mercredi 27 avril 2011

[Book] Kingpin: How One Hacker Took Over The Billion-Dollar CyberCrime Underground


For once in a while, why not write in English?
Afterall, you are around 20-30% of English speaking people reading up my blog, it would not be fair not to speak about this great book and not share it more.

Small book presentation

This book is written by Kevin Poulsen a former hacker and now senior editor in Wired. He is the creator and maintainer of the "Threat Level" section in Wired. He is mostly known for his various hacks such as the 911 red Ferrari hack. Now, he is one of the most recognized cyber crime journalists out there.

That is the story of a once recognized computer security specialist who turned into a super villain. "One day a hacker, always a hacker" could not describe better this story. This is a great journey in the underworld while staying safely at our place.


Max Butler, grew up in Meridian, Idaho with his parents until they got divorced in his fourteenth year. It devastated him, he wound up living in Meridian with his mother and his younger sister Lisa. His passion of  computers started out when he was young, his father who ran a computer store influenced him, it led him to write BASIC programs at the age of 8.

In his high school years, he began dating a girl named "Amy", they got pretty serious with high school ending. He was devoted to her and chose to go to the Boise university, the same as hers. From there, their adventure in the online world got more mixed up as TinyMUDs was becoming addictive. Jealousy led him to make threats to her and wound him up in prison for "deadly weapons": his hands ...

5 years later, he were to be welcomed by his old friends (Tim Spencer and the others from his highschool days) in the "The Hungry Programmers" house. From this day onward he were to get jobs from his buddies and recreationnal hacker otherwise. His hacking led him to get a lawsuit by "Software Publishers Association" and be featured in Wired, this whole affair introduced Max to the FBI. New assignments and a new life yet to begin.

Thus began "the white hat years", but still a recreationnal hacker, A new home, a new job, the only thing missing was someone to share it with, he met his wife Kimi Winters at a rave party. A home, a devoted wife, beloved friends and a good career perspective. He would waste it in some weeks.
In 1999, a BIND buffer overflow vulnerability was uncovered.
bcopy(fname, anbuf, alen = (char *)*cpp - fname);
It was something huge, it could have been devastating. He was decided to fix it, he wrote a worm which would propagate itself through vulnerable systems to patch them and backdoor them. All the machines were now fixed and insecure to only one hacker: "Max Vision". He got tolerated by his FBI colleagues under the condition he would collaborate with the FBI once again, he failed to do so, busted was it.
His acquired reputation in the white hat world through and arachNIDS would have ensured him a a brilliant career and life. He was to forget that he had a pending judgement, it got him 18 months in prison and unemployability, another injustice for him did he think. Nobody wanted to hire him anymore ... A slow descent to the underground was to begin.

In the joint, he met with Jeff Norminton who would later introduce him to Chris Aragon, his partner in crime. From there, it was just a matter of time for escalation. From ShadowCrew to CarderPlanet, he was hacking fraudsters from all over the world. Counterfeiting credit cards was their business, it was juicy, but not enough.

The law enforcement services, had their tentacles in the underground forums, ShadowCrew and CarderPlanet for some time. On July 28, 2004, King Arthur decided it was time to close CarderPlanet. ShadowCrew were to follow, 26 October 2004, the USS, FBI, took it down with its administrators and others as well. The underground was crushed, paranoid and homeless, nobody would think of a board for a long time ... or so they thought.

Max and his partner, Chris Aragon, were suspicious, not trusting any existing smaller criminal forums. Max decided, the best would be a site were he could do business safely without it being corrupted or full of feds. Max as IceMan, launched CardersMarket in late 2005, a new home for IceMan criminal activity was born.

After some months of activity, his forum was up and running, it was not enough. The carding community needed to be reunited in the post-ShadowCrew carding scene. He would provide that by taking over DarkMarket, ScandinavianCarding, the Vouched, CardingWorld and TalkCash. Only DarkMarket survived assimilitation thanks to its backup and the Russian one due to language barriers.

One Hacker to rule them all, One Hacker to find them,
One Hacker to bring them all and in the darkness bind them

During that time, Master Splyntr, a FBI UnderCover, would take over DarkMarket. He managed to uncover carders identities, arrest them and prevent fraud through the insider information he had now access to.

From this point onward, it was only a matter of time for important ring leaders to fall one after another. On September 5, 2007, Max got busted at his appartment during a nap he'd taken. He did not managed to shut down his computer, two weeks later the CERT team decrypted his encrypted data (with DriveCrypt), 1.8 millions credit cards dumps were found. At the same period, some Albert Gonzalez, an ancient ShadowCrew informant for the FBI, was busted for TJ MAX and others for 45.6 millions dumps.

One hacker owning thousands and thousands of people in the USA. Think about it, we only see super heroes and super villains in comics ... what if they really existed?

What's next?

This book was mostly an eye opener on what existed and what methods cyber crooks and cyber criminals use to illegally make money. It is scary, it is real and it still have many more years to exist. Seems like security specialist is a future proof job, thanks or due to bank carelessness? Who would still be damn stupid to still use magnetic stripe only cards but banks? No really, it's expensive to change equipment .... but maybe not as much as cyber criminality.

We only scratched the surface of the iceberg, and yet it is profoundly interesting as a subject to study. Cyber-warfare? It has existed for years, but now it is taking bigger and bigger proportions. Would we see another BIND worm attack? We'll see, only time will tell. This is only the beginning, phear. Until then, hack and protect yourself and others.

This book really was enjoyable to read, this is a pure travel in the heart of the 21st century criminality and a sneak peek into cyber crooks mindset. A glimpse at a scary-true underground on the dark and white side of the force. Read it with envy, assimilate it with interest, paranoid they become and shadowy their world is. Enter the underground.

Phrack it, Read it, Enjoy it,



BIND vulnerability
One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards

1 commentaire :

  1. i think you meant to say, "once a hacker, always a hacker", but anyways, good post :)