Ten of the most infamous ‘black hat’ hackers
As British hacker Gary McKinnon fights to avoid extradition to the US, we look at some of the most well known cases of malicious acts online - and the damage it caused.
The mail attacker - David L. Smith
Smith was the writer of the Melissa Worm, which in 1999 became the first major e-mail macro virus. He deliberately posted an infected document to an alt.sex usenet newsgroup from a stolen AOL address. The worm, believed to be named after a stripper he knew in Florida, forwarded itself to the first 50 accessible addresses in Microsoft Outlook address books.
Companies like Microsoft, Intel, Lockheed Martin and Lucent Technologies were believed to have had to shut down their email gateways due to the large amount of email the virus was generating. In his federal plea, he acknowledged that he cost caused more than $80 million to North American business, and was sentenced to 20 months in jail.
The Canadian teen MafiaBoy
MafiaBoy was the alias for a 15-year old Canadian boy who launched a denial-of-service attack that crippled sites such as Amazon, Dell, eBay eBay and Yahoo in 2000, which led to an estimated $1.7 billion cost in damages. The affected sites were bombarded with thousands of simultaneous messages, preventing users from accessing for up to five hours.
Although by Canadian law his name was not released by authorities, media outlets later revealed that his name was Mike Calce. Courts sentenced him to eight months custody in a youth detention centre.
The proxy intruder - Adrian Lamo
Currently a journalist and public speaker, Lamo is infamous for breaking into the New York Times and Microsoft. He was also said to have breached Yahoo, Bank of America and Citigroup. His technique was to take advantage of proxy servers which businesses use to let internal employees access the wider internet and to prevent access from intruders into the internal network.
Normally it should be a one-way door, but Lamo took advantage of badly configured proxy servers which allowed two-way entries. He could then access private internal networks from the outside. Breaking into the New York Times, he managed to view personal information on contributors, as well as gain access to social security numbers.
Dark Dante - Kevin Poulsen
Now a senior editor at Wired.com specialising in cybercrime, he was formerly a black hat hacker dubbed Dark Dante'. He was responsible for many high profile stunts, his most famous hack being when he took over the lines of an LA radio station to make him the 102nd caller, which earned him a Porsche.
The FBI started to pursue Poulsen, and he went into hiding. When the law finally caught up, Poulsen was sentenced to 51 months in jail. He has now made his name as a journalist, as well as being interviewed for media outlets such as the BBC and CNN. In 2006, Poulsen lead a computer assisted investigation on MySpace which lead to a paedophile's arrest as well as lead to policy changes at the social networking website.
The disgruntled employee - Timothy Lloyd
In 1996, Lloyd attacked Omega Engineering using a logic bomb', apparently due to being fired from his job at the company which he had worked for 11 years. He achieved this by planting lines of malicious code in the system which exploded', deleting manufacturing software from Omega, who had clients including NASA and the US Navy.
Chief financial officer Ralph Michel testified in court that the bomb destroyed programs and code generators which allowed the company to manufacture 25,000 different products and 50,000 different designs.
It caused around $10 million worth of damage - and possible caused layoffs - as well as dislodge Omega's foothold in the industry. The incident was investigated by the US Secret Service as well as data recovery and forensic experts leading to his conviction. He was sent down for 41 months.
The C0mrade - Jonathan Joseph James
Nicknamed C0mrade on the internet, James is known as the first juvenile to be incarcerated for cybercrime in the US at age 16. In 1999, he committed a series of crimes, including that of the website BellSouth
By far his most serious crimes involved high-profile organisations such as the Defence Threat Reduction Agency (DTRA) which is part of the Department of Defence. He also targeted NASA computers, who alleged that he downloaded software worth $1.7 million, shutting them down for 21 days.
He gained access to the DTRA by gaining access to a computer server and installing a backdoor. The program intercepted 3,300 messages from DTRA staff as well as user names and passwords from military computers. He was sentenced for six months in a detention facility.
Jonathan James died in May of this year.
In This Article
Application security fallacies and realities
Web application attacks are the most common vulnerability, so what is the truth about application security?Download now
Your first step researching Managed File Transfer
Advice and expertise on researching the right MFT solution for your businessDownload now
The KPIs you should be measuring
How MSPs can measure performance and evaluate their relationships with clientsDownload now
Life in the digital workspace
A guide to technology and the changing concept of workspaceDownload now