced him to eight months custody in a youth detention centre.

The proxy intruder - Adrian Lamo

Currently a journalist and public speaker, Lamo is infamous for breaking into the New York Times and Microsoft. He was also said to have breached Yahoo, Bank of America and Citigroup. His technique was to take advantage of proxy servers which businesses use to let internal employees access the wider internet and to prevent access from intruders into the internal network.

Normally it should be a one-way door, but Lamo took advantage of badly configured proxy servers which allowed two-way entries. He could then access private internal networks from the outside. Breaking into the New York Times, he managed to view personal information on contributors, as well as gain access to social security numbers.

Dark Dante - Kevin Poulsen

Now a senior editor at Wired.com specialising in cybercrime, he was formerly a black hat hacker dubbed ‘Dark Dante’. He was responsible for many high profile stunts, his most famous hack being when he took over the lines of an LA radio station to make him the 102nd caller, which earned him a Porsche.

The FBI started to pursue Poulsen, and he went into hiding. When the law finally caught up, Poulsen was sentenced to 51 months in jail. He has now made his name as a journalist, as well as being interviewed for media outlets such as the BBC and CNN. In 2006, Poulsen lead a computer assisted investigation on MySpace which lead to a paedophile’s arrest as well as lead to policy changes at the social networking website.

The disgruntled employee - Timothy Lloyd

In 1996, Lloyd attacked Omega Engineering using a ‘logic bomb’, apparently due to being fired from his job at the company which he had worked for 11 years. He achieved this by planting lines of malicious code in the system which ‘exploded’, deleting manufacturing software from Omega, who had clients including NASA and the US Navy.

Chief financial officer Ralph Michel testified in court that the bomb destroyed programs and code generators which allowed the company to manufacture 25,000 different products and 50,000 different designs.

It caused around $10 million worth of damage - and possible caused layoffs - as well as dislodge Omega’s foothold in the industry. The incident was investigated by the US Secret Service as well as data recovery and forensic experts leading to his conviction. He was sent down for 41 months.

The C0mrade - Jonathan Joseph James

Nicknamed C0mrade on the internet, James is known as the first juvenile to be incarcerated for cybercrime in the US at age 16. In 1999, he committed a series of crimes, including that of the website BellSouth

By far his most serious crimes involved high-profile organisations such as the Defence Threat Reduction Agency (DTRA) which is part of the Department of Defence. He also targeted NASA computers, who alleged that he downloaded software worth $1.7 million, shutting them down for 21 days.

He gained access to the DTRA by gaining access to a computer server and installing a backdoor. The program intercepted 3,300 messages from DTRA staff as well as user names and passwords from military computers. He was sentenced for six months in a detention facility.

Jonathan James died in May of this year.

[Source: Itpro]