By Chris Lane
By Jeff Balke
By Aaron Reiss
By Angelica Leicht
By Dianna Wray
By Aaron Reiss
By Camilo Smith
By Craig Malisow
Yarbrough and Lynd also discovered that Global Hell had a Web site where members bragged about their exploits.
The more agents investigated Global Hell, the more they saw they were dealing with something new. They had been accustomed to cracker groups forming only brief alliances, never staying together long enough to do much damage. Global Hell was different -- it was tight-knit and targeted many commercial sites. They weren't just conducting typical straight defacements of Web sites and denial-of-service attacks, which flood a site with so many hits that it crashes. This was flat-out racketeering.
Take the gang's raid on Ameritech -- one day thousands of potential customers logged on to the phone giant's Web site, only to find a topless model with the words "gH fucking owns me" scrawled across her breasts. But with Global Hell, the systems administrator would receive a phone call or an e-mail from Mosthated. He'd threaten more damage unless Ameritech, and whoever else they decided to hit, paid up.
Yarbrough calls it cyberextortion. And, he says, more often than not, the companies paid.
Global Hell's members weren't personal friends, they were just attracted through like-minded cracking. Most of the members were teenagers, but Global Hell also included a Microsoft employee, systems administrators of an Internet service provider (ISP) in San Francisco and an ISP owner in Illinois.
The more Global Hell grew, the more it tried to take on. In April 1999, Mosthated hit an ISP called 1688.com and posted the owner's banking information, including his opening and current balances. A Global Hell member named Neoh broke into Pakistan's national Web site and posted a photo of a morbidly obese woman in a bikini, seductively eyeing the camera and holding a beach ball. An uncredited member broke into Macweek.com and posted the bogus headline "Apple merges with Intel!"
Cyber Squad agents gradually gained information by monitoring the teleconference calls and located two Global Hell crackers in Dallas who became informants. Their help led the FBI closer to Mosthated and his hometown, but the stakes were quickly escalating into international proportions.
In May 1999, the accidental NATO bombing of the Chinese embassy in Belgrade caused crackers to break into U.S. government Web sites; Global Hell targeted the White House Internet site itself.
White House officials said they discovered the attempted breach before the crackers were able to deface anything, but they still had to shut down the site for more than a day. However, a Web site called attrition.org posted what it calls a "mirror" of the violated White House site, which reads, "Why did we hack this domain? Simple, we fucking could. Maybe this will teach the world a fucking lesson. Stop all the war."
Around that time, India and Pakistan were in a heated arms race complete with missile and nuclear weapons testing. And each country thought the other was cracking into its intelligence agencies' computers. They soon discovered it was another strike from Global Hell -- a 16-year-old named Hamster in Georgia was the intruder. Yarbrough says intelligence agencies from the two countries offered the teen top dollar to crack the other's sites.
This was getting ridiculous. It was time for the feds to take down Global Hell.
Patrick Gregory snapped awake inside the ranch house he shared with his mother and stepfather in Houston. It was 6 a.m., and someone was pounding on the front door. He wanted nothing to do with whoever it was.
They kept at it, even leaning on the doorbell. Gregory rolled over in bed and flipped the light switch. No power. Not good.
He slid out of bed, shuffled across the living room floor, opened the front door and suddenly faced a wall of FBI agents decked out in flak jackets. An arm poked out of the throng and shoved a search warrant in his face.
He had to know it was coming. You can't rip off phone companies and crack into the White House without pissing off some pretty powerful people. Gregory stepped aside and, in a flash, there was an agent in every room. They'd turned off the power to prevent him from spreading the word to his partners.
Agents frisked him on the floor, but there wasn't much to search -- he was still in his boxers. Afterward, sitting on the couch, he was quizzed by two agents as others snapped photos of everything they planned to take.
"We know who you are," an agent said. "You're Mosthated."
Was Mosthated, Gregory thought. He'd been legit for a while. But that didn't matter, because by then the investigators had wandered into the tiny computer room in back and discovered ground zero of Global Hell.
In that room, only a matter of feet from a kitchen table festooned with miniature porcelain cows, was the computer equipment linked to Web site break-ins of the White House, NATO, the United States Information Agency, then-vice president Al Gore, Ameritech, U.S. Cellular, the state of West Virginia, the University of Washington, government Web sites in Malaysia and Pakistan, and dozens of others.
Agents walked past fake plants and knee-high Native American sculptures as they hauled away modems, CD-ROMs and notebooks. The FBI was also at work in 11 other federal jurisdictions, raiding the homes of 16 Global Hell members. At the time -- May 1999 -- it was the largest cybercrime raid in U.S. history.