==Phrack Inc.== Volume One, Issue Nine, Phile #10 of 10 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- {-=*> Phrack World News <*=-} *Issue VIII* Created by Knight Lightning Written by Knight Lightning and Sally Ride -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Welcome readers to PWN Issue VIII! The last few months have been pretty slow in the area of real news and this issue we feature; Phrack World Reprints. That's right, unfortunately most of the information in this issue is from outside sources. I hope you find it equally as interesting and remember... No News Is Good News! ______________________________________________________________________________ TMC Cracks Down August 26, 1986 --------------- Byline article by F. Alan Boyce, Associated Press Writer Raleigh (AP) -- The use of home computers to pirate long-distance telephone access codes and credit card numbers is increasing and may warrant more prosecution and tighter security, federal authorities said Tuesday. U.S. Attorney Sam Currin said five recent indictments for computer fraud stemmed from a six-month investigation involving home computers and computer bulletin boards in 23 states. By telephoning some computers, people with the proper passwords could get numbers that would let them charge phone calls to unsuspecting victims or make purchases with stolen credit cards. "One bulletin board contained more than 100 stolen telephone access numbers and 15 stolen credit card numbers," Curri said. "With the use of computers becoming much more prevalent in our society, we're going to see a lot more of this type of activity." The probe began with Telemarketing Communications (TMC) of Raleigh, where an estimated $100,000 was lost to unauthorized calls in six months. Investigators were aided by an unidentified 16-year-old high school student who had been caught by Telemarketing officials after making $2,000 worth of illegal calls, officials said. "That was a tremendous benefit to us in this investigation," Currin said. "High school kids today are computer-smart. They know what they're doing." The juvenile was not charged and has made restitution, Currin said. U.S. Secret Service Agent William Williamson said the youth provided passwords and used his own computer to reach the highest levels of bulletin boards operated by those indicted. A federal grand jury in Greensboro charged three North Carolina men Monday with illegally possessing charge-account numbers and telephone long-distance access codes obtained through home computers. Robert Edward Lee II of Durham was charged with devising a method for defrauding Telemarketing Communications (TMC). The grand jury also charged Michael William McCann of Dobson with possessing more than 15 unauthorized telephone access codes and account numbers owned by Telemarketing Communications, TransCall America and General Communication Inc. Tyrone Columbus Bullins of Reidsville was charged with possessing 17 unauthorized charge numbers and 15 unauthorized telephone access codes and account numbers. Ralph Sammie Fig of Knightdale and James Thomas McPhail of Goldsboro were indicted on similar charges by a grand jury in the Eastern District Aug. 19. Currin said each could face up to 10 years in prison and a $250,000 fine if convicted under tough laws passed in 1984. "The potential for fraud in this area is very great," he said. "We have an obligation to prosecute violators. Companies themselves, if they're going to stay in business and remain viable, also have an obligation to promote their own internal security systems." Mike Newkirk of TeleMarketing Communications said it was difficult to protect codes without making systems too hard for the average customer to use. "There are programs that break codes in security systems such as ours as the computer operator is even sleeping," he said. "It can be randomly broken and he can wake up the next morning and just check the file." Newkirk said his company was considering installing equipment that could deny telephone access to phones where trouble arises. But he said other alternatives, like having operators answer calls to screen for access codes, would be too expensive. Williamson, however, said one company that changed from computer answering to operators reported 5,600 callers hung up when asked for proper codes. Information Provided By Sally Ride:::Space Cadet ______________________________________________________________________________ Here's a news story out of Vancouver, Washington that shows an unusual twist on the old cat and mouse game we phreaks play with the feds and phone cops. The story should be entitled... FEDS TRASH HACKER ----------------- However, it's really headlined....... Teen Age Suspect In Local Computer Probe October 10, 1986 ---------------------------------------- by Thomas Ryll The Columbian A 15-year-old suspected hacker who reportedly used the nickname "Locksmith" is the subject of the first local sheriff's office investigation of alleged use of a computer for illegal long-distance telephone use. Clark County deputies seized the teen-ager's computer, related equipment, and bags of software Tuesday when they acted on a search warrant naming Tony E. Gaylord, 10317 N.W. 16th Ave, a Columbia River High School student. At one point in the investigation, trash from the Gaylord residence was examined for evidence of telephone numbers that had allegedly had been misused, according to the warrant. The warrant, signed by District Court Judge Robert Moilanen, states that officials of American Network have discovered illegal long-distance calls that have cost the company more than $1,700. Items to be seized at the residence were to be evidence of first-degree theft and second-degree computer trespass. No formal charges have been filed. Gaylord who was at school when his computer was seized, was not arrested, said Ronee Pillsbury, the sheriff's office investigator on the case. The county prosecutor's office is reviewing reports, and "we still have quite a bit of work to do on the case," she said. American Network is a long-distance telephone service company with offices in Vancouver. Although the firm has prosecuted computer hackers on its own, the sheriff's office has never been involved, Pillsbury said. Despite the fact that federal statutes often are involved, "American Network has not had much cooperation from the federal people, who have had a 'don't-come-to-us' attitude." The novelty of the case is further indicated by mention of the computer trespass law, a recent state statute that reflects a law enforcement problem that has grown with the proliferation of home computers. With modems and other equipment, unscrupulous users, sometimes called "phreakers," have tampered with computer records, made unauthorized telephone calls, pilfered bank accounts and otherwise misused equipment. The local case surfaced in October 1985, when an American Network "abuse analyst" examined company "switch reports" that "alerted her to a pattern she associated with computer hacking," according to the search warrant affidavit, which includes a list of telephone numbers all over the country that allegedly were illegally dialed. Investigation of another hacker led to Gaylord; one day in August, the family's garbage was searched by American Network investigators after Vancouver Sanitary Service workers bagged it and set it aside. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Some notes from Sally Ride:::Space Cadet: ---------------------------------------- A novel case in many respects! Not only was evidence collected by the phone cops trashing a hacker's garbage, with the cooperation of the garbage company but this is the first case involving the local sheriff's department. I have discovered the reason no charges have yet been filed in the case is because of an even more unique twist in this tale. American Network, commonly called Amnet and sister company of Savenet, has joined forces with MCI in the prosecution of this case and may bring in our good old friend TMC as well to aid in the persecution of Locksmith. During an interview with April Brown of American Network Security I was informed the problems for the Locksmith have only just begun. The article mentions $1,700 worth of calls. Well, that was when they first swore out the warrant. Amnet now has identified about $4,000 worth of toll and linked it to our friend Tony. But that's not all. After providing information on the case to MCI an amount tripling the Amnet long distance charges has been connected with this case. The Amnet agent had not received an indication from TMC on the amount they are bringing to the case. The question I have is why are these companies joining forces for the first time, that I'm aware of, to dump so hard on this one little guy out of this remote neck of the woods? Part of the reason appears to be because Amnet approached Tony's parents in late 1985 about their son's activities and were rudely turned away, according to April Brown. The other unusual thing about this story is the quote from Amnet about the lack of cooperation received from the federal authorities. Here I thought the feds were hot to trot to nail as many of us as possible. I guess not as hot as Amnet wants them to be. Typed and editorialized by Sally Ride:::Space Cadet ______________________________________________________________________________ Football Phreaking? October 1, 1986 ------------------- MIAMI (UPI) -- The University of Miami and MCI reached an agreement Wednesday that will keep the long-distance carrier from pressing charges against Hurricane football players who made long-distance calls using someone else's access card number. Miami Athletic Director Sam Jankovich met with officials of MCI Telecommunications Inc. and said that the matter had been resolved. The company had threatened to press legal action. An investigation by the Miami athletic department and MCI found up to 34 players were involved along with an undetermined number of other students. The Miami Herald said the bill for the calls could have been as high as $28,000. Many of the calls allegedly were made from New Orleans where the Hurricanes played in the Sugar Bowl New Year's Day. "We had a telephone conversation and visited with MCI officials and another meeting has been set for Friday to go over people who still have a balance," Jankovich said. "MCI has informed me they will not press charges against the student athletes involved. We have 12 players who still owe money. We will sit down with those 12 and develop a payment schedule on Friday." David Berst, director of enforcement for the NCAA in Mission, Kansas, said he was unsure if the NCAA would investigate the matter. Just goes to show, if you get caught, claim to be a dumb jock... Information from +++The Mentor+++ ______________________________________________________________________________ MCI Gets Scammed October 10, 1986 ---------------- ORLANDO, Fla. (UPI)--Jessica Barnett's phone bill this month was no quick read--it ran 400 pages long and totaled $90,152.40. "Who could pay a $90,000 phone bill? I'll have to mortgage my house to pay my bill," said the 28-year-old housewife, who contacted MCI Telecommunications Corp. in Atlanta shortly after opening the 2-inch thick bill. "I called them and said, 'Hi, I've got this high bill.' They asked how much, and when I told them they laughed. They said, 'You've got to be kidding.'" MCI spokeswoman Laurie Tolleson said computer hackers apparently discovered the Barnett's personal code and used it to make long-distance calls. Most of the calls were made to Tennessee, and some lasted nearly two hours, Tolleson said. Others were placed to Georgia, Alabama and Maryland. "It's like they call continuously 24 hours a day, all day," Barnett said. "I don't see the point in making these calls. If I was going to do something like that, I'd be exotic and call Europe--not Tennessee or Norcross, Ga." It was not Barnett's first problem with the phone company--she received a $17,000 bill in July. She thought things were straightened out when she did not get a bill last month, but the bill that arrived Monday included $70,000 in past-due charges. She said she and her husband, Jim, are not taking the mix-up too seriously. "He kidded that now he knows what I do all day," Barnett said. "What can you do? It doesn't bother me as long as I don't have to pay it. I feel bad for MCI. I think they're getting ripped off." Typed by Sally Ride:::Space Cadet ______________________________________________________________________________ MCI Introduces VAX Mailgate --------------------------- VAX Mailgate is a software product that combines the strengths of Digital Equipment Corp.'s "All-In-1" Integrated Office And Automation System with MCI Mail's public electronic mail service for around-the-world business communication. Information From USA Today-Special MCI Edition ______________________________________________________________________________ MCI Card Fraud Detection Unit - The Online Security System 11/7/86 ----------------------------- The following is a brief description of the new on-line security system for the MCI Card. The system developed in order to provide real-time detection of excessive (and therefore potentially fraudulent) card usage. Rather then depending on FREWS reports for their current Early Warning System, they are now able to investigate and arrest card abuse as it occurs, rather than waiting until damage has been done. A. Detection In order to detect possible fraud as it occurs, a counting mechanism in the Fraud Detection Unit will be tracking call attempts for every MCI Card authorization code on a continuous basis. Generic parameters based on number of call attempts in a specified period (currently 15 calls in a 25 minute period) are used to identify potential card abuse. As soon as the threshold is reached for any one code, Security and Investigation will be notified, via PC screen, hardcopy, and audible alarm. B. Verification Upon notification of a potential problem, Security and Investigations will first pull up the account record to check the Note Screen for anything that may indicate Card abuse (i.e., non-payment, Card lost, stolen, or never received). They will then try to contact the customer to verify whether the Card is being used legitimately or not. For problems detected after business hours, the customer will be contacted the following morning. C. Deactivation If the customer has not been making the calls, or if the account phone number is found to be illegitimate, the code will be deactivated immediately in the Card Authorization Center. If the customer cannot be reached, Security and Investigations will continue to monitor call volumes on the code and will deactivate the code only if the high volumes continue or reappear. D. Reactivation Codes deactivated due to fraud can only be reactivated by Security and Investigations. ______________________________________________________________________________