So, to add to this.
Why is it that all major bot related crap always seems to trace back to this one individual and her groups of socially engineered provocateur script kiddies?
Her name is Kelly Hallisey, and her primary lacky goes by the aliases of GreenDragon and GreenDragonTavern.
Having dealt with these individuals several times over the past 15 years and always being able to attach them to some major crime and frame up every time has always been even more suspicious.
The most interesting thing is that while she and her lacky GreenDragon are always the primary party responsible for encouraging individuals and groups to commit cyber crime and many times telling these people exactly what to do and who to attack. Yet, niether Keyll Hallisey (known as Bratty on efnet) nor her lackey GreenDragon have ever been charged with any crimes. They have been arrested many times but never indicted...
Oddd no? every time a major ddos attack or major international botnet ring is uncovered these 2 people seem to be involved directly and there is always more than ebnough proof to convict them. Yet, they never go to jail merely the people these 2 shills frame(All of these frame ups being extremely obvious even) . So, why are these 2 COINTEL Pro shills constantly being protected?
But let's start by looking at just a few examples of their work that have made it into major news papers:
http://www.washingtonpost.com/wp-dyn/content/article/2005/05/19/AR2005051900711.htmlParis Hilton Hack Started With Old-Fashioned Con
Source Says Hacker Posed as T-Mobile Employee to Get Access to InformationBy Brian Krebs
washingtonpost.com Staff Writer
Thursday, May 19, 2005; 3:24 PMThe caper had all the necessary ingredients to spark a media firestorm -- a beautiful socialite-turned-reality TV star, embarrassing photographs and messages, and the personal contact information of several young music and Hollywood celebrities.
When hotel heiress Paris Hilton found out in February that her high-tech wireless phone had been taken over by hackers, many assumed that only a technical mastermind could have pulled off such a feat. But as it turns out, a hacker involved in the privacy breach said, the Hilton saga began on a decidedly low-tech note -- with a simple phone call.
Computer security flaws played a role in the attack, which exploited a programming glitch in the Web site of Hilton's cell phone provider, Bellevue, Wash.-based T-Mobile International. But one young hacker who claimed to have been involved in the data theft said the crime only succeeded after one member of a small group of hackers tricked a T-Mobile employee into divulging information that only employees are supposed to know.
The young hacker described the exploit during online text conversations with a washingtonpost.com reporter and provided other evidence supporting his account, including screen shots of what he said were internal T-Mobile computer network pages. Washingtonpost.com is not revealing the hacker's identity because he is a juvenile crime suspect and because he communicated with the reporter on the condition that he not be identified either directly or through his online alias.
A senior law enforcement official involved in the case said investigators believe the young hacker's group carried out the Paris Hilton data theft and was also involved in illegally downloading thousands of personal records from database giant LexisNexis Inc. The source asked not to be identified because of his role in this and other ongoing investigations.
A third source, a woman who has communicated with the hacker group's members for several years, also confirmed key portions of the young hacker's story and said she saw images and other information downloaded from Hilton's T-Mobile account hours before they were released on several Web sites.
T-Mobile declined to comment on the details of the hacker's account of the Paris Hilton incident, saying through a spokesman that the company cannot discuss an ongoing investigation. The spokesman said the company "will work with federal law enforcement agencies to investigate and prosecute anyone that attempts to gain unauthorized access to T-Mobile systems."
Getting Access
In the months leading up to the Hilton incident, the hacker group freely exploited a security glitch in the Web site of wireless phone giant T-Mobile, according to the hacker, who described himself as the youngest member of the group. The group had found that a tool on the T-Mobile site that allowed users to reset their account passwords contained a key programming flaw.
By exploiting the flaw, the group's members were able to gain access to the account of any T-Mobile subscriber who used a "Sidekick," a pricey phone-organizer-camera combination device that stores videos, photos and other data on T-Mobile's central computer servers.
The hackers could only exploit the Web site vulnerability if they actually knew a Sidekick user's phone number. The loose-knit group had grown bored of using the flaw to toy with friends and acquaintances who owned Sidekicks and decided to find a high-profile target, one that would ensure their exploits were reported in the press, the young hacker said. They ultimately settled on Hilton, in part because they knew she owned a Sidekick; Hilton had previously starred in a commercial advertising the device.
The group's members --- who range in age from their mid-teens to early 20s -- include a handful of "AOLers," a term used in hacker circles to describe youths who honed their skills over the years by tampering with various portions of the network run by Dulles, Va.-based America Online Inc. Four members of the group have all met face-to-face, but as with most hacking groups, the majority of their day-to-day interactions took place online.
Before gaining access to Hilton's wireless phone account, the group had spent a year studying weaknesses in T-Mobile's Web sites. The group member interviewed for this story had already written a simple computer program that could reset the password for any T-Mobile user whose phone number the hackers knew.
According to the young hacker's account, the Hilton caper started the afternoon of Feb. 19, when a group member rang a T-Mobile sales store in a Southern California coastal town posing as a supervisor from T-Mobile inquiring about reports of slowness on the company's internal networks.
The conversation -- which represents the recollection of the hacker interviewed by washingtonpost.com -- began with the 16-year-old caller saying, "This is [an invented name] from T-Mobile headquarters in Washington. We heard you've been having problems with your customer account tools?"
The sales representative answered, "No, we haven't had any problems really, just a couple slowdowns. That's about it."
Prepared for this response, the hacker pressed on: "Yes, that's what is described here in the report. We're going to have to look into this for a quick second."
The sales rep acquiesced: "All right, what do you need?"
When prompted, the employee then offered the Internet address of the Web site used to manage T-Mobile's customer accounts -- a password-protected site not normally accessible to the general public -- as well as a user name and password that employees at the store used to log on to the system.
To support his story, the hacker provided washingtonpost.com with an image of a page he said was from the protected site. T-Mobile declined to comment on the screenshot, and washingtonpost.com has no way to verify its authenticity.
Inside the Walls
The hackers accessed the internal T-Mobile site shortly thereafter and began looking up famous names and their phone numbers. At one point, the youth said, the group harassed Laurence Fishburne, the actor perhaps best known for his role in the "Matrix" movies as Morpheus, captain of the futuristic ship Nebuchadnezzar.
"We called him up a few times and said, 'GIVE US THE SHIP!'" the youth typed in one of his online chats with a reporter. "He picked up a couple times and kept saying stuff like YOUR ILLEGALLY CALLING ME."
Later, using their own Sidekick phone, the hackers pulled up the secure T-Mobile customer records site, looked up Hilton's phone number and reset the password for her account, locking her out of it. Typical wireless devices can only be hacked into by someone physically nearby, but a Sidekick's data storage can be accessed from anywhere in T-Mobile's service area by someone with control of the account. That means the hackers were at that point able to download all of her stored video, text and data files to their phone.
"As soon as I went into her camera and saw nudes my head went JACKPOT," the young hacker recalled of his reaction to first seeing the now-public photos of a topless Hilton locked in an intimate embrace with a female friend. "I was like, HOLY [expletive] DUDE ... SHES GOT NUDES. THIS [expletive]'s GONNA HIT THE PRESS SO [expletive] QUICK."
The hackers set up a conference call and agreed to spread the news to several friends, all the while plotting ways to get the photos up on various Web sites. Kelly Hallissey, a 41-year-old New York native who has been in contact with the group of hackers for several years, said the group's members showed her evidence that they had gained access to Hilton's phone during these early hours -- before the images made their way online.By early Feb. 20, the pictures, private notes and contact listings from Hilton's phone account -- including phone numbers of celebrities such as Cristina Aguilera, Eminem, Anna Kournikova and Vin Diesel -- had appeared on GenMay.com (short for General Mayhem), an eclectic, no-holds-barred online discussion forum.
Within hours of the GenMay posting, Hilton's information was published on Illmob.org, a Web site run by 27-year-old William Genovese of Meriden, Conn., known online as "illwill." (The FBI charged Genovese in November with selling bits of stolen source code for Microsoft Windows 2000 and Windows NT operating systems.) By Monday morning, dozens of news sites and personal Web logs had picked up the story, with many linking to the illmob.org post or mirroring the purloined data on their own.
Hallissey, who describes herself as a kind of "den mom" to a cadre of budding hackers, confirmed that the teenage source has been engaged in various hacking activities for several years. Hallissey met a slew of the hacker group's members after a three-year stint during the 1990s as one of thousands of people who helped AOL maintain its online content in exchange for free Internet access and various other perks. Hallissey has since joined a still-active wage lawsuit against AOL and maintains www.observers.net, a Web site critical of the Dulles-based company.Hallissey said her sense of privacy has been erased gradually over the past two years as a result of her association with a number of AOLers who playfully bragged to her about their success with social engineering. They showed her online screen shots of her water, gas and electric bills, her Social Security number, credit card balances and credit ratings, pictures of her e-mail inbox, as well as all of her previous addresses, including those of her children.
"This was all done not by skilled 'hackers' but by kids who managed to 'social' their way into a company's system and gain access to it within one or two phone calls," said Hallissey, who asked that her current place of residence not be disclosed. "Major corporations have made social engineering way too easy for these kids. In their call centers they hire low-pay employees to man the phones, give them a minimum of training, most of which usually dwells on call times, canned scripts and sales. This isn't unique to T-Mobile or AOL. This has become common practice for almost every company."
AOL officials declined to comment about the young hacker or other "AOLers" for this story.
The Weakest Link
Security experts say the raiding of Hilton's wireless account highlights one of the most serious security challenges facing corporations -- teaching employees to be watchful for "social engineering," the use of deception to trick people into giving away sensitive data, usually over the phone.
In his book "The Art of Deception," notorious ex-hacker Kevin Mitnick says major corporations spend millions of dollars each year on new technologies to keep out hackers and viruses, yet few dedicate significant resources to educating employees about the dangers of old-fashioned con artistry.
"The average $10-an-hour sales clerk or call-center employee will tell you anything you want, including passwords," Mitnick said in a telephone interview. "These people are usually not well-trained, but they also interact with people to sell products and services, so they tend to be more customer-friendly and cooperative."
During his highly publicized hacking career in the 1990s, Mitnick -- who spent four years in prison and now works as a computer security consultant -- broke into the computer networks of some of the top companies in the technology and telecommunications industries, but rarely targeted computers systems directly.
Rather, he phoned employees and simply asked them for user names, passwords or other "insider" data that he could use to sound more authentic in future phone inquiries. "This kind of thing works with just about every mobile carrier," Mitnick said.
He said all of the major wireless carriers -- not just T-Mobile -- are popular targets for social engineering attacks. Mitnick said he knows private investigators who routinely obtain phone records of people they are investigating by calling a sales office at the target's wireless carrier and pretending to be an employee from another sales office.
Mitnick described how an investigator will claim to have the customer they're investigating in the store, but can't access their data because of computer trouble. Then the investigator asks the sales representative at the other store to look up that person's password, account number and Social Security number. In many cases the employee provides the information without verifying the caller's identity. Armed with that data, he said, investigators usually can create an account at the wireless provider's Web site and pull all of the target's phone records.
Large organizations that maintain numerous branches around the country are especially susceptible to social engineering attacks, said Peter Stewart, president of Baton Rouge, La.-based Trace Security, a company that is hired to test the physical and network security for some of the most paranoid companies in the world: banks.
More often than not, Stewart says, his people can talk their way into employee-only areas of banks by pretending to be a repairman or just another employee. In most cases, the break-in attempts are aided by information gleaned over the phone.
"Usually your corporate headquarters are more stringent and things get more lax the further away from there you get," Stewart said. "The larger you are as a company the more likely it is that you're not going to know everyone by name, and lots of companies have no policy in place of verifying who's calling you and how to respond to that person."
'Web Security 101'
Social engineering can be difficult to counter, but the now-infamous Paris Hilton attack follows other recent serious T-Mobile security breaches engineered by hackers.
On Feb. 15, Nicolas Jacobsen, 22, of Santa Ana, Calif., pleaded guilty to compromising a T-Mobile Web server that granted access to hundreds of wireless accounts. He faces a maximum of five years in jail and a $250,000 fine at a sentencing hearing originally scheduled for mid-May.
Jacobsen was arrested last fall by the U.S. Secret Service as part of a large-scale investigation into an international online credit card fraud ring. According to court records, Jacobsen had hijacked hundreds of T-Mobile accounts, including a mobile phone belonging to a then-active Secret Service agent. Jacobsen had posted to an online bulletin board that he could be hired to look up the name, Social Security number, birth date, and voice-mail and e-mail passwords of any T-Mobile subscriber.
T-Mobile later alerted 400 customers that their e-mails, phone records and other data had been compromised as a result of that break-in.
The court files don't give details about how it happened, but Jack Koziol, a senior instructor for the Oak Park, Ill.-based InfoSec Institute, said the intruder likely took advantage of security flaws in the company's Web servers. Koziol conducted an informal audit of T-Mobile's site in March and uncovered hundreds of pages run by Web servers vulnerable to well-known security flaws, he said.
"It's pretty amazing how poorly secured their Web properties are," said Koziol, whose company offers training to corporate, law enforcement and government clients on the latest techniques and tactics used by hackers. "Most of these flaws are simple Web Security 101, stuff you'd learn about in the first few chapters of a basic book on how to secure Web applications."
T-Mobile officials declined to say what steps they took to close the security holes identified by the Hilton hackers or how many other accounts may have been hijacked.
"T-Mobile has invested millions of dollars to protect our customers' information, and we continue to reinforce our systems to address the security needs of our subscribers," company spokesman Peter Dobrow wrote in an e-mail. "For our customers' protection, we do not publicly disclose the specific actions taken to reinforce our systems."
~~~~~~~~~~~~~~~~~~~~~~~~~~~Next we have this incident where she intentionally attempts to frame two people in the truth movement (one of her typical MO's) :
http://news.zdnet.co.uk/internet/0,1000000097,2110331,00.htm'Deceptive Duo' suspects hit in FBI raid'Published: 16 May 2002 09:11 BST[/b]
The FBI has issued search warrants against two former online vandals it believes to be the members of a "patriot" hacking group called the Deceptive Duo.As first reported by CNET News.com, agents raided the homes of two teenagers earlier this week. The FBI on Sunday seized equipment in Florida from The-Rev, a former member of the hacking group Sm0ked Crew, according to a friend of the Deceptive Duo hackers.
Separately, the Contra Costa county district attorney's office confirmed that agents acting on a warrant issued in the Deceptive Duo case confiscated computer equipment from Robert Lyttle, the previously convicted pro-Napster defacer, in California on Monday.
The California raid prompted a Wednesday juvenile parole hearing for Lyttle, who is now 18. Lyttle has been confined to his home as a result of the criminal hearing.
"He has been placed on a higher level of supervision," said a source familiar with the proceedings, who asked not to be identified. "He has to wear an ankle bracelet, which tells them where he is. If he walks away from the house, it sends a signal to the probation department."
The Deceptive Duo has defaced dozens of US government and military sites with pro-American messages lambasting the poor security of the nation's critical systems. The hacked sites have included those of the Defense Department and the Sandia National Laboratories, which is associated with the US Department of Energy's National Nuclear Security Administration.
No charges have yet been filed against either suspect, said Chris Murray, a spokesman for the FBI's Washington Metropolitan Bureau. However, the search warrants and affidavit used in the case have been sealed and are not available for public viewing, he said. Because the Deceptive Duo hit government and military sites, the case is being administered from the Washington DC Metropolitan office of the FBI.
An FBI representative in San Francisco confirmed that the bureau had issued a search warrant on Monday. A spokesperson for the FBI office in Miami Beach, Florida, could not be reached.
Dodie Katague, deputy district attorney for California's Contra Costa county, confirmed that Lyttle had appeared in a probation hearing Wednesday to discuss how his probation status would be affected by the new charges.
"Now that he is an adult -- he is 18 -- we are letting the Feds handle it," said Katague. "And he is going to be in a lot more trouble than before." Lyttle was convicted of defacing dozens, and perhaps hundreds, of Web sites with a pro-Napster message. He is on probation.
Kelly Hallissey, a Las Vegas resident who bills herself as an "online mom" to several hackers including the two suspects, said she argued with The-Rev and Pimpshiz -- Lyttle's online monicker -- to stop defacing, but they wouldn't."They knew that they were going to get caught," she said. Hallissey worried that the teenagers would be made an example under new laws passed as part of the USA Patriot Act and maintains that they truly thought they were helping the security cause.
"This is their part in helping after 9-11 (11 September)," Hallissey said. "A lot of kids they knew went into the service after 9-11. Their skills lie in hacking, however. It sounds corny, but they mean it and they believe it."
The Deceptive Duo's defacements mimicked a secret agent file. In the first hack in late April, the Duo wrote: "We are two US Citizens that understand how sad our country's cybersecurity really is. The Deceptive Duo's continuous mission is to define the weaknesses that lie upon us. Our lives revolve around the use of electronic communication, we must protect our formation of controlling technology one way or another."
Many security experts have been critical of the tactics employed by the duo in the name of helping computer security.
"There are probably better ways to tell people that their security sucks," said Dragos Ruiu, an independent security consultant. "In one way, it's an excuse to play around, because they probably would have done it anyway."
Yet in a previous email interview with CNET News.com, the Deceptive Duo said they believed they had already helped the cause of US security.
"There is quite an improvement in security," they wrote. "Because the systems we were once able to breach are no longer susceptible to attack... Not only are our targets more secure, but we strongly believe that witnesses to this entire ordeal will see that everything is a bit more realistic. This will force them to act on their own system security if so inclined."
Lyttle's attorney, San Francisco-based Omar Figaeroa, believed that the 18-year-old hacker will be released in the end.
"When all the facts are in, Robert will be exonerated, because he had no criminal intent," he said. "He was acting in good faith."
~~~~~~~~~~~~~~~~~~~~~~~~~I know - two incidents do not necessarily a COINTEL Pro Shell make.
Let's continue shall we ?
Her link to this story does not become immediately apparent till you read her comments she posted giving herpersonal 1st hand account of the story....
http://www.securityfocus.com/news/9411FBI busts alleged DDoS MafiaKevin Poulsen, SecurityFocus 2004-08-26
[/b]
A Massachusetts businessman allegedly paid members of the computer underground to launch organized, crippling distributed denial of service (DDoS) attacks against three of his competitors, in what federal officials are calling the first criminal case to arise from a DDoS-for-hire scheme “ There are DDoS attacks all the time organized on IRC, but this is certainly the first case where you have a corporate executive who was using the services of another person to launch attacks against competitors. ”
Prosecutor Arif Alikhan Jay Echouafni, 37, is a fugitive from a five-count federal indictment in Los Angeles charging him with aiding and abetting computer intrusion and with conspiracy. As CEO of the online satellite TV retailer Orbit Communication Corp., Echouafni allegedly paid a business associate to recruit members of the computer underground to cripple three online stores, resulting in long periods of downtime and an estimated $2 million in losses to the businesses and their service providers.
Paul Ashley, 30, of Powell, Ohio, is named in a separate criminal complaint as Echouafni's go-between in arranging two of the attacks. Ashley was the network administrator of the Web and IRC hosting company CIT/FooNet, run from his home, which was shuttered sometime after being raided by the FBI last February. Three other Americans and one U.K. citizen are charged with actually carrying out the attacks.
"This is an example of a growing trend: that is, denial of service attacks being used for either extortionate reasons, or to disable or impair the competition," says FBI supervisory special agent Frank Harrill. "It's a growing problem and one that we take very seriously, and one that we think has a very destructive impact and potential."
According to an FBI affidavit filed in the case, Echouafni was a client of CIT/FooNet's hosting services when he made a deal with Ashley, then the owner, in October of last year. Echouafni allegedly paid Ashley $1,000 to snuff out two competing websites that he claimed had stolen some of his content and were staging DDoS attacks against his company.
Ashley in turn used his connections in the underground, and in at least one case the promise of free CIT/FooNet server, to recruit three associates to do the dirty work: Joshua Schichtel, Jonathan Hall, and Lee Walker, known online as "Emp," "Rain," and "sorCe" respectively. Each of the three apparently had sizable "botnets" at their disposal, meaning they could each command thousands of compromised PCs to simultaneously attack a single host -- Walker alone had control of between 5,000 and 10,000 computers through a customized version of the Agobot worm, according to the FBI affidavit. Schichtel's network of 3,000 zombies was more modest, and he quietly subcontracted the job to Richard "Krashed" Roby, who allegedly took the assignment in exchange for a free shell account.
The attacks began on October 6th, with SYN floods slamming into the Los Angeles-based e-commerce site WeaKnees.com, crippling the site, which sells digital video recorders, for 12 hours straight, according to the FBI. The company's hosting provider, Lexiconn, responded by dropping WeaKnees.com as a client, sending the company to more expensive hosting at RackSpace.com.
RackSpace fought back, but the attackers proved determined and adaptive. In mid-October the simple SYN flood attacks were replaced with an HTTP flood, pulling large image files from WeaKnees.com in overwhelming numbers. At its peak the onslaught allegedly kept the company offline for a full two weeks. (The company declined to comment on the case).
RapidSatellite.com, which sells satellite TV receivers, was hit at the same time and with similar results. The company responded by quickly moving their electronic storefront to the distributed content delivery services of Speedera, only to be crippled three days later by an attack on that provider's DNS servers, which for an hour also blocked access to other Speedera-hosted sites, including Amazon.com and the Department of Homeland Security, according to the FBI affidavit. RapidSatellite then moved to Akamai, but were out again within a week when the attackers switched to an HTTP flood attack, running massive numbers of queries through RapidSatellite.com's search engine.
Behind the scenes Ashley was allegedly micromanaging the assault. A chat log recovered from Schichtel's hard drive shows Ashley admonishing his subordinate to stay on top of his portion of the attack: "u gotta keep ane [sic] eye on it...cuz they could null route the ip and change the dns...and it would be back up." When Schichtel asks, "what did they do to you?," Ashley replies with an answer fit for Tony Soprano. "[F]---ing with us...well, a customer."
"Operation Cyberslam"
In December, the alleged DDoS conspirators' informal relationship became more corporate, when Echouafni purchased CIT/FooNet from Ashley, and kept Ashley on as network administrator at $120,000 a year salary. Ashley, in turn, formally hired Hall to perform "security" for the company -- which the FBI suggests was a euphemism for launching more DDoS attacks against Echouafni's enemies.
In Feburary, Echouafni -- now the boss -- phoned Hall directly to order an attack on a new target, according to the government: another satellite T.V. retailer called Expert Satellite. Hall dutifully launched a SYN flood against the new victim, but the results didn't please his CEO; Echouafni contacted Hall repeatedly to inform him that the site had resurfaced, and to express his disappointment. "Echouafni also implied that [Hall] would be fired if he did not launch the attacks," reads the affidavit
By then, law enforcement was making progress on the investigation they code named "Operation Cyberslam."
FBI cyber crime agents had spotted what appeared to be reconnaissance for the HTTP flood attacks in WeaKnees.com's October log files, originating from a shell hosting company called Unixcon. Unixcon traced the activity to an account that had been established with a stolen credit card number, but an FBI source, whose identity is protected in the affidavit, fingered U.K. resident and Unixcon administrator Lee "sorCe" Walker as the culprit.
Walker was already known to the FBI from an investigation earlier in the year, when one of Walker's IRC enemies complained that Walker had DDoSed him. The Bureau even had Walker's home address. An FBI agent traveled to the U.K. in February to accompany London police as they raided Walker, who admitted to the WeaKnees.com and RapidSatellite.com attacks, and fingered Ashley as his handler, according to the affidavit.
The Bureau raided Ashley's home on Valentine's day. Before they hauled away CIT/FooNet's servers -- an act that would briefly cause controversy in the hosting community -- Ashley allegedly admitted to the attacks, and named all three of his cyber button men and Echouafni. Echouafni was arrested in Massachusetts, and released on $750,000 bail secured by his house. "We've alleged in the indictment that Echouafni was the manager, organizer and leader of the group," says assistant U.S. attorney Arif Alikhan, head of the Los Angeles computer crimes section, who's prosecuting the case.
He's also missing. According to court records, last month Echouafni's attorney won a motion to permit Echouafni's wife and children to "travel freely within and outside of the United States of America," and to have their passports returned. That was Echouafni's last action in court: the government says he's disappeared, and officials believe he's likely in Morocco. "He's a native of Morocco, and he was arrested in March as he returned from Morocco into the U.S.," says the FBI's Harrill. Echouafni's attorney did not return a phone call.
The Echouafni investigation was one of a handful of cases specifically cited Thursday by U.S. Attorney General John Ashcroft in announcing what the Justice Department called "Operation Web Snare" -- a tallying of over 150 recent and ongoing federal criminal cases relating to computers or identity theft. Ashcroft said the case illustrates "the increased use of the Internet to damage rival businesses and communicate threats for commercial advantage."
"I think it's the first case of its kind involving a DDoS for commercial advantage or for hire," says Alikhan. "There are DDoS attacks all the time organized on IRC, but this is certainly the first case where you have a corporate executive who was using the services of another person to launch attacks against competitors."
Let's add to this, posts to a forum linking to trojan bots using the name of her "Hacker Collective" Demonic Minds and two of her efnet aliases...
~~~~~~~~~~~~ Now What Kalley Hallissey had to say about the incedent in her own words:~~~~~~~~~http://www.securityfocus.com/comments/articles/9411/28231/threaded#28231FBI busts alleged DDoS Mafia 2004-08-30Kelly HallisseyWell, I guess my attitude in reading this is a little different than most peoples. I'm sure if any of you knew these people as more than just a screen name or handle you would too.
Based on knowing some of these individuals for up to 9 years, having watched them grow up online, the births of their children, their companies struggle against the attacks of others I am compelled to say that this article appears to be primarily sensationalist journalism.
Jon and Joshua never accepted nor were offered a dime for any dDos attacks yet in your article it implies they were. Yes they worked for CIT but not as hired henchmen. Paul was not a "ringleader". He didn't "orchestrate" or engineer anything. If he did anything then it was at the order of his boss.
I guess the aspect or rather the lack of a view on how hard it is to survive on the inet as a shell provider or colo host with the lack of assistance from the various federal agencies to handle the millions of packets thrown at you daily amazes me. Especially from you Kevin, you have lived on the 'net for much longer than I. Yet the only view I see in this article is one of sensationalism, or rather, one that appears to have come directly from a federal agency.
I found the inclusion of logs that were supposedly under lock and key with the feds (and some under a signed agreement between various parties and the fbi not be divulged) rather interesting.
But not as interesting as the cause of those whole attacks.
The same companies that those who were cited in the article as being attacked?
Were the same ones who were said to be responsible for the dDos attacks at Foonet. And funny enough, when someone dDossed them? The dDos at Jay/Foonet/CIT stopped. What a coincidence!
To those who are ignorant about surviving on the 'net as an irc host? Its a dog eat dog world there, you either get hit or be hit. You can't stay clean because nobody can or will help you to do so.
My apologies Kevin, I am very disappointed in you here. It amazes me you backed someone like Adrian Lamo, yet ripped apart one of the best hosts I've ever met. And please....don't pull my post like you have the others. If you are going to post a bunch of nonsense at least allow those of us with REAL knowledge and truth respond to your media hype.
Sincerely yours,
Kelly Hallissey
www.observers.netPS WHY is it that the press was told these people were indicted before they were? None of the ones I have spoken to had been served yet......Some internet mafia they are if the press knew the charges before they did.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~I know that last bit makes her almost look like a good guy.
Till you read this and find she has direct connections to MITER: (they don't just randomly select people for these studies least of all something so sensitive as this ... and Kelly is quite will known on Efnet for being the "queen" of DDOS attacks and zombie botnets...)
http://teamcore.usc.edu/AP-Elves.mhtnew window
ALREADY ROAMING WEB, BOTS ARE HEADING INTO A NEW DOMAIN Some believe the cyberspace agents will handle personal tasks for Internet users in addition to gathering data. By Anick Jesdanun
ASSOCIATED PRESS
February 15, 2001
Every day at lunchtime, Friday asks Milind Tambe what he craves. A roasted chicken breast sandwich? A tandoori chicken pizza? Answer in hand, Friday dutifully orders the item for pickup or delivery.
Friday also keeps track of the University of Southern California professor's whereabouts, schedules his meetings, and warns colleagues if Tambe is running late.
Friday is no ordinary personal secretary, though. Friday isn't human at all.
It's a software robot, or "bot," alive entirely in cyberspace.
One day, some researchers believe, all Internet users will have personal bots to take care of daily tasks, including communicating with other people through their bots. Instead of phone tag, we could all be playing bot tag.
Simpler bots are already roaming the Internet, helping users find Web pages, compare prices, even monitor gossip.
"Things are getting more complicated, so we needed these assistants," Tambe said. "And since we have them, we can afford to let things get more complex."
But bots can be troublesome as well, and some have already caused problems.
"A robot could destroy data, violate copyright or strain resources on another site," said Ben Shneiderman, director of the Human-Computer Interaction Laboratory at the University of Maryland. "Who's responsible for failures?"
One particular bot visits the lab's Web site every 15 minutes and downloads the same software - for no apparent reason, he said.
Software robots date back to the 1950s and '60s, but they didn't begin to appear en masse until the '90s. Today's bots are smarter, more autonomous and more adaptive to their environment.
Early bots crawled the Net for information. One widely used bot named Archie looked for software available through the Net's file-transfer protocol. The World Wide Web Wanderer and its successors scoured the Web for sites to list on search engines.
These days, shopping bots gather prices on books, compact discs and other items at hundreds of e-commerce sites, allowing would-be shoppers to get price and availability information from a single site.
Of course, some bots simply annoy. Spam bots collect e-mail addresses from online newsgroups for marketing pitches. Some chatter bots do little but visit chat rooms, poorly pretending to be humans.
But others can be enjoyable.
A bot named Digital frequents a chat room at Observers.net to give the latest weather and explain technical terms. Participant Kelly Hallissey observes: "What a hoot it was." Like them or not, bots have become essential in many respects. Imagine surfing for information without access to search engines. Though a few directories, such as Yahoo's, are compiled by humans, those only track a sliver of what a bot can gather.
Bots scan Web pages for links to discover even more pages. They look for links until they reach a dead end, at which point they hit the equivalent of a "back" button to find yet another path to follow. At each stop, the bots gather relevant data for indexing.
"Try to imagine any subject, however bizarre, and they will come up with something," said Alan Emtage, who developed the search bot for Archie. "It's practically impossible to navigate your way without these resources."
Instead of simply creating indexes, future bots may automatically deliver Web pages to you based on your personal preferences, said Larry Page, chief executive for search engine Google, whose bots now visit 2,000 Web pages per second.
Future bots also promise to automatically order items for you, instead of simply bringing back prices. They may buy groceries based on your eating habits or automatically arrange flights and hotel rooms based on your appointment calendar.
Bots have already been developed for corporate information-gathering and espionage. They can quietly scan newsgroup postings and other online resources for mentions of you, your company or your competitors.
On Jan. 31, a Swiss company called Agence Virtuelle announced RumorBot, a tool that promises to "track customers' views and rectify any grievances before serious damage."
Such bots may raise privacy issues, but the company said RumorBot would only check public forums that any human could already visit. Stephane Perino, the company's founder and chief executive, said the Internet is too large for humans to efficiently monitor, yet rumors in one corner of cyberspace could potentially affect stock prices or do other damage.
But bots will need to become more reliable before most humans will give them more control.
Danny Sullivan, editor of SearchEngineWatch.com, says that while bots are crucial for searching, they are inherently dumb because they are software and can't think for themselves.
Web crawlers have been caught in endless loops - "spider traps" - when Web pages link back to each other.
When the Sony PlayStation 2 went on sale late last year, BlueLight.com and other shopping sites faced an onslaught of bots checking for availability.
BlueLight spokesman Dave Karraker said the site slowed by 50 percent until engineers figured out how to block the offending bots.
EBay Inc. and Register.com Inc. have filed lawsuits to stop software robots, claiming trespassing, and federal judges have issued preliminary injunctions against bots created by Bidder's Edge Inc. and Verio Inc.
"If there were no rules against this, [you could have] tons and tons of individuals on the Internet having tons and tons of bots running, hitting any site," said Robert Gardos, Register.com's chief technology officer.
If enough bots did this at once, he said, sites would crash.
Bots could also compound problems by acting more quickly and in unison based on uniform programming rules, said Michael Kearns, head of artificial intelligence research at AT&T Labs.
For example, the stock market is already prone to fluctuation as investors buy and sell in droves based on the news of the moment. But it takes at least a few minutes for humans to execute decisions, and reason may prevail in some instances.
If robots take over trading, Kearns said, those checks and balances could disappear.
Tambe, who helped develop Friday and is still testing it, has experienced problems firsthand.
Friday once canceled an important meeting with one of Tambe's supervisors. The meeting was kind of important: The professor was to discuss funding for his lab.
"My agent figured out that since I wasn't here in themorning, I was most likely going to cancel the meeting," he said.
For now, the professor has no plans to share his credit card number with Friday. Tambe figures that "tomorrow it could go out and order 100 books for me based on my interests."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ However her most famous escapades of all are the ones she executed on behalf of Rockefeller interests in attempts to infiltrate AOL and then destabilize them financially.
Don't believe me ?
Ok let's read these wonderful articles:
http://crab.rutgers.edu/~goertzel/aolvolunteers.htmApril 14, 1999
NY Times
America Online Is Facing Challenge Over
Free Labor
By LISA NAPOLI For the last 10 years, America Online Inc., the nation's largest
online service, has relied on volunteers to help maintain the virtual
community it offers its members. The volunteers, who are known as
"community leaders," perform tasks like answering questions from
subscribers, supervising chat rooms and enforcing the service's rules.
The reward has been a free account with the service and, America
Online says, the opportunity to play a more active role in its community
of 16 million members.
Now at least seven former volunteers are
challenging the practice, and have asked the
Labor Department to look into whether the use
of volunteer labor by America Online and its
subsidiary, America Online Communities Inc.,
violates the Federal Fair Labor Standards Act.
A Labor Department spokesman would neither
confirm nor deny that AOL was under
investigation, but several former volunteers
provided copies of a letter from the
department's Employment Standards
Administration saying it would look into the
matter.
Information about the investigation was published two weeks ago on
Observers.net, a Web site set up last September by former volunteers.
A spokeswoman for America Online, Ann Brackbill, said on Friday
that she was aware of the Web site and the information about an
investigation, which she said had prompted the company to "initiate
contact" with the Labor Department. But she added, "We do not
elaborate on discussions we have with regulatory agencies."
America Online, which has 12,000 employees, also has more than
10,000 volunteers, Ms. Brackbill said. Volunteers commit to a minimum
of four hours a week of work, in addition to training time and time spent
on required paperwork. Some of the former volunteers said they devoted
much more time to the company.
Marilyn Perkins of Chicago, a co-founder of Observers.net, is one of at
least seven people who have registered separate complaints with the
Labor Department. Ms. Perkins and other volunteers acknowledge that
they signed on to work for AOL in exchange for a free account, which
now costs $21.95 a month. But many volunteers signed up when the
value of a free account was potentially much higher, because the online
service billed users at an hourly rate and charges for heavy users ran in
the hundreds of dollars.
Although their complaints vary, the former volunteers say that AOL relies
on volunteers to do work that should be paid. Ms. Perkins says the
company has dismissed volunteers who have asked for compensation or
complained about the program, and has taken away their free accounts.
In their complaints to the Labor Department, the former volunteers do
not make explicit demands for back pay. The issue, they said, is to
publicize the situation and to change the way the online service uses
unpaid labor.
"Some are filing for revenge, some are filing to stop AOL from abusing
others, some simply want their AOL accounts returned to them," said
Kelly Hallissey, a former volunteer who lives in Greensboro, N.C.
"I'm filing to support others' allegations and also to object to how AOL
has treated myself and many others."
Under the Fair Labor Standards Act, a person must be compensated for
time spent at job-related activities that benefit the employer, regardless of
how the job is classified. There is a difference between volunteering for a
charitable cause and volunteering to perform work that is critical to a
company's business, said Jeffrey Chamberlain, an employment lawyer
based in Albany who is not involved in the AOL dispute.
In a claim like the one made by the
former AOL volunteers, Chamberlain
said: "The more it looks like a real
job, the less likely it is to be deemed
volunteer. The kinds of things they
are describing would make lawyers'
bells go off."
But Ms. Brackbill defended the
volunteer program, saying it was a formalization of contributions that
AOL subscribers have made to the service since it began in 1985. "It's
an organic thing that sprouted from what people love to do online," she
said. "Community and participation are the DNA of the Internet."
AOL is not the only online company to use volunteers. Many Internet
companies that offer community features rely on members to enforce
standards and to contribute to the community in some fashion.
For instance, Ivillage, an online women's network, uses more than 1,000
volunteers to manage message boards and chat communities.
Michael Rubin, an employment lawyer in San Francisco, says the nature
of work is being redefined because of computer and Internet connections
that are readily available in homes, potentially creating new legal issues
for companies that use remote help.
If found in violation of wage and hour laws, an employer could be
required to pay double the compensation to which the workers should
have been entitled, Rubin said. If it is found that the violations were
willful, the employer could be subject to civil penalties and possibly
criminal prosecution.
A decision against AOL could set a precedent for the online industry
that might force companies to rethink the way they use volunteers, Rubin
said, adding, "If the industry in fact was kept operating because of
volunteer workers, it may have to reconfigure."
Lisa Napoli at
napoli@nytimes.com welcomes your comments and
suggestions.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~More on this here:
Her Attourney (A very Famous NWO Necon Rockefeller Shill):
http://experiencefestival.com/eliot_spitzer(from page2)
Eliot Spitzer: Encyclopedia II - America Online - Controversies
America Online - Community Leaders. Prior to the middle of 2005, AOL used volunteers called Community Leaders, or CLs, to monitor chatrooms, message boards, and libraries. Some community leaders were recruited for content design and maintenance using a proprietary language and interface called RAINMAN, although most content maintenance was performed by partner and internal employees. In 1999, Kelly Hallissey and Brian Williams, former Community Leaders and founders of anti-AOL website filed a class action ...
~~~~~~~~~~~~Her personal Response to AOL on top of the Law suit~~~~~~Was to stage a false flag attack on AOL using knowledge only an insider could have gotten to compromise thier system and then blame it on nameless hackers...
http://www.aolsucks.org/list/0104.htmlIt all traces back to her:
But there's one threat that AOL's executives can't seem to address:
hackers. Several hundred screen names have been compromised, according to
two AOL watchdog web sites.
http://observers.net/crisreply.html http://www.inside-aol.com AOL told the Washington Post that they'd only learned about the breach
when the Observers.net web site published a report on it. And Sunday night
Kelly Hallissey, one of the site's staffers, told AOL Watch that she
believed hackers were still accessing the database. http://washingtonpost.com/wp-dyn/articles/A9476-2000Jun16.html http://www.observers.net/insideview.htmlReuters credited the attack for "highlighting the vulnerability of even
the world's largest Internet services provider to the threat of hacker
attacks." One hacker told the Post that for anyone who digs behind AOL's
pretty interface, "there is a lot of stuff you can compromise."
http://cnnfn.com/2000/06/16/technology/wires/aol_wg/ http://news.cnet.com/news/0-1005-200-2091566.html http://www.zdnet.com/zdnn/stories/news/0,4586,2589679,00.htmlAOL's spokesperson told MSNBC they were "taking steps" to eliminate the
hole. (
http://msnbc.com/news/421768.asp ) But this may be a concession
that the problem isn't fixed yet -- at least, judging from one earlier
incident. In January hackers discovered a way to access any AOL Instant
Messenger account (if it didn't have a corresponding AOL account.) AOL
immediately told reporters at Wired News, C|Net, and MSNBC that they were
deploying patches to fix AIM security problems.
By Patricia Fusco
June 28, 2000[/b]
Earlier in June, the Federal Communications Commission requested that America Online Inc. explain its stance on instance messaging, in light of its proposed merger with Time Warner Inc.
Royce Dickens, FCC Cable Service Bureau deputy chief of the policy and rules division, probed America Online's pledge to develop an interoperability standard for instant messaging, and if AOL was actively working to set such standards.
In its reply to the Commission earlier this week, AOL noted that it pioneered the concept of instant messaging in 1985 and unveiled the first service to its members in 1989. At that time, instant messaging was available only to AOL subscribers, according to the firm's attorneys.
AOL said it recognized the popularity of its proprietary instant messaging service in 1997 and began giving away for free to anyone on the Web.
Since then, AOL has also entered more than a dozen royalty-free license agreements with other companies-including Lotus, Lycos Inc., EarthLink Inc. and other Internet service providers.
Additionally, AOL stated that it has and continues to support efforts to create an open and interoperable standard that would allow users to exchange instant messages across different instant messaging networks.
To that end, AOL submitted its proposal to the Internet Engineering Task Force about how to best achieve the goal of interoperability mid-June.
AOL's proposal included the architecture to design a worldwide instant messaging system. In doing so, AOL legal representatives said the proposal represents a significant step toward the development of detailed protocols for implementing full instant messaging interoperability.
Rival instant messaging firms quickly challenged AOL's integrity and acceptance of developing an open standard.
At the same time AOL's IETF proposal was submitted, it was playing a cat-and-mouse game resisting unauthorized attempts by Odigo Inc. to access its instant messaging network.
Avner Ronen, Odigo vice president of strategic design, scoffed at AOL's professed desire for open standards.
"What AOL has posted is no more than an outline for interoperability," Ronen said. "On the surface, great, they are committed. However, they have claimed commitment for over one year now. This outline has no time-frame and no specific architecture. AOL's announcement does not bring us any closer to a standard platform."
AOL said that allowing outside companies to access its instant messaging servers would jeopardize the security and privacy of its 23 million members and 50 million instant messaging users.
AOL legal representatives alleged that had e-mail protocols been as deliberate as its instant messaging system, unsolicited e-mail, or spam, and e-mail borne viruses would not afflict the online community today.
The legal team of Peter Ross, Wiley, Rein & Fielding, and Arthur Harding,, Fleischman and Walsh, L.L.P., informed the FCC that the best way to access alternative instant messaging providers is to secure a royalty-free licensing agreement with AOL.
"AOL does not demand payment in exchange for use of its IM technology. Likewise, AOL does not pay for access to other providers' customers," the lawyers wrote.
AOL's legal team contends that because most of the instant messaging services are free to use, consumers can choose the program-or programs-that best meet their needs. Even without interoperability, Internet users canexchange instant messages, regardless of their preferred instant messaging provider.
To do so, consumers must download a multitude of programs to interact with non-AOL instant messaging users. AOL contends that such a system opens up consumers to security issues, because they must disclose their passwords whenever they send messages across systems.
AOL told the FCC it has the best approach for developing worldwide instant messaging interoperability. Its proposed architectural design resolves the technical, security, and privacy-related challenges of building a secure and open system.
While AOL attempts to make instant messaging a non-issue with the FCC so it can obtain the go-ahead to acquire Time Warner, Americas largest online service provider remains steadfast in its commitment to guaranteeing the privacy and security of its instant messaging users.
This commitment to security has been contested in other areas of AOL's services.
While AOL members are assured at every point of contact that their information is secure from potential maliciousness, Observers.net recently shared information with the public about how easily AOL's firewalls can be violated.
Kelly Hallissey, Observers.net benevolent hackers, said AOL has the wrong attitude about being invulnerable to outside forces."They have depended upon their firewall, the premise that this latest publicized breach is new, is erroneous," Hallissey said. "It's the same technique that has been used for over 1 year. Why didn't AOL do anything about it? Why haven't they closed it yet? They were blindsided with how wid
