DarkMarket: Cyberthieves, Cybercops and You
Page 15
The anonymous hushmail sent to Matrix001 triggered an anxiety among the investigating police forces that would linger for many months. They needed to know whether the leak was a result of carelessness or an inside job, or indeed whether a hacker had penetrated one of the investigating teams’ computer networks. Every time something went wrong, the suspicion that there was a traitor among the ranks bubbled up to the surface. Morale could not help but suffer.
Mularski’s attempts to coordinate the first arrests were proving difficult. The fear for any cybercop is that, if one fraudster is taken in without the others, news will spread like wildfire across the boards that something bad is going on and targets will simply disappear. Hence the Secret Service’s obsessive secrecy . . .
Wait a minute, thought Mularski, that’s probably where the leak came from – the Secret Service! He carefully considered the possible culprits: a) the Secret Service; b) someone from inside his own operation, which he doubted because the FBI’s security had been ratcheted up since Iceman had spotted the Fed involvement; c) SOCA knew about Matrix, but the British were always the most tight-lipped of the lot; and d), of course, the Germans – he simply didn’t have enough experience to judge the Germans, although had he detected a slightly abrasive relationship between the regional force in Stuttgart and the Federal Police Agency a couple of hours’ drive to the north in Wiesbaden, both of which had been privy to the DarkMarket story? He couldn’t be sure.
For the moment, speculation had to go onto the back burner. Mularski’s immediate concern was to get in touch with Frank Eissmann of the regional police in Stuttgart and discuss the Matrix investigation before the young German did a runner. Stuttgart decided it was time for the case to go on steroids and Eissmann brought forward Matrix’s planned arrest date. This in turn created problems for the police in London, Calgary and Paris, who had finally agreed at the London meeting in early April to pounce on their suspects on the same day – 12th June. SOCA was still feeling a touch awkward because the Secret Service had been watching JiLsi since the days of Shadowcrew. The Feds and the SS both wanted to bust him.
But Matrix did not do a runner. Indeed, his chats and emails that the German police were intercepting indicated that he was not phased at all by the hushmail. Perhaps the decision to speed up the Matrix case had been premature?
Exactly one week after the first email, he received a second, on 10th May. This time it was from auto496064@hushmail.com, and auto496064 was a tad upset:
Dude you fucked up.
Our network gave you german carders a fair warning and what do you go and do? Talk to the fucking FBI!
You are so damn dumb you deserve to go to jail.
However we intercepted communications between the FBI and a german guy calling himself ‘iceman’. They’ve got an undercover cop baiting you, waiting for you to buy/sell some stuff. We ain’t got the name yet. But you might be able to help us blow his cover.
And do yourself a fucking favour. Until we know who the undercover cop is, don’t buy from any of those guys.
Because you were so damn clever, to tell the FBI we are on to them, they may hit earlier! Delete any info on your homecomputer, even if it is fucking encrypted, and use only internet shops.
Matrix went into denial and ignored it. He put it down to another game being played, similar to those he remembered from the Iceman affair. But the cops went berserk. This time the surveillance that had been placed on Detlef Hartmann’s computer connection picked up the email when he opened it. Frank Eissmann (who was confusingly understood to be ‘iceman’ by the mysterious auto496064) could not believe that somebody appeared to be monitoring all DarkMarket communications. The fear spread among officers that the entire DarkMarket investigation had been hacked, and that the bad guys knew everything about the case that the police did.
Mularski, too, was shocked. He did spot one important anomaly, though – the writer of the anonymous email may have had totally fluent English, but he wasn’t American because he spelled favour with a ‘u’. So who was he?
23
MATRIX SQUARED
29th May 2007. People were starting their Tuesday in Eislingen. One of Germany’s countless anonymous communities where a broken traffic light or a stray cow may be the biggest news story for many months, Eislingen has a routine that is rarely disrupted. Life in Germany gets going an hour or two earlier than it does in Britain or America. By six-thirty in the morning there is already a steady stream of people on their way to work, dropping in at the local Tchibo café. Here they exchange what little gossip there is over coffee, topped unappealingly with condensed milk, but compensated for by creamy cakes or a smoked-ham weggle (a bread roll in Swabia’s all-but-incomprehensible dialect).
Yet today was destined to be a special day in Eislingen, for the twenty-first century was about to arrive. Halfway down H. Street, Detlef Hartmann hauled himself out of bed, dimly aware that he had something important on his mind. With the mist still clearing from his brain, he checked his hushmail account for any encrypted messages and scanned his website to see if it required any maintenance. He found nothing untoward.
Then he remembered. His parents were returning from their holiday over the border in Austria. Action stations. He and his brother had just a day to clear up. Desiccated spaghetti stuck like industrial cement to the plates; ashtrays supporting small mountains of cigarette butts lay higgledy-piggledy among the beer cans, bottles and indeterminate items of clothing – a typical monument built by teenage boys when left to their own devices. Detlef decided to take a quick bath before clearing up and was just drying himself when the doorbell rang. He shouted down to his brother to open it.
Detlef’s irritation at being disturbed just after nine-thirty in the morning increased a notch when his brother shouted something about a delivery for which he had to sign. Striding downstairs, Detlef prepared to remonstrate with the postman for having got the wrong address. ‘Come on,’ said his brother impatiently, shivering a little in the draught as Detlef made his way down the hall.
‘That vehicle is illegally parked,’ thought Detlef with his characteristic eye for precision when he saw a black van on the street outside. Standing in front of it was a postwoman. She was dressed in a uniform that Detlef could only describe as ceremonial. Her tie had a small, tightly drawn knot, while on her head she wore a stiff peaked cap. She looked very earnest.
The postwoman almost bowed as she presented Detlef with an A4 envelope in one hand and a pen in the other. As he reached out for the pen, she stepped back theatrically. ‘What the hell is going on . . .?’ But before Detlef could finish the thought, four men had jumped on him and he was lying on the ground with his arms behind his back. ‘You’re under arrest,’ one of them screamed, while from nowhere several other officers streamed into the house. Detlef just lay there, dressed only in pyjama bottoms. It was raining and it was cold, about ten degrees Celsius. A boot clamped his neck to the icy ground, while the cable binding his hands dug into his skin. Repeatedly he mumbled, ‘What on earth is going on here?’ while feeling as if he had stumbled onto the set of a second-rate movie.
Ten minutes later he sat opposite Officer Frank Eissmann from Baden-Württemberg’s LKA. The officer was staring gloomily at the detritus in the kitchen, the epicentre of teenage chaos. ‘God, this place is a bloody mess,’ the detective observed.
By way of explanation, Detlef said that his parents were on holiday. ‘I can see that,’ Eissmann muttered to himself.
Then for a few minutes the policeman and his charge fell silent. The only noise came from Detlef’s chattering teeth. The front door had been left open and, following his short sojourn in the rain, his body temperature was falling. An urgent shout came from upstairs: ‘The computers are still running!’
Finally it dawned on Detlef what was happening. Despite the cold and confusion, he thought quickly and asked the officer if he could put some clothes on. It was not entirely disingenuous – he was freezing cold. Eissmann hesitated. Okay, h
e agreed, warning that it was strictly irregular, but he would allow the lad to get dressed.
As he walked upstairs, only one idea was going through Detlef’s brain. ‘Turn off the computer! Turn it off! Shut it down! Shut it down!’ he thought. Detlef knew the police did not have his password, so if he could manage to disable the computer, there would be no evidence. He reasoned that as long as they didn’t have his password, they had nothing.
In the bedroom Eissmann’s colleague stood in front of the computer with his hands primed like a goalkeeper to protect the machine from any interference. As Detlef struggled to put on a T-shirt, he stumbled and grabbed hold of the cable leading to the plug, pulling it out of the wall socket. The humming stopped. ‘Shit, shit!’ screamed the officer, ‘the computer’s down.’ Eissmann charged into the room. ‘Right, that’s it. You’ve had it – that’s the last thing you’ll be doing for a long time.’ He dragged Detlef back downstairs into the kitchen. Eissmann thrust a piece of paper in front of him with a lot of officialese written on it, but the only thing Detlef remembers is the hand-written scrawl: ‘. . . suspected of forming an organised criminal syndicate’.
Despite his fury, Detective Eissmann did allow Detlef a brief exchange with his brother. Detlef told him not to worry and that everything was going to be okay. His brother said nothing, but looked at him as if he was completely bonkers. Finally, before pushing him out of the house, Eissmann asked Detlef whether he wanted to take anything with him. ‘Can you recommend the sort of thing I’ll need?’ Detlef replied, a touch perplexed. ‘This sort of thing has never happened to me before.’
As he stared out of the car window en route to the police station, his mind drifted back to the two anonymous emails he had received a couple of weeks earlier. What had he been thinking? Why hadn’t he reacted to them? Try as he might, though, Detlef was not really sure what he could have done. He was not a hardened criminal with safe-houses and a mafia network at his disposal. He was just a young and rather naive student. He barely knew what a criminal conspiracy was, let alone that he might be part of one.
Detlef was still pondering all this when the police car pulled up in front of a large white building at the end of the aptly named Asperger Street in the Stammheim district of Baden-Württemberg’s capital, Stuttgart. Had he glanced up to one of the windows on the top floor, he would have spotted the cell where Ulrike Meinhof, the charismatic leader of Germany’s left-wing terror group of the 1970s, the Red Army Faction, had hanged herself in 1976.
Since then, Stammheim prison had been redesignated a male-only jail. But Detlef was taken there by a female officer. As soon as the inmates saw a woman, they went wild, screaming obscenities from their cells about what they would like to do with her.
With every step, Detlef’s fear about his new circumstances grew. How did a respectable middle-class boy find himself in this situation? He had finished high school with excellent grades and was preparing to go to college. His parents adored him and were grateful for all his help with his three younger siblings. Now the harmless boy from Eislingen was in Stammheim, the most notorious detention facility in all Germany. After stripping and searching him, the warders gave him oversized prison clothes, but no shoes. His new pyjamas looked so big they reminded him of wading trousers. Food arrived, but he had not yet fully understood that he was there to stay. He was in shock. Slowly he realised that this was the final stage of the little journey he had begun five years earlier. It was just one day after his twentieth birthday.
24
THE FRENCH CONNECTION
Marseilles, June 2007
Because they had effectively stopped talking to each other, the two US agencies launched their separate DarkMarket raids in parallel. With the Secret Service in attendance, Detective Spencer Frizzell had arrested Dron in Calgary four days before the FBI-backed Matrix operation in southern Germany.
For weeks Frizzell had been narrowing down the ‘usual suspects’, visiting the countless Internet cafés from which Dron had been working. Finally he singled out the ordinary-looking twenty-six-year-old who switched between his three ‘casual’ uniforms as he went about his business. The target lived in a decent apartment in downtown Calgary, conveniently positioned for the Light Rail Transit, naturally.
But neither Frizzell nor the Secret Service agent was quite prepared for what greeted them. The suspect, Nicholas Joehle, had about 100 skimming machines in production. Had he sold them all, it would have netted him $500,000, along with hundreds of blank plastic cards ready for cloning and holograms ready to be counterfeited. Of course the mere possession of these machines was not a crime in itself, but Frizzell was able to ascertain that Joehle had earned some $100,000 in skimmer sales during the period under investigation, a little under twelve months.
It is one thing for law enforcement to arrest a suspect of criminal activity over the Web. It is quite another mounting the evidence for charges to be brought. The virtual and transnational nature of the crime makes it extremely tough to convince a prosecutor to take the case on, and difficult to prove in court. Outside the United States, convictions in this embryonic area of the law tend to bring shorter sentences than conventional crime, which means that police forces are compelled to invest a lot of resources for some fairly unspectacular results. But the issue with somebody like Dron is that the more successful he became, the more his output would drain local and global economies. The potential losses from as skilled an operator as Dron were enormous. Nonetheless, there are tens of thousands of active cyber criminals out in the ether, and only a tiny fraction of them are ever likely to get caught.
Although he was taciturn and uneducated, Joehle was clearly talented. His combination of entrepreneurial and engineering skills would probably see him bounce back, once he had gone through a court case and imprisonment. He had already passed his know-how onto other members of DarkMarket, one of whom was building a vast factory of skimmers halfway around the world. But ultimately that was the responsibility neither of Dron nor of Detective Frizzell – the speed with which skills are communicated over the darkside of the Web is another compelling reason for national police forces to improve their communication with counterparts abroad.
Once Dron and Matrix were taken out, the police would need to move fast against their next targets before the DarkMarketeers noticed the sudden, and largely inexplicable, disappearance from the Internet of their regular contacts. The Secret Service was in better shape here, because Cha0, in his capacity as DarkMarket administrator, had already excluded Dron from the board.
While Dron was still posting on the board, Cha0 had exploited his authority to extract the secrets of the young engineer’s trade. As soon as he and his team (for Cha0 had several accomplices) had got the knack, he shut down Dron’s membership, just as he had done with JiLsi in December 2006. Dron would no longer be able to advertise on DarkMarket, and because most of the other boards had been liquidated in the battle royal between DM and CardersMarket, the young Canadian’s marketing strategy had been severely hampered. With Dron out of the way, Cha0 meanwhile was busy attempting to establish his own near-monopoly in the sale of skimmer machines.
Because Dron had been banned from DarkMarket, his three French partners – Theeeel near Paris, and Lord Kaisersose and Kalouche in Marseilles – would not have noticed that Spencer Frizzell had taken him out of circulation. Nonetheless the Secret Service did not know when Matrix, the most prolific DarkMarket administrator, would be taken down by the German police backed by the Feds. And his surprise removal from the board would probably freak remaining DM members.
In Sweden, Recka knew straight away that law enforcement was on the march. He had been exchanging friendly messages with Matrix on a daily basis, and he didn’t buy the curious post that Matrix popped up with in early June 2007. My mother, Matrix explained, has had a serious accident and so I will be absent for a while. Any experienced cyber thief would immediately have concluded that the police had taken over his nickname (they had) and that this was
just a feint.
Lord Kaisersose, Theeeel and company were different, of course – they were French. France was developing a peculiar contribution to cybercrime. French criminals were as doggedly francophone as the rest of their compatriots. France’s language policeman, the Académie française, had observed with unease the exponential growth of English as a global lingua franca during the 1990s. But it was pleased to note that in the digital world most French hackers and geeks were committed to battle against English, the primary source of linguistic impurities.
This meant two things: cybercrime in France was initially genuinely national – nothing like as cross-border as elsewhere in the world. The country had pre-empted the Internet with the roll-out in 1982 of its very effective information technology called Minitel, which transmitted text onto a video screen along conventional phone lines. As a consequence, the French were much further advanced in their understanding of information technology than most of the rest of the world. The Minitel system, through which customers could look up phone numbers, check their bank accounts, send flowers or talk dirty using the messageries roses, was notably more secure against hackers than the Internet, which partly explains why the Web is only now eclipsing Minitel in France. So the French were less vulnerable to early viral infections on the Internet. Furthermore, relatively few French hackers spent time on boards like CarderPlanet, Shadowcrew and DarkMarket.