Cryptome Hackers and Consequences
10 October 2010
10 October 2010
Court documents on Justin Perras' hacking capabilities and imprisonment: http://cryptome.org/0002/perras-hacknot.htm
Relevant: At the HOPE conference panel on snitches 18 July 2010, a panelist described how to read court documents to tell that an indicted hacker, or one released with only a warning, had been converted to a snitch for the government. This from one of several on the panel sent to prison by a fellow hacker's concealed testimony, a victim who had also been offered a deal to do the same, but after refusing to accept a deal, had a sentence maximized. At the same panel it was stated that conventional wisdom among hackers is that 25% of them are snitches. Using these odds at least one of the Cryptome hackers is a snitch (see below) who initiated the alleged attack (which is not likely to have happened as reported) to entrap the others, and was surely paid a fee to do so to create disarray and suspicion among the not yet nabbed. This is standard law enforcement, spy and counterspy means and methods. Buy the conference video from 2600.com.
28 September 2010
Two men of Kryogeniks gang were sentenced for 18 months in prison for Comcast.com domain hijack. There [sic] third one, James Robert Black Jr., 21, was sentenced in August to four month in prison and made a pact to collaborate with FBI in trying to caught [sic] other partners in crime. Christopher Allen Lewis, 20, of Delaware and Michael Paul Nebel, 28, got 18 month sentence in prison and ordered to pay $89,778.13 each.
oh shit kyrogeniks going down for the comcast hacks
[Selected excerpts on snitches]
Sinz: kryogeniks been known to snitch since me and xom got busted in 2k5
Sinz: its not that i dislike virus, its just that he's a lil xom clone in that they both snitch when pressed.
SippieCup: definitely snitching.
SippieCup: edit: i take back my previous snitching statment "definitely snitching" and in replace i say probably. it also could jsur be that they are pleading guilty. this is why you dont fuck with big names like this. they should have just edited the DNS to a server like they did and put an ad on it then every other link go back to the IP of comcast. probably could have gotten away with it for a couple hours before comcast noticed and comcast would not have come down as hard as they did due to no loss in service... still would have gone after them though
Craig: ebk snitched
Sis: [quoting] EBK slept for an hour Wednesday night; Defiant for 20 minutes. Even as the attack was in progress, the hackers began to feel the weight of their actions. Both say theyve been raided by law enforcement before. I slept in my clothes, because the last time they came, I was in my underwear with my dong hanging out and shit, says Defiant.
Rafael Nadal: Rofl are you guys real bitching about snitching? This isn't the mafia, there's no omerta or any kind of code of honor. The homo() is right. Actions have consequences. If they try to save themselves by making a deal, good for them. Snitching shouldn't be a problem if you're not doing anything illegal.
Rafael Nadal: What are you, 12? Do you understand that "snitching" only exists if there's something to "snitch" about? Stop acting so hard. You're a white kid living in a middle class neighborhood. You're not ghetto, you're not gangster, and there's no code of honor on the internet.
Pad: when people willingly cooperate with law enforcement incriminating themselves and their peers it's not only shockingly retarded it's also a display of weakness and a lack of integrity. it has little to do with "acting hard" as much as it has to do with common sense and a basic understanding of the 5th amendment. people tend to bury themselves out of fear and ignorance. and for the record i'm not a kid nor am i "middle class," punk bitch
Rafael Nadal: WHAT INTEGRITY?! What the HELL are you talking about? What part of "actions have consequences" do you not understand? Snitching only exists if there's something illegal going on. If you're not doing anything wrong, nobody can snitch on you. Snitching is also a vital part of the judicial system, as it uses the small fish to catch the big fish, nothing wrong with that. Don't like snitching? Don't open yourself up to prosecution.
Craig: snitching is a problem in ebk's case, where he was involved in this and went on a tell-all rampage (exposing his boiz) just to potentially save some skin on his ass
Pad: snitching is a problem in any case i feel like i just woke up in narnia
9 October 2010
Cryptome to A2:
Thanks for the advice. Train Req appears from all boxes on our LAN, some never before logging onto Earthlink. We will look more closely as you suggest. However, Earthlink is likely running a honey pot for its own use or for its lawful cohorts. We have noted that on Cryptome just now.
9 October 2010
Cryptome to A:
You will know that the mail address cryptome[at]earthlink.net is not secure: Earthlink has not closed the hole made by the hackers. It is a honey pot for several watchers.
"Justin Perras" Disavows Cryptome Hack:
No evidence provided that this is by Justin Perras and not a standard hacker impersonation. Several impersonations and forgeries have been received related to the Cryptome hack. Some were apparently provided to Kim Zetter at Wired and no evidence was provided by her for those either. A call to the telephone number listed will get a bogus response. Perras and other perps like him have tried to weasel out of previous misdeeds by claiming they were impersonated, misunderstood or falsely accused.
9 October 2010.
Information here consists merely of allegations and the named perps are presumed innocent until proven guilty. Proof is coming in thanks to a bevy of contributors. With proof in hand, Step 2 of the ass-burning will commence.
If the hackers have downloaded the personal and office files of John Young's LAN as alleged, it is expected follow-up attacks 1-15 described below will be attempted. Indication of using any of the stolen LAN files, or more likely forgeries based on them, will be welcomed to demonstrate a constructive and educational response.
Add information on Corey "Xyrix" Barnhill, Michael "Virus" Nieves and Justin "Null" Perras.
Parties claiming to be Michael Nieves and Justin Perras have emailed and telephoned Cryptome a clumsily forged cease and desist demand to remove information in this file. The two are rightly frightened: Perras is an ex-convict and Nieves avoided prison just barely, thus easy targets for law enforcement hammering as repeat offenders and being used as undercover entrappers and snitches. The two are also easily manipulated by Barnhill who is known to bully, extort, exploit and blame those he thinks weaker by using personal information, often stolen, and challenges to "manhood." Barnhill like all bullies is a coward terrified of those he cannot bluff, thus surely a snitch under LE pressure to rat other perps. These three will shop one another as pressure builds, Perras the first to crumble due to his prison record and complicity in setting up stings to entrap hackers.
A notable security person says that based on direct experience "Virus" is the likely perp of the Cryptome email burglary setting in motion the larger hack and theft of files. That Virus is adept at social engineering but technologically deficient.
8 October 2010
Add message from someone alleging to be Mike "Virus" Nieves, a standard hacker spoof with no means to legitimate.
Cryptome Hackers and Consequences
Based information sent to Cryptome and found elsewhere --Wired in particular has valorized, monetized and lied about them -- the alleged Cryptome hackers, operating collectively as Kryogeniks, are:
Screenshot of Kryogeniks taken 8 October 2010 10:40AM ET:
These alleged Cryptome hackers (and other hackers along with their mentors and employers: official, commercial and criminal spies) are known to:
1. Blackmail for payment by threatening to expose confidential information after providing tips to reporters about a break-in or sending demands to the victim with samples of evidence.
2. Make demands on ISPs for payment to conceal security vulnerabilities with taunting disclsoures to journalists for stories and samples of evidence.
3. Sell confidential information to others who will blackmail or mark-up and sell to others for criminal use.
4. Snitch on and blame others to cover their tracks using multiple levels and methods of snitching and blaming.
5. Provide confidential information, legitimate and forged, to officials and law enforcement to punish a victim.
6. Provide confidential information, legitimate and forged, to law enforcement for payment.
7. Provide confidential information, legitimate and forged, to law enforcement as part of a deal to escape prosecution.
8. Claim to destroy their computers to avoid being prosecuted for what is on them.
9. Claim they were only bragging about exploits but did not actually do them.
10. Claim they are protected by contacts in law enforcement through family and friends.
11. Claim they hacked for patriotic reasons and not for personal gain (hmm, smells like Lamo, Wikileaks and TLAs).
12. Claim they hacked to demonstrate skill at exposing the truth but not cause harm. (like Lamo and Wikileaks)
13. Claim they were too inexperienced to understand the consequences of what they were doing.
14. Claim hacking was just teen-age fun and should not be taken as a real threat.
15. Claim they do not hack for payment or for publicity or for anything non-hackers do for success.
16. Cloak their behavior with pretentious language, clothing, insults, arrogance, mock humility and cowardice when caught, and much more, as fabulously described and exemplified at http://encyclopediadramatica.com (no other website so deftly deflates pretentiousness, stupidity, vainglory and perfidy on- and offline -- cringe and laugh at your heroes, enemies and yourself there laid bare).
Date: Fri, 8 Oct 2010 12:07:36 -0400
I really don't appreciate you making false accusations against me and other members of our group, lying about our group and posting my previous address which I no longer reside at but my elderly mother still does. I have done nothing to you or your website and have no interest in your files or mail spools, please cease your lies and slander immediately.
From: Paul Roberts <Paul.Roberts[at]kaspersky.com>
Hey who have you been talking to/communicating with at Earthlink? Trying to go through the front door (their PR) and its very time consuming
Also, had an interesting conversation with Mr. Barnhill. He claims it was [omitted] (or whatever) gave them up. True?
Happy to chat if youre around: 617 817 0198.
Paul F. Roberts
Pete LNU is the Earthlink (high official he says) person handling the matter. His cell: 770-608-xxxx. Scribbled the number almost illegibly. If not accurate let me know. [Later Paul says the number is not Pete's.]
Pete said on Wednesday he would be traveling for a couple of days.
[Omitted] was the first to report to us he was being set up by Barnhill to punish him after money extortion by Barnhill failed. I don't want [omitted] identified yet: he is afraid of Barnhill, a big guy who can be violent. Okay to report Barnhill can be violent and is feared by those he falsely accuses and bullies.
Mike Virus Nieves, or more likely an imposter, has written to protest being defamed. That message has been added to [this file].
If you believe any of this shit you must be a redneck. Like Earthlink. Do you know it is owned by Scientologists? Not that that matters, but some hackers think its a sign of evildoing.
I have done architectural work for Scientologists in NYC. Also for Church of Christ Scientists, Opus Dei, Baptists, Episcopaleans, atheists, socialists, Black Panthers, 5 Percenters, Mafia, Muslims, communists (yes, the last Marxist school inf NYC), and so forth. Been screwed on fees by many of them. No secrets those, most are on our architectural website.
Listen, I can't over-emphasize the importance of
for understanding what is going on in hacker world of lying, cheating and criminality, including Wikileaks hyperbole machine, and as ever, that of angelic journalism.