globalHell (known as 'gH') was an American hacker group. They were one of the first hacking groups who gained notoriety for website defacements and breaches. [1] The combined losses caused by the group were estimated to be ranged between $1.5m and $2.5m. [2] The group was called a "cybergang" as it had many of the same characteristics of a gang and carried out the same activities as a gang, including trafficking in stolen credit card numbers. [3]
Formation | February 1998 |
---|---|
Founder | Patrick W. Gregory (MostHateD), Chad Davis (Mindphasr) |
Dissolved | 1999 |
Purpose | Hacking |
Membership (1998-1999) | 20-25 |
Official language | English |
Leader | Patrick W. Gregory (MostHateD) |
Global Hell was more concerned with gaining notoriety for defacing prominent Web sites than with destroying or capturing sensitive information. [4] The members of the group were responsible for breaking and defacing around 115 sites. A few of the systems they broke into include those of United States Army, White House, United States Cellular, Ameritech, US Postal Service, NASA and National Oceanic and Atmospheric Administration. [5] [6] The group disbanded in 1999 due to being prosecuted for computer intrusion. [2]
The group was founded by Patrick Gregory and Chad Davis in February 1998. Gregory was a member of a street gang who turned to cyberspace to escape from the gang. [7] [8] Between 1998 and 2000, the group's membership was estimated between 15 and 20. [9]
In April 1999, the group invaded computer systems operated by the White House, the U.S. Army, Ameritech, U.S. Cellular and several other companies. On May 2, 1999, hackers invaded the White House website and put a picture of flowered panties on its home page. [10]
On May 8, 1999, FBI agents arrested Eric Burns, known as Zyklon, charging him with multiple felony counts of computer intrusion, causing damage in excess of $40,000. On May 9, 1999, FBI launched raids that involved searches and questioning of suspected members of Global Hell. The group retaliated and defaced the White House Web site with off-color messages. [11]
On May 27, the group retaliated by flooding the FBI Web site with thousands of requests for access. The FBI was forced to shut down the site rather than risk damage to the computer server. Over the next week, members of Global Hell also attacked Web sites of United States Department of the Interior and Virginia Senate. [12]
FBI agents found two members of the group who were willing to talk. Through them and by searching computer records, they got the address of Davis's (Mindphasr) apartment. On June 2, FBI raided the apartment. Davis admitted that he was a member of Global Hell. On June 28, at 2:14 a.m., Davis gained access to the computer server housing the Army's Web site, and the home page was replaced with the a message "Global Hell is alive. Global Hell will not die". Davis was arrested on August 30, 1999, and he pleaded guilty on January 4, 2000. He received a six-month jail term and three years' probation. He was ordered to pay restitution in the amount of $8,054. Davis was the first person to be arrested in this investigation. [13] [14] [15] [16]
Burns pleaded guilty to his charges on September 7, 1999. On November 19, 1999, he was sentenced to 15 months in prison and three years' probation, plus an order to pay $36,240 in restitution to his victims. Burns was prohibited from using a computer for three years. [17]
In December 1999, a 16-year-old member of the group reportedly compromised 26 companies, including a number of ISPs. When authorities tracked him down and confiscated his system, they found more than 200,000 Pacific Bell Internet user accounts of which 63,000 were already cracked. [18]
The group disbanded in 1999 as 12 participants in the group have been prosecuted for computer intrusions and about 30 more have faced lesser penalties. [19] [20]
On Feb 12, a hacker calling himself Coolio redirected visitors away from RSA Security's Web site to another hacked computer in Colombia, where he left a message "owned by coolio". [21]
On April 12, 2000, Patrick Gregory plead guilty to one count of conspiracy for "telecommunications fraud" and "computer hacking". Gregory also admitted to stealing codes that allowed him and others to create illegal conference calls. Those conversations were some of the most important evidence against gH members. On September 6, 2000, he was sentenced to 26 months in prison and had pay $154,529.86 in restitution. [22] [23] [24]
Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.
The Melissa virus is a mass-mailing macro virus released on or around March 26, 1999. It targets Microsoft Word and Outlook-based systems and created considerable network traffic. The virus infects computers via email; the email is titled "Important Message From," followed by the current username. Upon clicking the message, the body reads, "Here's that document you asked for. Don't show anyone else ;)." Attached is a Word document titled "list.doc," containing a list of pornographic sites and accompanying logins for each. It then mass-mails itself to the first fifty people in the user's contact list and disables multiple safeguard features on Microsoft Word and Microsoft Outlook.
InfraGard is a national non-profit organization serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation. The organization is an information sharing and analysis effort serving the interests, and combining the knowledge base of, a wide range of private sector and government members. InfraGard is an association of individuals that facilitates information sharing and intelligence between businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to preventing hostile acts against the United States.
The Level Seven Crew, also known as Level Seven, Level 7 or L7 was a hacking group that was in operation during the mid to late 1990s. It is rumored to have dispersed in early 2010 when the founder 'vent' was raided by the FBI on February 25, 2013.
HackWeiser was an underground hacking group and hacking magazine. It was a pro-US hacker group. It was one of the top hacker groups in year 2000. It had more than fifteen hackers who were a mix of Grey hat and Black Hat hackers.
Dennis Michael Moran, also known by his alias Coolio, was an American computer hacker from Wolfeboro, New Hampshire, who was accused in February 2000 of a series of denial-of-service attacks that shut down some of the most popular websites on the Internet. He was 17 years old when he committed the attacks. He was later arrested and pleaded guilty to defacing the websites of Drug Abuse Resistance Education and RSA Security, as well as unauthorized access of the U.S. Army and Air Force computer systems at four military bases. Moran died of a drug overdose in 2013.
Jeremy Hammond, alias sup_g, is an American anarchist activist and former computer hacker from Chicago. He founded the computer security training website HackThisSite in 2003. He was first imprisoned over the Protest Warrior hack in 2005 and was later convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to WikiLeaks, and sentenced to 10 years in prison.
EC-Council is a cybersecurity certification, education, training, and services company based in Albuquerque, New Mexico.
Ehud "Udi" Tenenbaum, also known as The Analyzer, is an Israeli hacker.
Matthew E. Yarbrough is an American lawyer and a former Assistant United States Attorney for the North District of Texas, where he was the lead prosecutor in several notable alien smuggling, illegal immigration and cyber hacking cases. He is now the founder and Managing Partner of Yarbrough Blackstone Law in Dallas, Texas.
Jake Leslie Davis, best known by his online pseudonym Topiary, is a British hacktivist. He has worked with Anonymous, LulzSec, and other similar groups. He was an associate of the Internet group Anonymous, which has publicly claimed various online attacks, including hacking HBGary, Westboro Baptist Church, and Gawker. They have also claimed responsibility for the defacing of government websites in countries such as Zimbabwe, Syria, Tunisia, Ireland, and Egypt.
LulzSec was a black hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed responsibility for taking the CIA website offline. Some security professionals have commented that LulzSec has drawn attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. One of the founders of LulzSec was computer security specialist Hector Monsegur, who used the online moniker Sabu. He later helped law enforcement track down other members of the organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012 as part of this investigation. Prior, British authorities had announced the arrests of two teenagers they alleged were LulzSec members, going by the pseudonyms T-flow and Topiary.
Global kOS ('kos' pronounced as chaos) were a grey hat computer hacker group active from 1996 through 2000, considered a highly influential group who were involved in multiple high-profile security breaches and defacements as well as a releasing notable network security and intrusion tools. Global kOS were involved with the media heavily and were interviewed and profiled by journalist Jon Newton in his blog titled "On The Road in Cyberspace" (OTRiCS). The group were reported multiple times to the FBI by Carolyn Meinel who attempted to bring the group to justice while members of Global kOS openly mocked her. The FBI had a San Antonio based informant within the group and individually raided several members after contact with the informant.
The Syrian Electronic Army is a group of computer hackers which first surfaced online in 2011 to support the government of Syrian President Bashar al-Assad. Using spamming, website defacement, malware, phishing, and denial-of-service attacks, it has targeted terrorist organizations, political opposition groups, western news outlets, human rights groups and websites that are seemingly neutral to the Syrian conflict. It has also hacked government websites in the Middle East and Europe, as well as US defense contractors. As of 2011, the SEA has been "the first Arab country to have a public Internet Army hosted on its national networks to openly launch cyber attacks on its enemies".
Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.
Hamza Bendelladj is an Algerian cybercriminal and carder who goes by the code name BX1 and has been nicknamed as the "Smiling Hacker". Bendelladj is a polyglot, speaking 5 languages often used for profit in view of his linguistic knowledge, in order to extract money from banks and other financial institutions almost everywhere in the world.
Hack Forums is an Internet forum dedicated to discussions related to hacker culture and computer security. The website ranks as the number one website in the "Hacking" category in terms of web-traffic by the analysis company Alexa Internet. The website has been widely reported as facilitating online criminal activity, such as the case of Zachary Shames, who was arrested for selling keylogging software on Hack Forums in 2013 which was used to steal personal information.
BlackCat, also known as ALPHV and Noberus, is a ransomware family written in Rust. It made its first appearance in November 2021. By extension, it is also the name of the threat actor(s) who exploit it.