AOHell

AOHell
	The splash screen of AOHell, depicting Steve Case in Hell
Developer(s)	Da Chronic, Rizzer, The Squirrel
Initial release	1994
Final release	3.0 beta 5
Operating system	Windows
Available in	English
Type	hacking, script kiddy

Last updated November 23, 2022

AOHell was a Windows application that was used to simplify 'cracking' (computer hacking) using AOL. The program contained a very early use of the term phishing. It was created by a teenager under the pseudonym Da Chronic, whose expressed motivation was anger that child abuse took place on AOL without being curtailed by AOL administrators.

History

AOHell was the first of what would become thousands of programs designed for hackers created for use with AOL. In 1994, seventeen year old hacker Koceilah Rekouche, from Pittsburgh, PA, known online as "Da Chronic",^[1]^[2] used Visual Basic to create a toolkit that provided: a new DLL for the AOL client, a credit card number generator, email bomber, IM bomber, Punter, and a basic set of instructions.^[3] It was billed as, "An all-in-one nice convenient way to break federal fraud law, violate interstate trade regulations, and rack up a couple of good ol' telecommunications infractions in one fell swoop". When the program was loaded, it would play a short clip from Dr. Dre's 1993 song "Nuthin but a G Thang".

Most notably, the program included a function for stealing the passwords of America Online users and, according to its creator, contains the first recorded mention of the term "phishing".^[4] AOHell provided a number of other utilities which ran on top of the America Online client software. Though most of these utilities simply manipulated the AOL interface, some were powerful enough to let almost any curious party anonymously cause havoc on AOL. The first version of the program was released in 1994 by hackers known as The Rizzer, and The Squirrel.

Features

A fake account generator which would generate a new, fully functional AOL account for the user that lasted for about a month. This generator worked by exploiting the algorithm used by credit card companies known as the Luhn algorithm to dynamically generate apparently legitimate credit card numbers. The account would not be disabled until AOL first billed it (and discovered that the credit card was invalid). The generator could also generate fake addresses and phone numbers, resembling on their surface legitimate personal information. One example of a fake account generator was a Macintosh One-click based piece of software called Fake Maker written by a user known as McDawgg within the AOL Macwarez community. This software ran in parallel with the AOL program to create fake accounts based upon generated legitimate credit card account numbers. This software ultimately released 3 versions and helped to create thousands of fake accounts before AOL weakened its ability through more expedient account verification.
Phishing tools. The program included a "fisher" tool in 1995^[5] that enabled hackers to steal passwords and credit card information through automated social engineering. The program would barrage random AOL users with instant messages like:

Hi, this is AOL Customer Service. We're running a security check and need to verify your account. Please enter your username and password to continue.

A punter (IM-bomber), which would send malicious Instant Message(s) to another user that would sign them off.
A mail bomb script which would rapidly send e-mails to a user's inbox until it was full.
A flooding script that would flood a chat room with ASCII art of an offensive nature, such as the finger or a toilet.
An 'artificial intelligence bot', which did not really contain artificial intelligence, but had the ability to automatically respond to a message in a chatroom upon identification of keywords. (For example, a 'profane language' autoresponse was built into the program.)
An IM manager, which provided facilities to automatically respond to or block IMs from certain users.
A Steve Case cloak, which allowed users to pose as AOL founder Steve Case in chat rooms.

Motives and legacy

The existence of AOHell and similar software even allowed AOL to develop its own warez community. Lurking in secret chat rooms with names such as 'AirZeraw', mm, cerver, 'wArEzXXX', g00dz, 'punter', 'gif', 'coldice', 'GRiP', and 'trade', AOHell created bots, often referred to as 'servers', which would send out a list of warez (illegally copied software) contained in their mailbox.^[6] Simply messaging the bot with the titles of the desired software packaging would result in those packages being forwarded to one's mailbox. Since the data merely had to be copied into another user's mailbox (while still residing on an AOL server), the piracy was only limited by how fast messages could be forwarded, with AOL paying for all the cost of the bandwidth. One additional limitation included an allotted number of email messages which could be sent per day by a particular user account. Botters were able to circumvent this limitation by signing up for a white-list account which was subjected to an unknown probationary period where AOL administrators monitored the account.

The existence of software like AOHell provided a parallel 'lite' version of the hacker underground that had existed for years before, based around bulletin board systems. Programs like AOHell played an important part in defining the 'script kiddie', a user who performs basic cracking using simple tools written by others, with little understanding of what they are doing. These types of programs had a tendency to have AOL accounts banned; and so most users were logged on to accounts they had acquired illicitly, either by phishing or a fake account generator.

In the manual, the creator of AOHell claims that he created the program because the AOL administrators would frequently shut down hacker and warez chatrooms for violation of AOL's terms of service while refusing to shut down the pedophilia chat rooms which regularly traded child pornography.^[7] "Da Chronic" claimed that when he confronted AOL's TOSAdvisor about it, he was met with an account deletion:

AOL constantly closed the "Hackers" Member room, but refuses to do anything about all the pedophilia rooms. I once IMed TOSAdvisor and asked him why he closes the Hacker room, but does not close the kiddie porn rooms. He did not reply, instead he cancelled my account. I guess we see where AOL's priorities lie.

He also stated that his goal was:

[To have] 20,000+ idiots using AOHell to knock people offline, steal passwords and credit card information, and to basically annoy the hell out of everyone.

The program was last compatible with AOL version 2.5.

Related Research Articles

Warez is a common computing and broader cultural term referring to pirated software that is distributed via the Internet. Warez is used most commonly as a noun, a plural form of ware, and is intended to be pronounced like the word wares. The circumvention of copy protection (cracking) is an essential step in generating warez, and based on this common mechanism, the software-focused definition has been extended to include other copyright-protected materials, including movies and games. The global array of warez groups has been referred to as "The Scene", deriving from its earlier description as "the warez scene". Distribution and trade of copyrighted works without payment of fees or royalties generally violates national and international copyright laws and agreements. The term warez covers supported as well as unsupported (abandonware) items, and legal prohibitions governing creation and distribution of warez cover both profit-driven and "enthusiast" generators and distributors of such items.

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

<span class="mw-page-title-main">Instant messaging</span> Form of communication over the Internet

Instant messaging (IM) technology is a type of online chat allowing real-time text transmission over the Internet or another computer network. Messages are typically transmitted between two or more parties, when each user inputs text and triggers a transmission to the recipient(s), who are all connected on a common network. It differs from email in that conversations over instant messaging happen in real-time. Most modern IM applications use push technology and also add other features such as emojis, file transfer, chatbots, voice over IP, or video chat capabilities.

<span class="mw-page-title-main">Phishing</span> Attempt to trick a person into revealing information

Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, phishing is by far the most common attack performed by cybercriminals, the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime.

<span class="mw-page-title-main">Social engineering (security)</span> Psychological manipulation of people into performing actions or divulging confidential information

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

<span class="mw-page-title-main">Internet security</span> Branch of computer security

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.

A transaction authentication number (TAN) is used by some online banking services as a form of single use one-time passwords (OTPs) to authorize financial transactions. TANs are a second layer of security above and beyond the traditional single-password authentication.

A spoofed URL describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in web browser technology, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. Others are designed for the purpose of a parody.

Sub7, or SubSeven or Sub7Server, is a Trojan horse program originally released in 1999. Its name was derived by spelling NetBus backwards ("suBteN") and swapping "ten" with "seven". As of June 2021, the development of Sub7 is being continued.

A password manager is a computer program that allows users to store, generate, and manage their passwords for local applications and online services.

The Ten Commandments of Computer Ethics were created in 1992 by the Washington, D.C. based Computer Ethics Institute. The commandments were introduced in the paper "In Pursuit of a 'Ten Commandments' for Computer Ethics" by Ramon C. Barquin as a means to create "a set of standards to guide and instruct people in the ethical use of computers." They follow the Internet Advisory Board's memo on ethics from 1987. The Ten Commandments of Computer Ethics copies the archaic style of the Ten Commandments from the King James Bible.

Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.

Internet safety or online safety or cyber safety and E-Safety is trying to be safe on the internet and is the act of maximizing a user's awareness of personal safety and security risks to private information and property associated with using the internet, and the self-protection from computer crime.

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.

Torpig, also known as Anserin or Sinowal is a type of botnet spread through systems compromised by the Mebroot rootkit by a variety of trojan horses for the purpose of collecting sensitive personal and corporate data such as bank account and credit card information. It targets computers that use Microsoft Windows, recruiting a network of zombies for the botnet. Torpig circumvents antivirus software through the use of rootkit technology and scans the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purportedly capable of modifying data on the computer, and can perform man-in-the-browser attacks.

Internet fraud prevention is the act of stopping various types of internet fraud. Due to the many different ways of committing fraud over the Internet, such as stolen credit cards, identity theft, phishing, and chargebacks, users of the Internet, including online merchants, financial institutions and consumers who make online purchases, must make sure to avoid or minimize the risk of falling prey to such scams.

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.

<span class="mw-page-title-main">Multi-factor authentication</span> Method of computer access control

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence. MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Social hacking describes the act of attempting to manipulate outcomes of social behaviour through orchestrated actions. The general function of social hacking is to gain access to restricted information or to a physical space without proper permission. Most often, social hacking attacks are achieved by impersonating an individual or group who is directly or indirectly known to the victims or by representing an individual or group in a position of authority. This is done through pre-meditated research and planning to gain victims’ confidence. Social hackers take great measures to present overtones of familiarity and trustworthiness to elicit confidential or personal information. Social hacking is most commonly associated as a component of “social engineering”.

References

↑ Garfinkel, Simson L. (1995-07-01). "AOHell". Wired. ISSN 1059-1028 . Retrieved 2019-11-01.
↑ Stonebraker, Steve (January 2022). "AOL Underground". aolunderground.com (Podcast). Anchor.fm.
↑ Garfinkel, Simson (1995-04-21). "Illegal program troubles America Online" (PDF). The Boston Globe. Retrieved 2022-05-31.
↑ Rekouche, Koceilah (2011). "Early Phishing". arXiv: 1106.4692 [cs.CR].
↑ Langberg, Mike (September 8, 1995). "AOL Acts to Thwart Hackers". San Jose Mercury News.
↑ Armnet, Marco (2014-04-19). "Flashback to 1995: AOL Proggies" . Retrieved 2016-01-31.
↑ "AOHell Documentation". Da Chronic. Retrieved 2016-01-31.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Garfinkel, Simson L. (1995-07-01). "AOHell". Wired. ISSN 1059-1028 . Retrieved 2019-11-01.

[AOLUnderground-2] Stonebraker, Steve (January 2022). "AOL Underground". aolunderground.com (Podcast). Anchor.fm.

[3] Garfinkel, Simson (1995-04-21). "Illegal program troubles America Online" (PDF). The Boston Globe. Retrieved 2022-05-31.

[4] Rekouche, Koceilah (2011). "Early Phishing". arXiv: 1106.4692 [cs.CR].

[5] Langberg, Mike (September 8, 1995). "AOL Acts to Thwart Hackers". San Jose Mercury News.

[6] Armnet, Marco (2014-04-19). "Flashback to 1995: AOL Proggies" . Retrieved 2016-01-31.

[7] "AOHell Documentation". Da Chronic. Retrieved 2016-01-31.

[1]

[2]

[3]

[4]

[5]

[6]

[7]