1. INTERNET TROLLS

2. Hackers
 Andrew Auernheimer
 25 years old
 Fayetteville, Arkansas
 Daniel Spitler
 26 years old
 San Francisco, California
 Members of Goatse Security
 Loose association of Internet hackers and self-
professed Internet trolls – people who “intentionally,
and without authorization, disrupt services and
content on the Internet”

3. Background Information
 Crime
 Hacked into AT&T’s Servers (June 2010)
 iPad 3G
 Prior to mid-June 2010, AT&T linked the user’s
email address to the Integrated Circuit Identifier
 Every time a user accessed AT&T website, ICC-ID
was automatically displayed in the URL in plain
text and email address was populated for speedier
and more user-friendly access to the website
 Hackers develop a PHP script “iPad 3G Account
Slurper”

4. iPad 3G Account Slurper
 Purpose: Get as many ICC-ID/Email
combinations as possible
1. Mimicked the behavior of an iPad 3G so that the
AT&T servers would be fooled into giving it access
2. Launched brute force attack to randomly guess
ranges of ICC-IDs
 If guessed correct, the server would return an email
address for a specific, identifiable iPad 3G user
 Combinations were provided to the website
Gawker (www.gawker.com) which published
the stolen information in redacted form along
with an article concerning the breach

5. Stolen Emails
 June 5, 2010 through June 9, 2010
 Approx. 120,000 ICC-ID/email combinations stolen
 Famous emails compromised
 Diane Sawyer – ABC News Anchor
 Janet Robinson - New York Times Co. CEO
 Harvey Weinstein – Movie Producer
 Michael Bloomberg – NYC Mayor
 Rahm Emanuel – ex-White House Chief of Staff
(2010)

6. Crime Discovery
 Public service by finding a flaw in AT&T security system
 Auernheimer brags on his LiveJournal blog (June 9 )
 “Oh hey, my security consulting group just found a privacy breach at
AT&T… ”
 Link to Gawker article
 Online interview with CNET (June 10)
 Admits that one of the group members discovered the flaw via AT&T
security maintenance app and when they realized they can get other
data from it, they created a script to do a brute force attack.
 Email sent to the US Attorney’s Office in NJ (November 17)
 “AT&T needs to be held accountable for their insecure infrastructure as a
public utility and we must defend the rights of consumers, over the
rights of shareholders…I advise you to discuss this matter with
your family, your friends, victims of crimes you have prosecuted, and
your teachers for they are the people who would have been harmed had
AT&T been allowed to silently bury their negligent endangerment of
United States infrastructure.”

7. Chat Messages
 Confidential informant provides 150 pages of
chat logs from an IRC channel
 How the breach would be conducted to damage
AT&T
 Promoted themselves and Goatse Security
 Possibility of selling email addresses to spammers
 Possible legal issues
 How to destroy evidence of their crime

8. Penalty
 Arrested in January 2011 by FBI
 Being tried in Newark, NJ around March
 Charges
 One count of conspiracy to access a computer
without authorization
 One count of fraud in connection with personal
information
 Possible Sentence:
 Maximum of 5 years in prison for each count
 Fine of $250,000