[Coco] hacker Hunt-Down Status

Lawrence Weeks dev at anabasis.net
Wed Dec 6 11:50:00 EST 2006


Once upon a time (Sun Dec 03), tonym wrote:

> Did you contact your local FBI office? That should be the first
> step nowadays. They look into issues like these.

> I've had to call them a few times over the past 5-7 years, and have
> actually had agents come and see what was done.

> That will be your first step, which will lead to s subpoena -
> or actually THEY can request the info from the ISP.

Several years ago, we had a script-kiddie break in. Nothing really
too destructive, other than deleting logs and a rootkit. He set up
some IRC bots and stuff like that. He was coming in from another
compromised machine. Called the FBI. I noticed that from the logs
he didn't remove that he was using pico and made lots of typos at
the prompt. So before locking him out, for fun I changed pico to be
a link to vi. He'd log in, start "pico" and then the session would
end. He never figured out how to quit vi.

The FBI actually found the kid, and even broke down the screen door
to his house. I believe he was like 15. He was sleeping on the sofa
during the school day, probably after all night hacking. The agents
identified themselves, the kid apparently said "oh, that" pointed to
the computer and went back to sleep. The FBI took the computers, and
talked to his dad. The kid probably got a good beating. Funny, yet sad.

Larry
-- 
Lawrence Weeks                                    lweeks at anabasis.net
Anabasis Consulting Ltd



More information about the Coco mailing list