The FBI tracked a computer intruder who was sending spoofed emails through an offshore hosting site. They discovered the intruder was accessing a vulnerability on BoatingCT.com's website to view order logs from various IP addresses. The FBI traced the activities to a student at the University of Akron through IP addresses, court orders, and login records. The student admitted to hacking BoatingCT.com and pled guilty. He was sentenced to 12 months in prison and $20,000 in restitution.
The FBI tracked a computer intruder who was sending spoofed emails through an offshore hosting site. They discovered the intruder was accessing a vulnerability on BoatingCT.com's website to view order logs from various IP addresses. The FBI traced the activities to a student at the University of Akron through IP addresses, court orders, and login records. The student admitted to hacking BoatingCT.com and pled guilty. He was sentenced to 12 months in prison and $20,000 in restitution.
The FBI tracked a computer intruder who was sending spoofed emails through an offshore hosting site. They discovered the intruder was accessing a vulnerability on BoatingCT.com's website to view order logs from various IP addresses. The FBI traced the activities to a student at the University of Akron through IP addresses, court orders, and login records. The student admitted to hacking BoatingCT.com and pled guilty. He was sentenced to 12 months in prison and $20,000 in restitution.
FBI New Haven Field Office Computer Analysis and Response Team:
Tracking a Computer Intruder
Facts > In the header information the 'From' address was different when compared to the 'Reply-To' address > This was being passed through a hosting site called hosting4u.net > FBI traced the owner of the IP address of hosting site to CommuniTechNet > Discovered that site hosted an e-mail spoofing site to hide sender identity > Court order to Hotmail.com for information on boatingct@hotmail.com FBI's Top three National Security priorities Protect the United States from terrorist attacks To counter foreign intelligence operations against the United States Protect the United States against cyber-based attacks and high technology crimes Additional Information - boatingct@hotmail.com account belonged to: Jason Smith (Name changed to protect ID) Location - Los-Angeles, CA from IP - 210.120.192.30 IP source: Seoul, Korea Registration Date: 23 April, 2001 (1 day prior to e-mail being sent) FBI Seal curtosy of https://pbs.twimg.com/profile_images/1706110925/fbi_logo_twitter_400x400.j pg EVIDENCE!!! Off Shore Support - IP belonged to BORANet In Seoul, Korea - New Haven contacted Legal, FBI Foreign liaison office in Seoul, Korea Additional Observations
> FBI noticed a suspicious string "../../../../../../../../"
> After research, it was found that the string allowed an exploit on the WebStore software which BoatingCT.com was using for their store > FBI notified BoatingCT.com of this exploit and the patch available (released 6 months prior) to fix vulnerabilities > IP's from various countries were used to access the order log files of BoatingCT.com using this vulnerability More Digging > Combining the details from Hotmail and BoatingCT.com logs it was found that a proxy server in California was used to access the "orders.log" files > The IP address of proxy server was registered to Road Runner in Herndon, Virginia > Subsequent court orders were filed for that location and the results found were: -Subscriber: Student at University of Akron CASE SOLVED Warrant Issued > FBI in Connecticut drafted a warrant for student in Ohio and sent to local unit > FBI found student in a frat house and the computer partially disassembled > After interviewing the student admitted to hacking BoatingCT.com > FBI recovered broken (unreadable) master drive as well as readable slave drive > On slave drive data was found proving intrusion into BoatingCT.com - June 13, 2002 the student entered guilty plea - Title 18 US Code 1030 a(4) - Sentenced to: 12-months in prison and $20,000 in restitution - Served only 6-months of sentence Other FBI Priorities include : Protect Civil Rights Combat significant violent crime Combat major white-collar crime Company affected : BoatingCT.com