The Untouchables for the digital age

An inside look at an FBI hacker sting: Drinking Red Bulls to stay up all night. Posing as online criminals. Assembling an international hall of justice at Europol.

I had the rare opportunity to see behind the scenes as the FBI in Pittsburgh brought down the Darkode online black market. I spent some time with the Bureau as they disabled the network and then I had an exclusive interview with the undercover agents about how it went. The case ultimately involved 70 criminals from Brazil to Pakistan to the campus of Carnegie Mellon University.

J. Keith Mularski, the FBI cyber guy in Pittsburgh, once posed as the hacker Master Splyntr to take down a crime ring.

J. Keith Mularski, the top FBI cyber guy in Pittsburgh, once posed as the hacker Master Splyntr to take down a crime ring.

Assistant U.S. Attorney Jimmy Kitchen and two FBI agents from Pittsburgh sat two weeks ago around a large square table inside the ultramodern, glass-walled offices of Europol, Europe’s leading law enforcement agency.

The Pittsburghers were joined by top prosecutors and police officers from 20 nations. Some were familiar from FBI training they had done in Pittsburgh, and others had become friendly during the previous six months as they worked together to take down Darkode, a private online black market for hackers and criminals.

“It was like we were the United Nations,” Kitchen told the Tribune-Review in an exclusive interview. “We had our little placard in front of us that said, the United States, and every country had its own.”

Read more: http://triblive.com/news/editorspicks/8749274-74/agents-darkode-fbi#ixzz3g45WTx91

Then my colleague Mike Wereschagin jumped in when I needed help tracking down the local man charged in the FBI’s Darkode sting. Our boss Jim Wilhelm challenged him to come up with this killer lede…

Agents say this CMU student operated online as a hacker known as Android.

Agents say this CMU student operated online as a hacker known as Android.

A fresh-faced college student who once designed a mobile app to bring Pittsburghers together slipped from his prestigious Carnegie Mellon University classrooms into the shadows of the Web, where he sold a program that put thieves inside people’s pockets, federal authorities said Wednesday.

Read more: http://triblive.com/news/editorspicks/8749286-74/culbertson-fbi-android#axzz3fmxQzP3p 

Advertisements

Essential Andy Conte

U.S. Attorney David Hickton, on left, stops by WESA's Studio A to talk with me about Internet criminals.

U.S. Attorney David Hickton, on left, stops by WESA’s Studio A to talk with me about Internet criminals.

Pittsburgh’s NPR station, WESA-FM, handed me the keys to its daily news talk program Essential Pittsburgh.

I talked with U.S. Attorney David Hickton. This was his first live radio interview and he brought the passion for going after hackers — as well as some advice for computer users. “This is the crime of our age,” he said.

Steven_Labalme_Eiffel_TowerWe also chatted with @NewGirlInTown Elaine Labalme — about her recent trip through Europe. We compared notes about the continent’s more liberal attitudes. Of course you want the kids to see Amsterdam’s red-light district!

And finally, wIMAG1315e went out of the studio for a behind-the-scenes tour of Pittsburgh’s Allegheny Observatory. You won’t believe what they have hiding in the basement! We also sat down with observatory director Lou Coban, who has one of the most unique jobs in town.

Many thanks to producer Marcus Charleston (below) for bringing this all together. You can hear the full rundown here.

IMAG1323

Chinese takeout

Looking at Chinese military hacking, we figured out that they were using free email services backed by American investors. By way of the Cayman Islands. It’s a little complicated but I was able to work Wang Dong into the story…

Chinese hackers

American investors are unknowingly making it easier for Chinese hackers and other online criminals to hide from authorities here, the Tribune-Review has learned.

Continue reading

Why Pittsburgh?

For the second time in as many weeks, national reporters are asking: Why Pittsburgh? First it was U.S. Attorney Hickton indicting the Chinese military hackers. Now it’s Hickton and the FBI going after Russian criminal hackers.

Why Pittsburgh? The FBI’s top cyber investigator Keith Mularski told me that’s easy: “I just think it goes to the team we have here in Pittsburgh and the resources we have. … We have one of the best teams in the country, if not all of the world.”

Talking with experts who worked this latest case from the inside out, I was able to piece together a story you won’t read anywhere else. It tells about how the nation’s top cyber experts — in Pittsburgh — tracked down hackers all the way back to a Black Sea resort town in Russia.

This map shows the locations of computers in Pennsylvania infected with the Russian malware Gameover Zeus on a single day in May 2013.

This map shows the locations of computers in Pennsylvania infected with the Russian malware Gameover Zeus on a single day in May 2013.

FBI cyber agents in Pittsburgh helped bring down two Russian-based cybercrime schemes that infected more than Continue reading

Steel city vs. China

The national media missed the point of the federal indictment against the Chinese hackers. This did not come out of Pittsburgh just because the companies were here. This came out of Pittsburgh because the guys behind the investigation and prosecution are Pittsburghers. The best line of my story on the FBI’s top investigator is that his father was a steelworker. This is personal. Those of us who grew up here get that.

steelworkers

Hundreds of other U.S. companies have been hacked by the Chinese military officials accused in a federal indictment of breaching Pittsburgh-area companies, the FBI’s top cyber investigator told the Tribune-Review. Continue reading

Hackers aimed at Target through Sharpsburg firm

When I first started covering cybersecurity, I talked with a lot of top computer experts, intelligence officials, lawmakers with high-level security clearances. The people who know about computers and security seemed genuinely freaked out. Their biggest concern: This whole thing is evolving faster than we can plan for it.

All of that research came back to me this week when we found out that criminals seem to have attacked Target by going through one of its contractors in the Pittsburgh suburb of Sharpsburg. Here’s our take on how it most likely went down…

 

$RN5JE9K

David Brumley, a computer security researcher at Carnegie Mellon University.

For computer hackers, it’s like playing the Powerball.

Criminals looking to steal credit card records from a major retailer such as Target will play as many angles as they can, blitzing the company’s contractors to find a way inside its systems, hacking experts told the Tribune-Review Friday.

“Really what attackers are doing is a game of numbers,” said David Brumley, a computer security researcher at Carnegie Mellon University. “If they compromise enough individual computers… one of those will have access to their target computer.” Read more.

 

My ongoing investigative series CyberRattling: The Next Threat has looked at the advantages that hackers have. They only have to find one way in, while companies trying to defend themselves must cover up every possible gap. A single coding mistake, in the wrong hands, can be an opening to be exploited. It’s easy to see why so many people are worried. 

$RMSFVFH