Waterford men hacked store files, FBI alleges

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.freep.com/news/locoak/nhack11_20031111.htm

BY DAVID ASHENFELTER
FREE PRESS STAFF WRITER
November 11, 2003

Two young men sitting in a car in the parking lot of a Lowe's home 
improvement store in Southfield repeatedly hacked into the company's 
national computer network over the past two weeks, gaining access to 
credit card numbers and other information, federal prosecutors said 
Monday. 

It's unclear what the two men planned to do with the information. 

They may have been engaged in the recent hacker craze known as 
"wardriving" -- cruising around with a specially equipped laptop and 
an antenna searching for unsecured wireless networks hooked to the 
Internet. Assistant U.S. Attorney Karen Reynolds said the 
investigation is under way. 

Paul Timmins, 22, and Adam Botbyl, 20, both of Waterford, didn't 
explain what they were up to when they appeared Monday in U.S. 
District Court. Magistrate Virginia Morgan told them anything they 
said could be used against them in court. 

Timmins said he is a $38,000-a-year computer network and security 
specialist for a Southfield software company. Botbyl said he's a 
student at ITT Technical Institute in Troy. Morgan released both men 
on $10,000 unsecured bonds. 

FBI agent Denise Stemen said in an affidavit that Lowe's alerted the 
FBI recently that intruders had broken into its computer at company 
headquarters in North Carolina, altered its computer programs and 
illegally intercepted credit card transactions. 

Stemen said the company's computer system had been hacked repeatedly 
from Oct. 25 through Nov. 7. She said that the intruders gained access 
through the national network by logging onto a user account over the 
wireless network of the Lowe's store in Southfield. 

Once in the system, the intruders gained access to Lowe's stores in 
six states plus the headquarters system, Stemen said. 

She said hackers altered the software Lowe's uses to process credit 
card purchases nationwide. On Nov. 5, the hackers installed a 
malicious program that disabled several computers at the Long Beach, 
Calif., store, she said. 

Lowe's spokeswoman Chris Ahearn said the company has taken steps to 
beef up security, but wouldn't elaborate. 

In alerting the FBI, Lowe's security said the intruders probably were 
operating within 1,000 feet of the Southfield store. 

FBI agents set up surveillance Friday night and said they spotted the 
two men sitting with laptops in a Pontiac Grand Prix equipped with 
antennae. Agents followed the men and apparently arrested them 
Saturday. Agents also searched their apartments in Waterford. 

During their court appearance Monday, Morgan ordered both men not to 
use computer equipment or access the Internet except at work or 
school. 

The men are charged with causing damage to a protected computer 
system, which carries a maximum penalty of 10 years in prison and a 
$250,000 fine, upon conviction. Reynolds told Morgan that the men, who 
were arrested on a criminal complaint, are likely to be indicted 
within a few weeks in Michigan or Charlotte, N.C. 

"Wardriving" is named after the old hacker practice called wardialing, 
the stunt that actor Matthew Broderick made famous in the 1983 film 
"WarGames." Broderick's character hacked into a military computer and 
nearly triggered a nuclear war with Russia.

Contact DAVID ASHENFELTER at 313-223-4490. 


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.