December 14, 1999
Web posted at: 3:39 p.m. EST (2039 GMT)

In this story: Calling card numbers, credit reports, and more Giving the FBI the "pager treatment" FBI agents turn the tables Not as sexy, but more dangerous Phonemasters' skills gave them a 'power trip' Larger hacks slip under radar RELATED STORIES, SITES

By D. Ian Hopper, CNN Interactive Technology Editor
and Richard Stenger, CNN Interactive Writer

(CNN) - Where have all the hackers gone?

That's an understandable question considering the actions that currently pass for a news-making "hack." One might think that the days of Kevin Mitnick's phone hijinks or Robert Morris's computer worm, which disrupted the operations of over 6,000 computers nationwide in 1988, are gone.

Sure, there's malignant code like the Melissa virus which struck computers earlier this year, but so many viruses rely on users to knowingly or unknowingly pass them on until they finally strike. When they do strike, they usually just wipe out the user's hard drive - not so horrible, on a global scale.

But how about stories of intelligent hackers who download calling card numbers straight out of the data banks of giant phone companies in order to use or resell them, download and resell credit reports or have the ability to reroute or even take down entire telephone networks at will? Those guys are gone, right?

	READ THE TRANSCRIPTS
FBI transcripts from the Phonemasters case

Not so fast. They're far from done; they've just gone out of fashion.

Calling card numbers, credit reports, and more

A group of crackers called the Phonemasters, for example, stole tens of thousands of phone card numbers, found and called private White House telephone lines and rooted around in high-security FBI computer files in the mid-1990s.

But the gang behind ones of the largest hacks ever failed to see their names on one FBI list, a request to tap their lines. Some four years after U.S. agents busted the group, the last of three ringleaders now awaits sentencing in federal court.

Jonathon Bosanac pleaded guilty to two counts of computer-related fraud in a U.S. court in San Diego last week. The self-proclaimed "Gatsby" faces sentencing on March 2.

Two other reputed ringleaders were sentenced in September. Corey "Tabbas" Lindsley received a prison term of 41 months; Calvin "Zibby" Cantrell was given 24 months.

The hacker gang downloaded thousands of calling cards from AT&T, Sprint and MCI to sell on the black market, according to federal prosecutors. Some of the reported retail customers included the Sicilian Mafia.

"One of the most valuable skills is to be a phone phreaker. If you 'own' the phone system, you have the keys to the kingdom: you can listen to anyone you want to, call forward, switch numbers and route calls," said Matthew Yarbrough, the assistant U.S. attorney in Dallas who served as lead prosecutor in the case.

The scope of their activities was astounding. They could listen in on phone calls, alter secure databases and penetrate computer systems of credit report company Equifax and the FBI's National Crime Information Center.

Giving the FBI the "pager treatment"

The ringleaders even contemplated downloading every calling card in the United States, according to prosecutors.

A federal judge estimated that the group caused $1.85 million in business losses over three months.

The Phonemasters reportedly performed high-tech pranks, forwarding an FBI phone number to a sex chat line that left the bureau with a $200,000 tab. Some victims -- including a Pennsylvania police department that gave one Phonemaster a ticket -- received the "pager treatment," in which their phone numbers were each sent to thousands of pagers.

The Phonemasters, a name coined by authorities, even sold for hundreds of dollars copies of personal credit reports, state motor-vehicle records and addresses or phone numbers of celebrities like Madonna and Danny Bonaduce.

"The information, because of the confidential nature, had a lot of value," Yarbrough said.

Looking through confidential databases, they warned targets of FBI surveillance that their phones were being tapped. But they never checked to see if their own phones were under surveillance.

The Phonemasters went to great measures to avoid detection during their long-distance conference calls, never using their real names and speaking in code, referring to the calling card numbers as "tortillas," prosecutors said.

FBI agents turn the tables

But they were often aware of the risk. In the transcript of one 1995 conversation, Bosanac hears a strange noise on the line.

"What the hell happened?" he asked.

"That was the FBI tapping in," Cantrell joked.

"You know how ironic that's going to be when they play those tapes in court?" Lindsley said.

The FBI was listening, using a unique $70,000 prototype device that recorded every word and keystroke that moved along the phone line in Cantrell's home in Grand Prairie, Texas.

It marked the first time the FBI successfully eavesdropped on computer data traveling through telephone lines, federal prosecutors said.

In February 1995 a hacker friend told Cantrell his number was on a database of phone numbers under FBI watch. Soon FBI agents raided Cantrell's home, Lindsley's dorm room at the University of Pennsylvania in Philadelphia, and Bosanac's bedroom in his parents' house in Rancho Santa Fe, California.

It took more than four years before the three pleaded guilty to counts related to theft and possession of unauthorized calling-card numbers and unauthorized access to computer systems.

Lindsley who received one of the longest prison sentences in hacking history, refused to identify the voices of other hackers on tape.

Bosanac faces a maximum sentence of 15 years. His attorney Peter Hughes said that Bosanac will likely receive around 20 months in prison, in part because of his plea.

After the 1995 raid, Bosanac worked for a San Diego Internet company owned by AT&T, a Phonemaster victim. The company fired him after learning he had had hacked into their system, a federal prosecutor said.

Bosanac, who remains free on a $25,000 bond, now works for a San Francisco firm that is aware of his case, Hughes said.

Not as sexy, but more dangerous

It's understandable if you haven't heard of the Phonemasters. With the exception of local newspapers reporting on hometown criminals or the so-called hacker media reports, the national media has largely ignored the Phonemasters and others like them.

"Lately the media has been caught up in Web defacement," said Yarbrough, who also leads the FBI's cyber crimes task force in Dallas.

The actions of Web defacers are typically confined to replacing the "home pages," or index files of a Web site with text and images that either - in the case of "hacktivism" - reflect a political or social viewpoint, or simply boast that the hacker had access to the site. Frequently, in an attempt to show no actual malice toward the site administrators, the hacker saves a copy of the original home page on the server or even leaves a text file containing a blueprint of how the hacker got access.

In its most common form, Web site defacement causes very little actual damage when compared to a large-scale intrusion like the ones made by the Phonemasters. But the site that has "I own you" scrawled on it is a lot more obvious and brash than illegal charges made on thousands of calling cards. Hence, the graffiti artist gets what many of them want most: publicity.

That's not only a shame, say some computer crime observers, but it's also very dangerous.

"The web graffiti kids really affect public perception," says Brian Martin, administrator of the Attrition.org site, which logs and comments on computer hacks. "Because of vague wording and unfounded comments, journalists often imply that because a Web page was defaced, an entire network was compromised. That is hardly the truth. Most of the time these kids couldn't touch the internal network."

Phonemasters' skills gave them a 'power trip'

To Martin, the public should be more worried about people with the skills of the Phonemasters.

"The level of knowledge they possess about computer systems, phone systems in particular, is amazing. In many cases they know more than highly paid and specialized technical operators of the systems they are into."

Martin suggests the Phonemasters were driven by two quests common to hackers: "learning and exploration." Then the just as common third purpose, a power trip. "They liked having access to any and all kinds of information."

Martin has written several essays urging "script-kiddies," a demeaning term for hackers who use ready-made programs written by others for breaking into systems, to cease defacing Web sites. He writes that it's not worth the almost inevitable discovery and punishment by authorities for such little accomplishment as inconveniencing a site administrator for a few hours and scaring some customers.

"It disgusts me to see media attention being given to kids with scripts," Martin says. "Their annoying kiddie messages are a waste of time for all involved. Their weak justifications for hacking are only there to make them feel better about their activities and give it some sense of righteousness. The media dutifully inflates their egos when they get lucky and find some big corporate or military server vulnerable to the latest script they got."

Larger hacks slip under radar

Space Rogue is an employee of Boston-based L0pht Heavy Industries, a hacker think tank, and is the editor of Hacker News Network. He suggests that the Phonemasters have slipped under the national media radar because their intrusions are phone-based, and don't specifically involve the Internet.

"The Internet is the hot technology topic at the moment and has been for some time. If it does not involve the Internet, people don't want to report on it. But this is a major crime and should be reported on. I just don't understand it," he says.

Like Martin, Space Rogue thinks the skills of the Phonemasters go far beyond the abilities of the Web graffiti artists.

"The Phonemasters can not be compared to script-kiddies in any way. The first are knowledgeable people who have learned systems inside and out. Script-kiddies can click a mouse on a button that says 'run'. There is absolutely no comparison."

Those "script-kiddies" shouldn't feel like their acts are being ignored by authorities, though. As the Internet continues being a vehicle for commerce, Web site defacements are increasingly having economic consequences.

Attacks against electronic business and government sites "both carry big problems. It's not the equivalent anymore to spray painting billboards on the highway," U.S. Attorney Yarbrough warns.

If e-commerce sites have to be closed to repair defacements, those companies can lost tens of millions a day in lost revenue, he said.

Martin, who mentions that the Phonemasters taught him some tricks as well, praises the Phonemasters for their restraint.

"They had the power to destroy entire companies, crash phone networks and more. Yet they didn't."

"The real evil is guys with the Phonemasters' skillset, but a lot less ethics," Martin says.

Note: Pages will open in a new browser window

External sites are not endorsed by CNN Interactive.