Full Disclosure mailing list archives
IRC FRAUD ALERT ADVISORY 01-2010-07
From: IRC FRAUD ALERT <ircfraudalert () gmail com>
Date: Thu, 8 Jul 2010 04:03:48 -0400
IRC FRAUD ALERT ADVISORY 01-2010-07 ircfraudalert () gmail com 07/07/2010 Record #: 01-2010-07 Subject: Andrew Alan Escher Auernheimer aka "weev" "weevlos" Joseph Evers Escher Auernheimer DOB: 09/01/1985 505 N SHADY AVE. APT 2 FAYETTEVILLE, AR 72701 Statement: Andrew Alan Escher Auernheimer, better known as weev and will be referred to in this release, is a 24 year old online "troll" who is partially responsible for the disclosure of 144,000 e-mail addresses he and his so-called "Goatse Security" group grabbed off of the AT&T website for the iPad activiation process. In a nutshell because the full story is available and my time shouldn't be wasted in explaining it in detail but IMEI numbers for iPads are submitted to the AT&T website and if the number is in use, the site would send back "Is _____ your email address?". Well, weev and his "team" created a script to submit fake IMEI numbers to AT&T, grab the email address and continue to generate fake ones to get a whole list. In the spirit of "full-disclosure", weev submitted the findings to a blogger who verified the addresses and deleted them, then wrote an article about it and drew attention to himself and "Goatse Security" Some folks have called weev heroic for standing up for privacy, but deep down inside - it comes down to weev's constant craving for attention so he can validify his otherwise meaningless existence by having a bunch of folks talking about what he has done. If you look at his past, it's the endless pursuit of attention that drives this man further and further. Now, with the authorities having arrested weev for drug possession, he is begging for money to be sent to him via Paypal so he can pay his "legal fees". Weev released a statement on security.goatse.fr, which is the "official" Goatse Security blog, about his treatment. I had a few people submit comments to his page because I found it odd that not even one comment was critical of him and shortly, I found out why. When these users submitted comments to clarify to people that indeed, he is in this situation due to drug possession and not from the iPad publicity stunt, these comments were not approved on the site because the comment section has comment moderation enabled. The blog is running WordPress 3.1-alpha, which does not have comment moderation enabled by default, so it's clearly weev's intention to distort the reality and continue to play the shell game to folks who cannot and will not think for themselves, especially to his followers on IRC. Plain and simple, this is exploitation. Weev's cult of followers, like the GNAA who worship him blindly as their GNAA President and channer crowd, continue to hoist weev on a pedestal making him out to be some kind of Robin Hood, when actually, he's a drug addicted sociopath looking to sucker folks into keeping his online persona and now, he's looking to these people to donate money. One great example of a blind follower of weev is: http://forums.joerogan.net/showthread.php?t=111182 Breaking Down Weev's Post: http://security.goatse.fr/hypocrites-and-pharisees It has to be broken down like this, since he has enabled moderation post-install on his Wordpress blog, and he refuses to acknowledge anything that questions or potentially criticizes him thus putting him into a bad light, with the exception of one comment which I posted below. Here is his statement broken down:
I was subsequently raided by the FBI and arrested, though I have been under gag orders and haven’t been able to discuss the details of what happened.
I'll discuss what happened - you were busted for drugs, claim it was for the iPad stunt and beg for money via Paypal. Police reportedly seized less than half a gram of cocaine, one suspected Ecstasy pill, one oxycodone pill and 19 tabs of suspected LSD from Auernheimer’s upstairs bedroom. Auernheimer admitted to possessing the drugs and helped police identify them. Source: http://www.arkansasonline.com/news/2010/jun/17/ipad-hacking-suspect-arrested-drug-charges/
The Institute of Electrical and Electronics Engineers posts on a lawfirm which did the exact same thing the author of the iPad slurper script did– incremented a numerical identifier on a public HTTP server to scrape data. They used this technique to take data from the Anthem/Blue Cross insurance company.
You were arrested for drug possession, plain and simple. I'm sure these lawyers didn't have half a gram of cocaine, a Ecstacy and oxycodone pill and 19 tabs of LSD. There is a big difference between you and that lawfirm, but your audience lacks the mental capacity to understand this.
Has the law firm had drugs “found” (and found is in quotes for a good reason, as the drugs “found” near me were “found” in the execution of a warrant for computers only, with a landmark free speech case involving a very angry 150 billion dollar corporation in the balance) within its offices? No!
Officials during the execution of a search warrant can find illegal items, such as in your instance with drugs, and call to talk to a judge about getting a warrant for that. It happens all the time. Your audience won't know this because their legal grasp is about on par as the average People's Court or Judge Judy viewer. The same could have went for charges coming if you had an stolen firearm because when the police secure the scene, serial numbers are taken off of firearms, ran through databases and assured to be your own firearms - not ones that were reported stolen. You could have cars on your property and the police have the ability to search each car on the property, check their VIN numbers and see if they are stolen. If they were, I have no doubt in my mind that car theft charges would have came up. Again, claiming of being a victim when actually, you are a drug addict with mental issues.
My actions and those of Goatse were not criminal; they were done using industry standard practices as a public service.
More like a giant publicity stunt spotlight on you to feed your online ego like the following stunts: - Toorcon2111, Cybercrime: http://video.google.com/videoplay?docid=-5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi *Note: Weev was under the heavy influence of drugs.. and was busted for drugs recently... Hmmmm... - http://www.jewishreview.org/local/Police-question-two-men-about-threats-to-Jewish-community *Note: Weev was raged about being named. Source: http://www.webcitation.org/5jnP71qsD - NYTimes "Mawebulence" Expose: http://www.nytimes.com/2008/08/03/magazine/03trolls-t.html?_r=1&hp&oref=slogin *Note: NYTimes article is typical of Andrew's ranting- making claims with no proof to back it up.
Scraping data from a public web server is an extremely common practice amongst lawyers, security researchers and journalists, not to mention web developers.
Correct, but most folks don't do it and claim responsibility for it by contacting a website so you can get that attention you so dearly crave or they submit it anonymously to a third-party, such as a journalist, so the information can be disclosed. You only cared about getting "Goatse Security" in the media because you just wanted to hear "goatse" in the media. You laughed when someone said it was mentioned on NPR and your many followers, with numbers shortly dwindling after you weed out the intelligent from the sheep, are furiously archiving each media mention of "Goatse Security" and the iPad stunt. Again you are feeding your craving for attention, feeding your ego and showing that it's all about publicity.
The warrant was executed without probable cause, as there is no way a reasonable and educated person could believe a crime was committed.
It's for the court to decide, but you could have sold those e-mail addresses for a spammer just as easily as you are begging for Paypal donations on IRC. You could have an iPad/Safari 0day vulnerability and was looking to sell a list of email addresses associated with an iPad to the largest bidder. Only you can tell us what your intentions are and each day, you always change something about the story, thus it being nothing more than an attention shell game.
Beyond that, my role in this was solely that of a journalist. I never took credit for the collecting of the data itself.
Then why are you doing this in the name of "Goatse Security" and your online persona, "weev"? Journalists have an unwritten code of ethics where they report on the story, not cause the problem and report on it to bring attention to themselves.
My case is absolutely important to bloggers and journalists. My case involves speech, and speech alone. If I’m threatened today, you are threatened tomorrow. The ability for bloggers and journalists to blow the whistle on corporate and government misdeeds is on the line here.
Way to go with the doom-and-gloom scenario. Kids, stay off of drugs or end up like weev - confused, addicted to substances, riddled with mental health issues and hated by his own family.
If you are a security professional, this case is obviously important to you. Full disclosure is important to the security community, and is the only way independent researchers can build a name and business for themselves. It is also the only way which the public can be informed and educated about risks to their safety.
Full-Disclosure is generally done for attention. See all the so-called security researchers who pop up and have little or no understanding of what they are doing. See also: MustLive or anyone on full-disclosure mailing list.
If you are a fan of the lulz, my case is important to you. I am the master of the art of the spectacle, and if you would like to see more spectacles you want me to stay on the streets. Support me and I promise you dividends in lulz for all eternity.
Your "lulz" often tread the line of black and white, so you claim to be the victim but are willing to cause more drama and issues in the future? Way to go on screaming about being a victim but willing to be the aggressor in the future.
The federal government has a long history in violating my civil liberties.
Attached: tin-foil-hat-instructions.pdf
So I made some obviously parodic videos consisting of support of the equally absurd policy of genocide of the Jews. Which, besides being an obvious joke, were constitutionally protected speech under Brandenburg v. Ohio.
If you made statements about a hypothetical situation with no immediate calling for lawlessness, it's covered under Bradenburg v. Ohio, but I do not recall you being investigated for your videos or your inflammatory podcasts. You were just vilified in the media after being on trial on websites and blogs. No true crime here. You just have a sick way of attracting law enforcement attention to yourself and calling yourself the victim in the same breath.
The reality that these videos were an obvious joke should only be enhanced by the fact that there is a Forbes article comparing me to Shakespeare’s puck and a Fox News article calling my rhetoric “offensive and witty detail”.
I heard that bad publicity is better than no publicity at all and this is what you crave, right?
Break into their house and steal hundreds of thousands of dollars of their assets on secret warrants while they are away on vacation, never delivering them a list of stolen property or any means to verify that it happened.
Really now? Or could it be your drug addict friends that you get your drugs from in Fayetteville, Arkansas?
Go to their business partners, friends and family and tell them outright lies (they said I “ran klan meetings in the desert” and “manufactured grenades”, no joke). Due to crown immunity, you can never sue the FBI for libel, no matter what they say!
As bad as it sounds, law enforcement has no legal obligation to tell the truth to you or folks they interview. They could have sat down, pulled out pictures of women and accused you of rape, then told you that they have DNA evidence to justify you raping women. It's to see how you react and I'm no supporter of it, but I'd figure anyone would know this. They want to put pressure on you to make you crack, so be honest with law enforcement and they will take the pressure off of you. John 8:32 Then you will know the truth, and the truth will set you free.
Go to the customers of their newly formed business, which they have invested all liquid capital in and tell them they are funding terrorism. They will no longer have customers.
I thought you were in Fayetteville, Arkansas to sell your company to Wal-Mart so you can have access to customer data? You said it yourself on IRC on 06/21/2010. 21:21 <&popeye> i really had no idea anyone would even get in trouble over this ipad thing 21:21 <+GaSSy> do they serve kosher food in prison 21:21 <+LiteralKa> you would get raped so fast 21:21 <&popeye> it seemd pretty much a non-crime 21:21 <+LiteralKa> if you had an easy bake oven 21:22 <+pynchon> you get 3 for 1 days if you work as a trustee 21:22 <+pynchon> get a job in the kitchen 21:22 <+LiteralKa> popeye: it is/was 21:22 <+pynchon> thats what i did 21:22 <+Rucas> steal max food 21:22 <+LiteralKa> AT&T is desperate 21:22 <+pynchon> i had mad hookups 21:22 <+homo> weev: what time of day were you raided and did ur neighbors find out 21:22 <+LiteralKa> to cover their asses 21:22 <@DolemitE> AT&T is evil 21:22 <+LiteralKa> homo: its national news 21:22 <~weev> homo: midday 21:22 <~weev> and yes 21:22 <+LiteralKa> they fucking found out 21:22 <~weev> landlord is kicking us out maybe 21:22 <%el_vez> lol 21:22 <~weev> well 21:22 <+LiteralKa> oh 21:22 <~weev> trying to get us to make "concessions" 21:22 <~weev> in a lease which is already exploitative 21:22 <&popeye> the concept of landlords is jewish 21:23 <+pynchon> what are you doing in bumfuck arkasnas anywyas 21:23 <%el_vez> lol 21:23 <&popeye> lol 21:23 <&popeye> thats a good question 21:23 <+GaSSy> do they approve of race mixing in arkansas 21:23 <~weev> was in the process of convincing walmart 21:23 <+LiteralKa> lol 21:23 <%el_vez> bumfucking of course 21:23 <~weev> to give me their whole category management database 21:23 <~weev> but 21:23 <~weev> thats sorta blown now 21:23 <+LiteralKa> KIK' 21:23 <+LiteralKa> LOL 21:23 <+pynchon> lol
Hand the target items which appear to be contraband in attempts to either frame the target for crimes or put psychological pressures on him.
You were at Toorcon, higher than a kite, on LSD and cocaine. They found LSD and cocaine in your house during the search. Hmmmmm.....?
All this because I dared put forward some politics, religion and humor that the establishment doesn’t like. I suppose I received better than Anwar al-Awlaki, a US citizen practicing his faith who received execution orders without trial signed by our Pharoah in return for merely speaking his mind.
He's inciting violence and mentored an American soldier into committing a violent attack at Fort Hood. Did you forget this, weev, or is it always about you?
After getting all that stuff they have us chasing after, I realized it was all a load of garbage and wasn’t a sufficient bribe to sit in my castle in the sky and watch the freedoms our forefathers fought and died for be flushed down the toilet.
Again, all about you and I don't think the forefathers fought for scraping data off of AT&T's website or fought for drugs. Give up the victim complex, it's getting old. Take responsibility for your actions!
I consider the absolute disdain our illegitimate leaders have for the Constitution the most important problem to be solved in our time.
And we get a political speech during this very lengthy, very erratic blog post?
They have libeled me with lies in the public forum, stolen my assets, attempted to frame me for crimes, brought false charges against me, terrorized my friends and family (including threatening my mother with rape), and intentionally destroyed my business.
The FBI threatened to rape your mother? Wow.. and destroyed your business? You were out to steal information from Wal-Mart while in Fayetteville. Oh I forgot! You are the victim!
I’ve also been subject to “journalists” with a complete lack of integrity telling blatant lies about me.
Journalists are about as desperate for attention as you, so why are your surprised when they made the story more about them than you? There is no honor among theives and criminals.
After having my money stolen and business ruined by the FBI because I dared speak my mind in a lawful manner, I am no longer in decent financial shape.
09:50 <weev> i gotta get some money 09:50 <weev> my cashflow sucks 09:51 <weev> whores 09:51 <weev> lavish cars 09:51 <weev> gigantic places to live 15:05 <weev> does anybody know these russians 15:06 <weev> that they are buying up hacked macs for 43 cents an install 15:26 <weev> i have access to like 15:26 <weev> 8k rooted macs 15:26 <weev> right now 15:26 <weev> and i would like to make a quick $3500 Why don't you live it up some more in an upstairs apartment above some lawyer's office in Fayetteville, Arkansas and cash in on those 8000 rooted Macs to make $3500, which is what you are begging for on IRC. $3500 to fight a drug charge? Get a public defender! You NEVER mention what legal trouble you are in and what you need this cash for. It's for a DRUG CHARGE and NOT for the iPad publicity stunt! Go to rehab, junkie, it's probably the best thing for you.
I have had all my computers seized on a warrant which could not possibly have had probable cause, and thus am lacking the very materials I would need to take this pro se
You purchased a netbook from Wal-Mart for $300 according to you on IRC and the radio interview you did when you got out of jail. The Internet should not send you money due to your irresponsibility.
This tyrannical bureaucratic torture should not happen to US citizens. I do not want America to crumble, and I want to continue my work defending the United States Constitution and protecting the American people from cyberthreats.
What about your claim of providing blackhats with 0-day vulnerabilities and distributing unique ones that you can find out who leaked what? Again, more wild claims, like how you hacked Amazon to drop all the LGBT material with no proof, but you provide proof of the FBI documents and provided a script of the AT&T scraping. Weev, can you ever tell the truth and when can we tell when you are not lying? Oh wait, when you aren't talking is a good indicator of you not lying.
To defend myself, I need money. I’ve never needed nor asked for help before, but I am really in trouble this time. If you could spare some cash to donate, please paypal some cash to: snailcricket () gmail com
Ah, the other shoe hit the floor. You need money, but hey - lavish cars and gigantic places to live, plus funding your drug addiction.. The 100% all pro-weev, approved-after-moderation comments are hilarious.
Vinnie July 6, 2010 at 6:31 pm Contact the ACLU immediately. They will most likely offer to take your case pro bono.
ACLU defends pedophiles and terrorists, since most of the police brutality cases are now handled by the NAACP. Doubt the ACLU would even consider the case.
Anon Legion July 6, 2010 at 8:17 pm We are here to serve GREAT JUSTICE!! You will be saved, as Anonymous agrees. We are taking action to save you. We are Legion, We do not forgive, we do not forget!! -Yours faithful, Anonymous- You will be saved, hang in there
Watch out, the /b/ browsing, living in his basement, in his mid-20s kid is gonna break you out of jail!! or Paypal you $20, either way, your crowd is looking out for you!
Normandy July 6, 2010 at 11:50 pm Yeah, the Holocaust is pretty goddamn funny, until it happens to you personally. You deserve all of this and more, and may your troubles never end. You >> go around scaring people with your anti-Semitic antics, and you think that it will never come back to you?
Why did you approve this comment? Oh wait...
weev July 7, 2010 at 1:00 am Your statement is an outright lie by implication. I have never done anything anti-Semitic. Perfect example of the anti-speech attitude of the Zionist machine– dare to say anything against the “chosen people” and these people think rule of law >> and civil rights go out the window. It’s funny how people encouraging the -very real- genocide against the Palestinians never have federal funds >> >> >> dedicated to destroying their lives, yet people who make -jokes- about Jews do. Our government is occupied by Zionists, and if unnecessary wars and >> >> murders are to stop in the world they must be removed.
So you could address it with your psycho babble. In closing, we totally understand Andrew Alan Escher Auernheimer's motives: attention, attention and more attention. He will gleefully entertain you, lie to you, make wild promises and beg for your hard earned money to help bail him out of a situation caused by his pursuit of attention. We as a community should ignore Andrew and shun him. His mother has stated in previous emails, such as ones disclosed here http://seclists.org/fulldisclosure/2010/Jun/442, that Andrew has mental problems and a drug problem. We know both of these to be true because of his arrest for drug possession and the mental problems are evident in how Andrew puts himself out on the Internet in his videos, podcasts, ramblings and IRC. Now, with Andrew being President of the GNAA - trolling has stopped completely in the organization, many members have ran for the exit door, and it has turned into the group that's all about weev. If you criticize weev, you're banned and he will put in such a vague akick from #gnaa that others are caught in it. If you have "members" of GNAA, in your private network from a guy that weev is not friends with, he will tell you to part that network or he will ban you from the GNAA chatroom, then come back later to see if those users have decided to quit the network. He is about as bad as any delusional African dictator trying to control the flow of information critical of him as much as possible. It's sad. I was seriously hoping that he could sit in jail so he could detox from his substance abuse and get some mental help that he needs so he can resume a normal, healthy relationship with his family. I'm sure his whole family is embarassed of him, including his mother who adopted 2 African-American siblings for Andrew and you get this racist, anti-Semetic stuff he is spewing online that other sick individuals find amusing. It must be very hurtful to his family and a constant source of embarrassment. Mission Statement: The IRC FRAUD ALERT (IFA) Team is a group of volunteers dedicated to identifying, monitoring and exposing IRC frauds, who attempt to engage in fraudulent activity online. It could be financial fraud or a steady stream of constant lies that need addressing online after all means of trying to expose this fraud have failed, such as a liar moderating comments on their blog and deleting comments that expose their lie. The IFA Team will publish their findings on blogs, mailing lists, popular websites, forums, and on IRC networks to expose a particular person trying to scam the IRC community as a whole for whatever selfish reasons, like the childish craving of attention. As an IRC community, we should shun these people, distance ourselves from them as much as possible or possibly ban them from IRC networks, repost the IFA Team findings, so everyone is safe. We do not have a police authority in the community but I think "public service announcements" like these should be the closest thing to authority we should have on IRC networks. Take our findings seriously, discuss them with others and spread the message. We cannot help the community as a whole if nobody decides to repost our findings, submit them to websites/blogs/forums, and lets our research die under the constant amount of information on the Internet. IFA Team: Our team strictly consists of volunteers that use their spare time to help make the Internet, especially IRC, a better and enjoyable place by exposing the scammers and hypocrites of IRC. Travis Durden, President of IFA. Diego Garcia, Vice President of IFA - Head of Research _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- IRC FRAUD ALERT ADVISORY 01-2010-07 IRC FRAUD ALERT (Jul 08)
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 Sam Hocevar (Jul 08)
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 Sam Hocevar (Jul 09)
- <Possible follow-ups>
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 DiKKy Heartiez (Jul 08)
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 IRC FRAUD ALERT (Jul 08)
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 DiKKy Heartiez (Jul 09)
- Re: IRC FRAUD ALERT ADVISORY 01-2010-07 IRC FRAUD ALERT (Jul 08)