Cloned Boy
Professional
- Messages
- 675
- Reaction score
- 488
- Points
- 63
Content:
Part 1: The Dark Genius's Wild Youth
Part 2: The Condor Learns to Fly
Part 3: "My Fortune Has Turned Its Back"
Part 4: The Strangest Reason to Hack the Military
Part 5: The Phantom Number and the Mysterious
Part 6: Cat and Mouse with the Feds
Part 7: The Ghost in the Dead Man's Mask
Part 8: The Underground Man Gone Wild
Part 1: The Dark Genius's Wild Youth
On July 16, 2023, Kevin Mitnick, one of the most famous and archetypal hackers in history, passed away at the age of 59. In the mid-90s, he was considered the most wanted hacker in the world, and for good reason: Mitnick famously hacked corporate and US government networks, bypassed most security systems, wiretapped FBI agents, and obtained tons of confidential information and bank card data, including the accounts of Silicon Valley executives — but he is believed to have never stolen money. And having closed his problems with American law, Kevin Mitnick became one of the best cybersecurity experts. Let's remember the man who largely formed the basis for the classic image of a 90s hacker.
"Did you break it? Did you break it! But you didn't take the money."
Kevin Mitnick was born in Los Angeles in August 1963. It was a turbulent time for the United States: the Cuban Missile Crisis, which almost turned into a nuclear catastrophe, had just died down. Less than six months later, President Kennedy would be assassinated in Dallas. To the sounds of rock and roll, the States were shaken by the psychedelic revolution and the fight for civil rights for the black population, Beatlemania, the hippie movement, and the Vietnam War were on the horizon, and Soviet spaceships with astronauts were honking overhead. And against this backdrop, computer technology was being developed in the United States, at first not very noticeably to the public, but more and more rapidly: both in Silicon Valley and beyond.
Street on the outskirts of Los Angeles, 1963
Young Kevin's life was not particularly cheerful. His parents, Shelley Jaffe and Alan Mitnick, divorced when he was three. However, his father continued to be involved in Kevin's life, but mostly remotely during the first decade. Shelley, half-Armenian, worked as a simple waitress in the diners of the San Fernando Valley: no two-story houses with a lawn from sitcoms, just work from morning until night. They lived in the northern suburbs of Los Angeles on the other side of the Hollywood Hills. The nerd boy with big teeth was lonely and unpopular at schools, which he often changed following his mother's new jobs, but he was very fond of technology. An important feature distinguished him from the "typical nerd": Kevin had a hard time with his peers, but he was not shy and was great at finding a common language with adults, convincing them to do what he needed. He also really liked breaking systems in every sense of the word.
Young Kevin with his mother, early 70s
At the age of one and a half, Kevin managed to get out of his crib and open the front door, as if hinting at his future profile. Kevin's very attractive mother had already changed three official and several common-law husbands in his memory. Alas, they had a hard time finding a common language with the boy, Kevin was mostly annoyed by them, and one even tried to harass him. At the first sign of problems with her son, Shelley threw another man out of the house with his things - and Kevin himself later suggested in his memoirs that the difficulties with his mother's partners also contributed to the formation of his desire to give a damn about authorities and hack the systems of all sorts of high-status dudes.
He also got it from the FBI agents, whom Mitnick literally wiretapped himself.
Kevin's first thoughts about how systems can be broken and how people can be easily deceived came when he was ten. He met a girl his age and even found mutual interest, but they had not yet reached the point of romance. But the girl had a magician father, and Kevin was glued to his sleight of hand for a long time.
Another source of inspiration was a school bus driver who told Kevin about the possibility of hacking police radio frequencies and making free phone calls via special frequencies and telephone network systems. Inspired by the prospects, Kevin spent several months taking evening courses in amateur radio and was officially certified at the age of 12.
Kevin with his mother in a mock prison for a photo op: in 2016 he posted this photo with the comment "If only I knew ;-)"
The adventures of the future hacker in social engineering and system hacking in the broad sense of the word began at the age of 12. Kevin was always short of pocket money, but he loved to ride the streets of the endless Los Angeles on the bus. A ticket cost 25 cents, a transfer cost another 10. And Kevin loved to ride often. He found out from one of the drivers where they sold punches for composting tickets, begged his mother for 15 dollars to buy one, and then dug up unused tickets in the trash at the bus station. After that, he began to travel around Los Angeles and the surrounding areas even more, and spent the pocket money he saved on immoderate consumption of burgers (because of which he lost his athletic shape and slightly increased in circumference).
Los Angeles, 1975 - these are the streets Kevin loved riding the bus on so much that he started counterfeiting tickets
Kevin also discovered his talents for social mimicry and acting. During his Bar Mitzvah ceremony on turning 13, he imitated a rabbi so accurately and in such detail - thinking that this was the norm - that his parents considered it indecent banter. The ability to get into character no worse than the bald guyfrom Brazzers from Hitman, carefully developed, will help him many times both in hacking systems using the "human factor" and in playing hide-and-seek with the entire FBI machine on his tail.
In his dangerous business, Kevin Mitnick acted not only as a brilliant hacker, but also as a follower of Ostap Bender
In high school, he befriended fellow radio hacker Steven Shalita. Together, they immersed themselves in the fascinating world of tapping into other people's frequencies to gather information and pull pranks. By tapping police waves and phone companies, they learned the internal procedures and habits of employees so they could sound and communicate like "their own." Kevin soon learned to extract almost any information he needed from the phone company's internal networks, including the personal numbers of Hollywood celebrities: this was called phreaking, and was a popular pastime among not-so-law-abiding American geeks in the 1970s.
In high school, Kevin became fascinated with phones and walkie-talkies, and people around him became a bit uneasy about it.
Along the way, he played a trick on several enemies, causing them to be charged 10 cents for every call they made: the system thought they were calling from a pay phone. Then Kevin got to computer science classes, and the abyss swallowed him up in an instant. He realized that compared to computers and computer networks, telephone systems were a thing of the past. Naturally, Kevin had absolutely no time for studying: neither for studying a new field for him, nor for computer games.
Young Geeks and Early Computer Games
Naturally, Kevin didn't leave it at that and very soon got the hang of breaking primitive passwords on the school computer for unlimited access. The teacher, Mr. Crisp, tried to replace the usual passwords with a punch card reader - but he didn't take into account that he carried these punch cards in his shirt pocket, where the sequence of holes was easy to read by eye. Worse, Kevin managed to get to the network that connected the school machines with the computers of the University of Southern California, and also put to shame all attempts to block access to them. Well, and then decided not to trifle, he went directly to the dean of the computer science department of the California Institute of Technology, Wes Hampton - and begged him to give him, as a young talent, access to their machines, more powerful and advanced.
If Dean Hampton knew who he was letting into the "garden"...
Kevin Mitnick began studying BASIC and Fortran and after a few weeks wrote a phishing program to steal passwords from students at the institute. This was soon discovered, but the lab assistant who noticed it was rather touched by the student's talents and even helped him debug the code. Kevin did not commit any malicious acts: he simply wildly enjoyed having access to the widest possible range of information, especially if it was classified.
However, the password hacks were then discovered by another lab assistant. The matter ended with three campus security officers storming into the classroom where Kevin was working, restraining him, handcuffing him, and not letting him leave the station until his mother picked him up. Naturally, he was banned from the institute's cars, but there were no legal consequences: US laws were just beginning to recognize such things as criminal. Kevin was told about it all the time, but it only made him more excited.
The character of Hackerman is largely based on a young Kevin Mitnick.
Then there was admission to Pierce College in Los Angeles... from where Kevin was soon expelled for hacking everything and everyone with the wording "we have nothing to teach him, he already knows everything." At this time, Mitnick did not stop improving both the art of penetrating telephone networks and the art of hacking computer networks. His passion for the latter played a cruel joke on him. He got in touch with a group of hackers who decided to use the 16-year-old talent in the dark. In 1979, they instructed him to hack into the networks of Digital Equipment Corporation, supposedly to "test his skills" - from where they were actually going to steal the code for one of the newest programs. Mitnick did not hack the network directly, but simply convinced the chief system administrator that he was one of the developers who had screwed up the password. The system administrator was so kind that he gave Kevin everything, including the status of a privileged user. The "friends" stole everything they wanted, disappeared into the sunset, and turned the performer over to Digital Equipment Corporation.
Happens!
At that time, no criminal case was opened against Kevin – the legal basis was still very weak. However, already in December 1980, he managed to attract the attention of the FBI: together with his friend Misha Gershman, they hacked the database of a company that systematized the pedigrees of racehorses. They noticed the hack and informed the FBI. To Kevin’s horror and his mother’s amazement, an agency employee came to him – but for now he only gave him a pedagogical talk.
As you might guess, it didn't help: Kevin immediately contacted another team of hackers, with whom he began to hack even more ferociously and brazenly. Later, he recalled that he repeatedly promised himself and his worried mother to quit phreaking and hacking, especially when it became fraught with prison, but he could no more fulfill these promises than a seasoned alcoholic could quit drinking. British psychiatrist Roy Escapa, who later observed Kevin Mitnick in prison, officially stated that he really could not help but hack systems due to a serious compulsive mental disorder... Well, Kevin helped him hack the international communication system and call England from the USA for free.
Anonymous Hackers Club
Kevin was framed at his new company, too: in 1981, after stealing lists of internal numbers and technical manuals from the Pacific Telephone building, his hacker colleague Lewis couldn't think of anything cleverer than to brag about this epic achievement to his ex-girlfriend, a hacker named Susan. They had recently broken up in a scandal because Lewis had cheated on them - and who had already tried to frame the impostor along with his friends by hacking into US Teasing's computer system, erasing files and printing the text "MITNIK WAS HERE DAMN YOU" on all printers.
Hacker, don't call your ex when you're drunk, especially if they're also hackers!
Naturally, Susan leaked everything to the cops. Soon Kevin was intercepted in a standard Ford Crown Victoria, which didn't even have the word "cops" written on it at the time, pulled over to the side of the road with a siren on the roof blaring, and three guns pointed at him. After that, they roughly laid him face down on the ground, handcuffed him, and started shouting about Kevin having a "logic bomb" in the trunk. Apparently, this was Susan's crazy joke, which the cops took too literally.
Kevin Mitnick arrested
Kevin ended up in the California Youth Authority (CYA) in Norwalk, where they kept juvenile offenders in almost full-fledged prison conditions and wondered what to do with them next. In Norwalk, in the company of aspiring South Central gangsters and other wonderful people, Kevin Mitnick celebrated his 18th birthday in the summer of 1981.
Then he was released on probation, and everything would have been fine... But Kevin couldn't resist. Together with his hacker friend Lenny DiCicco, they dug into the network from the lab of the long-suffering University of Southern California: Kevin still couldn't afford a normal machine and used the university's. And they quietly hacked all the networks and passwords they could get their hands on.
Kevin Mitnick just couldn't help but break networks.
The connection was slow, and his hacker friends were pissed off. But one of the university buildings had a cluster of DEC TOP-20 mainframes connected to the ARPAnet… Anyway, in December 1982, armed police stormed the classroom where Kevin and Lenny were sitting again. As it turned out, they managed to hack into not only the accounts of university employees, but also at least one of the accounts of high-ranking Pentagon employees via ARPAnet. The police leaked the case of the young hacker to the press, and journalists got carried away, as usual, and to this day there are articles circulating on the Internet claiming that Kevin hacked into nothing less than the North American Aerospace Defense Command (NORAD) in retaliation for his first stint in prison.
Yes, yes, this very command center in case of a nuclear war in a deep underground bunker. Kevin Mitnick himself denies this
Kevin was sentenced to three years in prison, released on parole after six months, but was kept in suspense for a long time with periodic arrests. Apparently, law enforcement officers were already beginning to understand who they were dealing with.
Naturally, after getting out, Kevin Mitnick couldn't quit, although he tried. And almost the first thing he did was hack no less than the US National Security Agency - which, in fact, was supposed to be on guard of national cybersecurity.
… But we will look at the further adventures of Kevin Mitnick, the blossoming of his career and the crazy cat and mouse with the FBI in the status of the most wanted cybercriminal on the planet in the second part. Stay with us!
Part 2: The Condor Learns to Fly
In the previous part, we left Kevin Mitnick at the stage of his first "trip": he managed to get out on parole, but the state police and the feds already realized who they were dealing with and began to keep an eye on "Condor". Mitnick took this nickname as a teenager - after watching the spy thriller "Three Days of the Condor", where a CIA analyst with the same call sign found himself a target for hunting by his colleagues. Despite the attention from the "authorities", Kevin Mitnick literally could not resist hacking everything and everyone - and the dangerous game continued with increasing stakes.
Having escaped to freedom, Kevin first of all got into the frequencies of local radio amateurs. And he quickly quarreled with someone there, so quickly that the latter reported to the police about another hack of a private company's networks. Mitnick and his mother were called to the probation officer to "clarify some issues": since he initially got into trouble at the age of 19, for the American Themis he remained a juvenile offender. However, in the office he was tied up, handcuffed and taken to the detention center in Van Nuys.
The Van Nuys detention center where Kevin Mitnick spent time in the early 1980s
Luckily for Mitnick, just a week before the events described, his uncle Mitchell had been there - creatively squandering his billion-dollar fortune, made in the real estate market, on cocaine and other substances. Kevin helped his uncle by reconfiguring one of the pay phones in the detention center in such a way that you could call anywhere from it and talk for as long as you wanted, and the call would be recorded on the police account. Well, who else?
Officer Tenpenny would be very unhappy with suspect Mitnick.
Now Mitnick himself found himself in this detention center - and due to the rather free regime on the territory, he managed to contact many people during the first night. In particular, thanks to this, he managed to escape from one of the most dangerous places in the California penitentiary system - the Los Angeles County Detention Center. It is not entirely clear why, but soon Kevin was sent to the very place where suspects from street gangs and other equally dangerous characters, familiar to the Russian gamer mainly from the GTA series, were kept in large numbers. The fat geek in glasses was thrown into a common cell with comrades of the creepiest appearance and behavior, and only the timely intervention of his parole supervisor allowed Mitnick to get out to more decent places the next morning.
"Everyone knows what they can do in prison"
So, Kevin served his 60 days and was free again. Where did he go first? You'll never guess: to the police academy! Where... no, he didn't apply for admission, as you might expect from a detective comedy, but bought a colorfully illustrated annual magazine of the Los Angeles Police Department. In its photographs - oh, the naive 80s! - the white teeth of employees, including those working in civilian clothes and undercover, were flashing. It's no surprise that our hero studied the photo portraits and lists of personnel of the department with great care, with whom he planned to intersect as little as possible in the future.
After his release, Kevin got a job as a computer programmer at a company owned by one of his mother's friends. As expected, he got bored there very quickly, found another like-minded person and again went on a rampage in the field of hacking and phone phreaking. However, big brother was already watching - and soon Kevin, going out for lunch with a female colleague, noticed a suspicious group of fit men near the office, whose faces were familiar to him. Not only from the LAPD yearbook, but also from personal experience: a couple of years ago, one of the law enforcement officers had already laid him face down on the ground, and then diligently searched the trunk for a "logic bomb".
Instead of running away and getting caught, Kevin put his arm around his colleague and asked her to play along, whispering that he had spotted an unpleasant acquaintance and didn't want to be seen (which was basically the truth). They got into the car together, Mitnick ducked down and asked to be driven to a pay phone a couple of blocks away. I don't know what his colleague thought, but soon Kevin was dialing one of the Los Angeles police departments:
Having learned that he was being charged with a parole violation again (and most likely deservedly so), Kevin went into hiding at his grandmother's house. Having studied the laws, Kevin found out that if he kept quiet for another four months until February 1985, the arrest warrant would expire and he would be formally cleared before the law. With this in mind, he made a deal with his grandmother's friend, whose parents had a house north of San Francisco, jumped on a Greyhound under the name Michael Phelps and was gone. Helping to throw the cops off the scent was the fact that a rumor had been spread in the hacker community about "Condor" escaping to Israel.
In the village of Californian pensioners, pastoral and grace reigned, but Kevin suffered: there was not a single computer anywhere, and even the radio was hard to find. It was also not recommended to get behind the wheel of a car - Kevin had a license in his real name, under which he was wanted. He had to ride around the neighborhood on a bicycle and at the same time lose weight. But even here Mitnick found something to do: he signed up for a course on criminal law, where he listened very carefully to the mistakes that the police and the FBI most often "catch" criminals.
"Very interesting, continue, I'm writing it down"
In February 1985, Kevin was finally sadly informed that he was no longer wanted under a “dishonorable termination.” Our hero rushed back to Los Angeles, met his old friend Lenny di Cicco, and… they immediately went on another job. It was probably a case of compulsive disorder: Mitnick literally could not help but break systems if he had even the slightest opportunity. So one night, using Lenny’s romantic relationship, they broke into the Hughes office and hacked into the ARPAnet via a VAX computer.
By 1985, ARPAnet already had thousands of nodes both in the United States and abroad - and as a defense network, it included highly sensitive and secret ones.
The first thing the two hackers did was to get into the Dockmaster computer system from the resources of none other than the National Security Center of the US NSA. No small talk, right? However, this was again largely a “social hack”: Lenny managed to impersonate an employee of the center and get the login data from one of the real employees of the US NSA Computer Security Center . They didn’t manage to find out anything particularly interesting, but both friends were delighted with the opportunity to poke their noses into the NSA’s coffers.
And it’s no surprise: let me remind you that it is the NSA, not the FBI or the CIA, that is literally the “all-seeing eye” of the American government, monitoring everything and everyone.
However, Kevin did not give up hope for a legitimate career. The object of his dreams was to work as a programmer at General Telephone. But this required much greater knowledge and skills in the field of programming than the semi-self-taught Mitnick had. Therefore, having barely hacked the NSA for the first (but not the last) time, Kevin received a federal grant for training and became a student at the computer school "Computer Training Center" in Los Angeles. There he passionately fell in love with Assembler, realizing what broad opportunities with the proper knowledge and skills a low-level programming language provides. He liked high-level languages like COBOL less, but he diligently studied them too.
In class, Mitnick hid his knowledge of hacking and pretended to be a lamer when it was brought up. Well, at night, for most of 1985-86, Kevin and Lenny enthusiastically hacked into telephone company systems, not neglecting their favorite social engineering. The main thing was to know who to introduce themselves as from within a large company in order to pass for one of their own, but hardly personally familiar, employees - to whom all passwords and logins would be leaked routinely and without a second thought:
During this period, Kevin's main hobby was not so much hacking as phreaking, breaking into telephone networks.
By the end of 1986, Kevin and Lenny had taken over all of the Pacific Bell switches and the Utah and Nevada switches without the FBI noticing, but that wasn't the limit. The young talents had infiltrated the Chesapeak and Potomak Telephone Company, also known as C&P. It was already servicing no less than the US capital, Washington, including US government departments and the Pentagon. Thanks to this, Kevin was able to extend his metaphorical tentacles further, to the NSA, which had long been troubling him.
"The National Security Agency: The Only Part of the U.S. Federal Government That Actually Listens to You"
Kevin's first move was to gain access to the switchboard of the Maryland phone company that served the NSA. He figured out what common prefixes the NSA phone numbers had, then used one of their test procedures to listen in on the calls. And voila! He was soon tapping into a conversation that was clearly between NSA employees. Little did they know they were being listened to by a 24-year-old hacker from Los Angeles.
In his memoirs, Mitnick claims that, having achieved his goal and confirmed the awesomeness of his skills, he immediately stopped any further attempts to enter the holy of holies of the American Deep State. The times were tense and harsh, the Cold War was still going on, and he was not at all happy to repeat the sad fate of the character from Three Days of the Condor. On the other hand, Mitnick's entire biography literally screams that it would have been extremely difficult for him to refrain from THIS, regardless of the risks.
In any case, "according to the official version," Kevin only took a peek at the NSA and left immediately. And he even prudently wrote about that in his memoirs only after all the statutes of limitations had expired.
Kevin Mitnick and his 2011 memoir, Ghost in the Net
However, Big Brother did not give up trying to catch the annoying hackers: the first entry into the database of the National Computer Security Center of the US NSA from the office of an airline (!) was difficult to remain unnoticed. The FBI came for Lenny, he honestly tried not to spill the beans and furiously denied everything, but he was still kicked out of the company.
After that, everything seemed to calm down. Soon, Mitnick found his first mutual love, finally received an invitation to the very company where he dreamed of working, and even convinced himself that hacking and phreaking were over… But if everything were that simple, we wouldn’t be talking about “the greatest of hackers” now, would we?
So, to be continued.
Part 3: "My Fortune Has Turned Its Back"
In the last article, we left Kevin Mitnick at a time when everything seemed to be going well for him. He had sorted out his teenage problems with the law, had successfully poked his nose into the US National Security Agency twice, had finally received a grant for professional programming training, and had even become hooked on assembler. Kevin was already thinking about quitting hacking and phreaking — breaking into telephone networks, which had been his main hobby in his youth. But… If he had managed to quit then, we wouldn’t be writing a biography of the most famous hacker of the 90s, right?
So, it's 1986. Kevin Mitnick is still studying at a computer school and learning programming languages. Naturally, his classmates in those years were mostly guys, but sometimes he met girls. Among them was a petite Italian named Bonnie Vitello, who our hero fell hard for. The problem was that Bonnie was beautiful and popular, and Kevin... Well, Kevin loved fast food since his teenage years - as a result, he became plumper and plumper with each passing year.
Kevin with his mother in 1984: not very fat yet, but already bearded (before it became mainstream)
At first, Mitnick was sure that there was literally nothing to catch here - but courage and intelligence came to his aid here too. The first approach, however, was very geeky: Kevin tried to attract the attention of his passion by asking her not to terminate the execution of his high-priority programs on the work computer. And when he decided to directly express his interest, he received a polite refusal: it turned out that Bonnie was already engaged. Well, that's a challenge, Kevin decided!
The northern outskirts of Los Angeles in the 80s - this is roughly where Kevin Mitnick lived
To begin with, Mitnick continued the conversation anyway — and after a while, he found out that Bonnie suspected her fiancé of not telling her everything about his finances and debts. Finding out other people's secrets? Ha! You found the very man who loves it, knows how to do it, and practices it. Kevin got into the TRW credit company system, and also found discarded reports on the credit history of potential buyers in the trash at the Ford dealership — with the access codes to the system kindly left behind. Whoosh, and very soon Mitnick had a complete credit history of his competitor for Bonnie's hand and heart. As expected, the comrade was deeply in debt, although he pretended to be a wealthy macho. The engagement was broken off, and Bonnie began to sympathize even more with her hacker friend.
Literally a couple of weeks after breaking up with her fiancé, Kevin became her new boyfriend. The fact that Bonnie was six years older than Kevin was only to her advantage: she was more experienced and knew how to organize a relationship, while our hero was a real lame in a personal sense. Perhaps the couple of a fragile Italian beauty and a heavyset geek looked a little dubious by the standards of California in the 80s, obsessed with gorgeous female and male bodies, but for the first few months they were completely happy. They devoured tons of Thai cuisine, and in order not to make her boyfriend even fatter, Bonnie taught him to take long walks along the picturesque mountain trails of the San Gabriel Range.
San Gabriel - Great Places to Lose Weight
Along the way, it turned out that Bonnie works at the very GTE company where Kevin Mitnick literally dreamed of getting a job - and for this he was ready to reluctantly quit hacking and phreaking. True, he clearly lacked self-control. For example, he deliberately stayed late at the computer school to hack the school network and ensure himself administrator rights in it. He was caught in this exciting activity by a system administrator named Ariel. But instead of a scandal and expulsion with shame, he suddenly offered Kevin ... to improve the network security system, and even count it as a diploma work. Mitnick happily agreed - and received a diploma with honors.
In his memoirs, Mitnick recalled this moment:
It seemed that life was going well, and Kevin had a stable future as a law-abiding corporate programmer.
Mitnick worked at GTE for a long time. Nine whole days. Then the security service came for him, accompanied by the same manager who had conducted the interview. Kevin was told he was fired, thoroughly searched, his disks were checked to make sure there were no corporate secrets or codes on them, and he was escorted with his things to his car in the parking lot. As Kevin found out later, GTE's security service had acquaintances in the security service of the Pacific Bell company he had hacked, who began to laugh like hell at their colleagues about the fact that their management had personally introduced a well-known and dangerous hacker into the ranks of the corporation.
This is roughly what Kevin Mitnick looked like from the point of view of US information corporation security in the 80s
Kevin didn't give up here either: he was honestly going to quit hacking and get an official job. An attempt to become an information security specialist at Security Pacific bank followed. Kevin's skills impressed the company, and he was offered a very solid salary of $34,000. However, there were reinsurers in the security service who dug into our hero's hacker background. The company asked if Kevin owned the amateur radio call sign WA6VPS and whether he had a bad habit of digging through trash bins near offices... after which they rejected his employment simply "just in case."
All these were strong blows for Kevin, which were smoothed out only by a wonderful relationship with Bonnie. The two boots turned out to be a pair, moved in together and literally lived in perfect harmony, munching peanut butter, walking through the surrounding hills and picturesquely cluttering the apartment: both were too lazy to clean, and "it was fine as is." However, Kevin, plunging into gloom from failures with employment, gradually began to cheat on Bonnie - naturally, not with other girls, but with his favorite illegal pastimes and still best friend Lenny di Cicco. He also got a job at the University of Southern California for advanced training, but instead of studying, he spent hours sitting with Lenny and enthusiastically hacking.
Then Kevin's painful addiction to hacking systems took hold of him again, to the point that he would increasingly hang out at the computer at home while Bonnie watched TV or read. Kevin's partial justification could be that he finally got a part-time job at Fromin's Delicatessen, where he helped improve electronic accounting mechanisms... And along the way, he tried to hack into the systems of the Santa Cruz Operations (SCO) telephone company. They were working on improving a version of Unix, Xenix, specially optimized for the functionality of telephone companies - and our hero couldn't wait to fully understand this thing already at the development stage in order to subsequently hack everything and everyone.
Using his usual methods of social engineering, Kevin found out the login and password for accessing the SCO network through Pacific Bell (mwa-ha-ha), after which he dug into it in search of the source code for their version of Xenix. The local system administrator was so kind that, having found Kevin in the system, he himself said that he could see him because “that’s the job” — and even created his own account with the nickname “Hacker” for him. Kevin, diligently feigning the idle interest of an amateur, did find the source code of the system, but it turned out to be too heavy for his modem. At least, that’s what Kevin himself later assured.
And everything would be fine, but soon Bonnie returned home to find the apartment turned upside down. The first thought was that thieves had broken in. However, it then turned out that the dollar bills from Kevin's stash were carefully laid out on the table. Next to them lay an official search warrant from the police department investigating computer crimes. But Kevin's computer was no longer in the apartment, as were all of his disks. This was a disaster. Even worse, the police came to Bonnie's work - to question her about the penetration of the SCO company database from her apartment.
Kevin was in a panic. In addition to the next problems for his own bottom, he was extremely worried about the fact that he had literally set up his girlfriend (we will leave the question of what he was thinking when he went online with her IP off-screen), and he was sure that after that she would definitely leave him. He also caused problems for his mother and grandmother, who had to spend a lot of time looking for a lawyer. At that time, Kevin was sitting in a hotel with Bonnie, and they were either crying on each other's shoulders or breaking the bed in an attempt to distract themselves. To Kevin's surprise, Bonnie did not accuse him of incredible idiocy and irresponsibility, but said that they needed to go through this together. In his memoirs, Mitnick honestly admits that Bonnie loved him, and he behaved like an asshole.
After speaking with lawyers, Bonnie and Cla... sorry, Kevin turned themselves in to the Los Angeles County Sheriff's Office in West Hollywood and confessed. Aunt Chickie posted $5,000 bail. Over the next few months of 1987, the couple spent most of their time with lawyers, went to court multiple times, spent all of their savings, and were forced to borrow heavily from Kevin's relatives.
In these unhappy circumstances, they got married, not so much for romantic reasons as for legal ones. As spouses, Bonnie and Kevin had the right not to testify against each other in court, and Bonnie could also visit Kevin in prison, where he was likely to end up.
Kevin Mitnick and Bonnie Vitello's wedding party, June 1987
In addition to the criminal charges, SCO sued Kevin and Bonnie for $1.4 million each for “damages.” However, the company agreed to drop these lawsuits if Kevin would tell how he had managed to get into their system so ingeniously. During an official interview with the company’s system administrator, Mitnick honestly admitted that he had not hacked anything as a hacker, but had used social engineering methods and, under a convincing pretext, had gotten the login and password from a Pacific Bell employee.
In the end, it was limited to two years of probation and a fine of $216 for Kevin and a complete dismissal of the charges against Bonnie. Kevin also had to officially promise not to commit any more offenses.
But unlike the computer, Kevin's disks were not returned, and they were enough evidence for new charges. The cops sent the disks to Pacific Bell's security service. They were extremely impressed by the contents, but they did not charge Mitnick with anything and only sent an instructive letter to their offices listing his adventures and which of his employees had screwed up and how. Kevin managed to get hold of the text of the letter, and the hair on the back of his neck stood on end: if the corporation's management wanted, he should have been dealt with not by the regular Santa Cruz County cops, but by the FBI.
Below we will quote from the memoirs what exactly was found on Kevin's disks
Over the next year, Kevin held on as best he could. He officially took a job at Franmark; Bonnie continued working at GTE, although she suspected that she was under very close security scrutiny. The couple began saving for their own home and, to save money, moved in with Kevin's mother - with obvious consequences for family life in the near-constant presence of a hyperactive mother-in-law.
To cope with the stress, Kevin… no, he didn’t propose moving out again, or exercise, or see a therapist, or take antidepressants. He got close to Lenny again, and the hacker buddies couldn’t think of anything better to do than hack into systems again. This time, at Digital Equipment Corporation (DEC).
Kevin and Lenny enrolled in the computer lab at Pierce College and the first thing they did was hack into a terminal there, trying to copy the Micro VAX virtual memory system. However, it could only be copied to a magnetic tape reel, the process took several hours, and Kevin was warned in time that Professor Schlippenbach had noticed the outrage and wanted to ambush the intruders.
In the end, Kevin and Lenny didn't go to pick up the reel, but they still came under suspicion - reputation, you know. After that, the friends discovered that a real hunt had begun for them. The cops literally followed them home in the evenings, and sometimes they were even found on the roofs of college buildings, spying through binoculars on what a couple of hackers were doing there.
Later, Kevin, through the same social engineering, managed to find out that while they were trying to hack into DEC's systems, the corporation's security service was already working with the police to catch them hacking. DEC even planted an employee in the college, who was monitoring Kevin and Lenny through the computer systems from a specially designated room.
Even Kevin and Lenny's personal accounts and directories in the college system were under the control of DEC programmers. And here Kevin couldn't resist a joke. He wrote a simple script that listed the files in his directory over and over again. Since all actions in the suspects' directories were recorded with output to the printer, the poor agent soon found himself literally buried in paper from a continuously running printer. Technically, this was not a violation (Kevin and Lenny tried very hard to not get caught in any way from the moment they were discovered being followed), but they were still expelled from college based on the totality of evidence and suspicions.
In fact, this was the beginning of Kevin's future habit of mocking the agents who were following him.
It seemed like everything was screaming at Kevin to stop. In California, he was known as a hacker by seemingly everyone, including the cleaning ladies and the doughnut vendors. Did he stop? Of course not — in fact, he went on a rampage, eventually attracting the attention of not just the county or state police, but the FBI itself.
But more about that in the next part.
Part 4: The Strangest Reason to Hack the Military
In the previous article, we told you about Kevin Mitnick’s failed attempts to become a law-abiding citizen, a corporate IT specialist, and even a good husband. The sins of his youth and the fame of a dangerous hacker followed him literally on his heels — and then detectives joined the pursuers. And our hero was bad at dealing with stress without hacking something and breaking into someone’s networks just for fun. Kevin and his best friend Lenny couldn’t resist trolling the agents watching them even under total control — and as a result, they were kicked out of college. Naturally, they didn’t stop there, which led to some very serious consequences.
In the 1980s, Digital Equipment Corporation was one of the largest manufacturers of mini-computers in the world, and their products were of great interest in the USSR
The main reason for Kevin and Lenny dropping out of college was their keen interest in the software of the Digital Equipment Corporation (DEC). The interest was mutual: while the hacker friends were trying to get the code of their VMS operating system along with the developers' internal data on security systems, DEC agents were following them along with the police and trying to catch them red-handed. It was Kevin and Lenny's joke about a corporation employee who was secretly monitoring their educational accounts that became the last straw - after the poor guy was literally buried under paper from the printer, which began to print a report on literally every action of the friends, they were asked to leave college as far away as possible.
Left without studying, Kevin and Lenny devoted all their time to getting the coveted code and shaming DEC and the police. By means of “social engineering” and phone phreaking, they already habitually pretended to be a call from a company employee from an internal corporate number - and received logins and passwords with the necessary access from yet another noob in digital security. After which they discreetly changed one of the passwords - which was done quite easily in those days - and soon they were enthusiastically digging through a directory with the delightfully inconspicuous name VMS_SOURCE. Oh, the innocent 80s!
In the 1980s, Digital Equipment Corporation nearly knocked IBM off the boat of modernity with its rapid advances in mini- and personal computers, but digital security was poor for just about everyone in those days.
Then our heroes wrote a "small tool" to bypass security verification systems - and hacked a couple more accounts with unlimited rights from among those that had not been used for more than six months. Thanks to them, they got into the mail of developers, including one of the creators of the VMS operating system Andy Goldstein, and found there letters from the British enthusiastic programmer Neil Clift from the University of Leeds, who was excellent at finding vulnerabilities in the system and helped Andy fix them. In the correspondence, Kevin and Lenny also found an analysis of the work of the harsh German hacker group Chaos Computer Club (CCC), which had previously managed to tweak the login system for the VMS operating system to make the user invisible - while simultaneously disabling security settings for him.
The history of the German hacker club "Chaos", also known by the abbreviation CCC, is a separate and very interesting topic, and the life of one of its founders, Karl Koch, formed the basis of the film "23"
Kevin contacted German hackers - who, as it turned out, were already aware of his identity - and together they began to improve their VMS hacking skills. Lenny, being less known to the police and corporations, managed to get a job at a company that actively used DEC computers running the VMS operating system - which allowed Mitnick and di Cicco to patch the hacking system literally immediately after each update. When DEC programmers created a sniffer program to detect unauthorized access to the system, it was broken literally immediately after its release.
Then Kevin and Lenny took on the Easynet computer network, which DEC was building for its computers as an alternative to the developing Internet. They planned to pump out large amounts of operating system source code data from it, but everything ran into the problem of a lack of servers to store it. Having come up with nothing better, the friends found nodes that connected Easynet to ARPAnet, which remained largely an American military network in case of a nuclear war. And these nodes were located mainly at American military facilities. And really, where else could two young talents store stolen data if not on secret military servers?
The first suitable node was found… at the US Naval Air Station Patuxent River in Maryland, which covers the approaches to the country's capital, Washington, and the largest naval base in Baltimore from the Atlantic Ocean. Soon, the space on their servers was completely filled with Kevin and Lenny's archived data, disguised as digital garbage. Then they got into the servers of the all-important National Jet Propulsion Laboratory in Pasadena, California.
Naval Air Station Patuxent River, which Kevin and Lenny hacked simply because they ran out of disk space
However, the computer scientists at the California research center were smarter than those at the naval air base. They managed to record the unauthorized modification of the files, performed reverse engineering by deciphering the structure of the binary files, and determined that the code used for the cracking was written by German hackers from the Chaos Club. Since some members of the West German hacker community, including one of the founders of the CCC, also collaborated with the KGB of the USSR, there was a considerable uproar in the American press in the genre of "German communist hackers are breaking into our secret servers!"
Fortunately, Kevin and Lenny were not noticed at the time. They hacked several less advanced military facilities that had Easynet connection points with ARPAnet and began to download gigabytes of source code for the VMS operating system version 5. Naturally, such huge amounts of traffic did not escape the attention of DEC system administrators, and they spent many sleepless nights trying to stop what was happening, blocking accounts and changing passwords. But by this time, Kevin and Lenny had such tight control over their entire system that they literally knew about all the “enemy’s” moves in real time — and took all measures to continue downloading everything they wanted.
And then one fine day, all the source code was downloaded. Now it needed to be transferred to magnetic tapes. The process was launched using good old social engineering - after which the number of tapes with the VMS source code in the stashes of hacker friends began to go into the tens. And everything would have been fine, but in the process, Kevin and Lenny began to compete in hacking computer networks, each time betting $ 150. It quickly became clear that Kevin was constantly winning one-sidedly. Lenny was getting more and more annoyed with this each time, but he refused to stop the competition on principle.
After some time, Lenny offered Kevin to hack the electronic lock to the office with computers - with a stake of the same $150. Kevin simply found the code in his wallet, Lenny, as usual, lost his temper - and when Kevin demanded his hundred and fifty bucks, he replied that he did not have any money at the moment. With approximately the same excuses, he continued to "freeze" his colleague for quite a long time. Then the indignant Kevin could not think of anything better than to call his employer company on behalf of the bailiff and announce the court decision to block Lenny's accounts. After which, as you might guess, he finally went beyond the orbit of Pluto on aphedron thrust.
(approximately here)
Soon, one night, Lenny invited Kevin to work from his office: he was trying to hack the account of Neil Clift, the same enthusiastic programmer who helped DEC improve the security of the operating system. Several days passed. Lenny called him again - supposedly, he finally received the money and he could pay. When Kevin arrived at the agreed place in the underground parking lot, he saw that his friend was grinning strangely, and when he finally got out of the car, FBI agents flew out from everywhere and laid Mitnick on the hood. A few hours later, he was taken to a federal prison on an island with the grim name of Terminal Island. Well, Lenny did not even fulfill Kevin's last request - to call his mother and tell him that he was detained by the FBI.
As it turned out, after the story with the lock, Lenny, completely mad with anger, told his superiors about what happened, and they informed the DEC and the FBI. On that last night of the hack, the computers in Lenny's office were already under the full control of the Bureau's agents, and Lenny himself was wiretapped to collect evidence. From the island prison, Kevin was taken to the FBI's Los Angeles office, and then to court - where he was presented with a whole train of charges.
Among them were:
As the assistant prosecutor read out the list, Kevin's eyes widened and his ass grew hotter. He had indeed hacked and stolen a lot of data, but on these particular counts he was completely innocent! At least, that's what Mitnick claimed until his dying day. For example, all he had stolen from the NSA was an unclassified list of the agency's phone codes, which was publicly available on the ARPAnet in a file called NSA.TXT. It wasn't Kevin who had planted the fake about the bank. And he had no connection or interest in the actress Christy McNichol - and she herself later denied any problems with the phone.
However, all this did not help. American Themis turned out to be extremely unfair to Kevin, and he finally lost faith in it. What this led to - we will tell in the next part.
Part 5: The Phantom Number and the Mysterious
So, Kevin Mitnick, due to the betrayal of his friend Lenny di Cicco, who inopportunely bombed from a lost bet, fell into the clutches of the FBI. In court, he was charged with various actions that he, at least as Mitnick claimed before his death, did not commit. However, many of his real crimes remained unknown at the time. At this point, in front of a prosecutor who spoke of his non-existent crimes, including the phrase "He can whistle into the phone and launch a nuclear missile from the NORAD base!", Kevin began to doubt the American justice system. As a result, he decided to do everything possible to never get caught. However, abiding by the law and giving up hacking were not part of his plans...
The Los Angeles Courthouse next to City Hall
The capture and trial of Kevin Mitnick was hailed in the American press as a landmark victory for justice against one of the most dangerous hackers, who could break into virtually any system using a computer and a regular telephone. Time magazine ran an article in January 1989 that said: “Even the most dangerous criminals are usually allowed to use the telephone, but Kevin Mitnick is not. At least not without a guard watching. And he is only allowed to call his wife, mother and lawyer. Giving Mitnick a telephone is like giving a gun to a criminal. The 25-year-old former college student is accused by federal authorities of using telephone lines to become one of the most dangerous computer hackers of all time.”
In the public eye, Mitnick already seemed like a sinister superhacker in 1989, capable of starting a nuclear war just for fun.
Mitnick was both flattered and outraged by such assessments. At the judge’s request, he was in a solitary confinement cell measuring 3 by 2.5 meters, and once again in his young life he sadly looked out the narrow window at the center of Los Angeles, which was seething with life, but so inaccessible. Later, he would describe this oppressive existence as spending many days in a cell for 23 hours a day with a dim light bulb. He was taken out of the cell only to take a shower and take a short walk in a small courtyard-well. Mitnick’s rare meetings with relatives, the radio and books he was allowed, as well as… mountains of high-calorie and sweet food that he ordered from the prison store as an anti-stress, helped him stay sane. As a result, during his time in the cell with minimal physical activity, he gained weight up to 109 kg.
Living conditions in solitary confinement looked something like this
Kevin could only make calls from a payphone, to a strictly limited list of numbers for relatives and a lawyer, under the supervision of a security guard. He could only call his wife Bonnie outside of working hours. In a combination of longing for his beloved wife, a desire to show the system his independence, and spite, Mitnick learned to call Bonnie at work under the guise of calling her mother. To do this, he would dial the number on a payphone blindly, pretending to scratch his back, and then discreetly hang up, holding the receiver tightly to his ear so that the guard would not hear the beeps.
American prison payphone
After two weeks of such calls, Kevin Mitnick was visited in his cell by surprised men in civilian clothes. They took him into the interrogation room and began asking him how he was able to make unauthorized calls right in front of the guard. Kevin denied everything, but the phone connections from the prison payphone were easily tracked. Eventually, he was given a personal phone, but with one caveat: the device itself was outside the cell, the guard dialed the number, and only the receiver was given to the cell. Now even Kevin Mitnick, with his dexterity and intelligence, could not bypass the system, and he was furious.
At first, DEC, whose source code Kevin and Lenny accidentally uploaded to the servers of US military bases, planned to bring the most serious charges against Mitnick. The federal authorities also wanted to stage a high-profile and show trial of a dangerous hacker who posed a threat to national security. However, while Mitnick was in solitary confinement, the company's management reconsidered its position and became less harsh. As a result, Mitnick managed to conclude a pre-trial agreement: he admitted his guilt, revealed to Andy Goldstein from DEC all his methods of hacking their systems and testified against Lenny di Cicco, which Kevin was very, very happy about.
As punishment, he was sent to a federal prison for one year, or, as they would say in Russia, to a penal colony. In addition, Mitnick had to spend another six months in a social rehabilitation center for ex-prisoners. Luckily for Kevin, in the colony in Lompoc, he was not placed with representatives of the criminal world from South Central or Grove Street, but with people who, like himself, were intelligent and were mostly in prison for financial crimes. One of his cellmates literally transformed Mitnick physically: he taught him to take long walks and exercise, and also convinced him to switch to a healthy diet. The hacker's physical data gradually returned to a more decent state.
Mitnick had to learn to love dishes like rice with vegetables, which he had previously despised as a fast food fan.
However, literally on the eve of his release, life once again presented Mitnick with an unpleasant surprise. His beloved wife Bonnie, whom he dreamed of returning to every day in prison, announced that she was filing for divorce. Moreover, with the help of the same social engineering and his technical savvy, Mitnick learned that she had been cheating on him for some time with his best friend Lewis de Payne. Attempts to get Bonnie back were unsuccessful. In anger and stress, Kevin began to actively engage in physical exercise, and as a result, instead of 109 kilograms, he weighed only 64 kilograms.
Kevin and Bonnie at the wedding (and this is before prison)
Kevin after switching to physical and healthy lifestyle
After working for a while in tech support and rehabilitation, Mitnick moved to Las Vegas, where his mother lived. There he purchased one of the most advanced mobile phones of the time, the Novatel PTR-825. Kevin immediately began to think about how to use this phone to make calls and talk without being tracked and tapped by federal agencies. Using his social engineering skills and ability to bypass office procedures, Kevin, posing as a company employee, received several special chips with modified firmware from a certain Kumamoto-san from Novatel.
Novatel PTR-825
There was still a lot of work to do after that, including a long game of cat and mouse with the FBI. But even in his later years, Mitnick considered this chip scam by Novatel and other companies to be the pinnacle of his social engineering skills. Each of these chips, with special firmware for technicians, allowed the phone's ESN to be freely changed and hidden from the cellular network, making it look like any other phone from the same manufacturer. Now Kevin was a ghost in American cellular networks, elusive to eavesdropping. As befits a Condor, Mitnick took this hacker pseudonym in honor of the protagonist of the 1975 American spy thriller, who masterfully evaded pursuit by CIA assassins.
Mitnick liked to associate himself with the main character of the film Three Days of the Condor
And it was very fortunate, because soon Mitnick received information through mutual friends that Eric Heinz, one of the greatest hackers of his time, wanted to meet him. According to rumors, he and his team had penetrated the systems of US telephone companies so deeply that they could do whatever they wanted there, and Eric himself told how he bought himself two new Porsches by rigging the results of telephone TV contests. Kevin hesitated for a while, but eventually the thirst for adventure and hacking won out. He contacted Heinz through his "shadow" phone and they began to communicate carefully and gradually. Lewis de Payne, the same one who stole Kevin's wife, also took part in this. Mitnick never forgave him completely, but the quarrel did not last long, and the old friendship with a common passion for hacking outweighed the insult.
Lewis de Payne, Kevin's best friend and a bit of an enemy
Eric clearly wanted something from Kevin and was trying to find out as much as possible about his hacking activities and his acquaintances in this field. Mitnick, of course, was wary - this all resembled some kind of trick on the part of the FBI. In his opinion, Heinz even phrased his questions like a cop or an investigator, and not like a hacker. But that was not the only problem. Mitnick could not find a normal job because of his reputation as a dangerous hacker. Worse, a special handler assigned to him according to protocol called every potential employer that Mitnick was supposed to tell him about and warned them about the possible risks of working with Kevin. Naturally, few were willing to take the risk. Mitnick was also kicked out of an advanced programming course at the University of Nevada. In the first week of classes, he could not resist and hacked a workstation, receiving administrative rights.
Meanwhile, the conversations with Eric Heinz continued. One day, Heinz told Mitnick that he and another hacker, Kevin Poulsen, who was later captured by the FBI and sent to prison, had broken into a central telephone exchange in West Hollywood at night. There they found strange equipment and a Switched Access Service (SAS) unit in one of the rooms. As they found out, the system was intended for testing telephone lines, but in fact provided the ability to eavesdrop on telephone conversations on the network. Mitnick was fired up by the idea of getting personal access to this system.
Using the same social engineering talents, he first obtained the system developers' contacts from Pacific Bell technicians. Then, posing as a Pacific Bell employee, he obtained detailed information on how to operate SAS, including remotely, from the system developers. Moreover, Mitnick managed to obtain complete technical data and instructions from the SAS developers. As a result, Kevin and Lewis were able to listen in on any call in Southern California. The scheme had a funny bug: when Kevin connected to the wiretapping system, he had to loudly hum into the receiver, simulating the beep that should have occurred when the equipment was triggered.
Having received information from Heinz about the existence and capabilities of SAS, Mitnick first used it to figure out Heinz's number. Heinz never gave this number directly, contacting him through his other colleagues on a conference call. Then, posing as a telephone company repairman who was troubleshooting, Mitnick also learned the address of the house where Heinz lived. Mitnick especially emphasized that he was able to so easily deceive company employees and pretend to be their colleagues not because he came across frivolous idiots, but because he carefully studied typical process protocols, the manner of communication of people of different professions, professional slang and habits. Thanks to this, he could easily gain their trust, introducing himself as "one of their own from the next office."
In essence, Kevin Mitnick was a kind of hybrid of a cool hacker and Ostap Bender
A lot changed in Kevin's life after a family tragedy that occurred in early 1992 in Los Angeles. His brother Adam was found dead in a car near a crack house. Doctors stated that the cause of death was a drug overdose. The LAPD, the Los Angeles police, did not show much interest in the death of "another fucking junkie" - it was 1992, literally the time and place of GTA San Andreas. However, Kevin decided to independently investigate his brother's death. He was bothered by the fact that the injection site of the syringe did not match the usual place. Kevin suspected two people of involvement in his brother's death: one of his friends and their mutual uncle Mitchell, who also abused substances and could have hooked his nephew on them.
Unfortunately, all of Kevin's knowledge of hacking and social engineering didn't help him find the clues and collect evidence. It wasn't until many years later that one of Mitchell's ex-wives, who had already died, told him the truth: his uncle and Adam had indeed been using drugs together that night. Adam had overdosed after Mitchell's injection, and in a panic, his uncle didn't call 911, deciding that his own ass should be the priority, not his nephew's life. Instead, he and another addict put Adam in a car and drove his body to a known drug den.
During the investigation, which Kevin tried to conduct in parallel with the hacking of the SAS system, he lived in his father's house and, thanks to the common tragedy, unexpectedly for himself for the first time in his life became close to him. However, at some point he realized that under the weight of his brother's death and consolation of his father, he made idiotic mistakes that could cost him very dearly. In particular, he used for some calls, including the hacking of SAS, not his "ghost phone", but one of the phones that were in his father's house. These phones could be tapped by the FBI, the police, or the Pacific Bell security service out of habit. Mitnick was still on probation and was at great risk of going to prison for a decent term for this. Of course, he really did not want to go to "jail" again.
Kevin used technical skills and social engineering, posing as a Pacific Bell security officer, to find out from the switchboard operator at the nearest telephone exchange that there were three gray boxes attached to the wires at the exchange that security had installed there. Mitnick went cold, but found out through the operator that the wires were not wired at his father's house, but at a company called Teltec Investigation. It was engaged in private investigations and what is now called collection. And the head of the company, coincidentally, was an old acquaintance of Kevin's father named Mark Kasden.
When Kevin and his father arrived at the Teltec Investigation office and told Kasden that his phones were being tapped, he just laughed and said that the young man was playing James Bond. A few minutes later, when Kevin, using his cell phone and SAS, playfully turned on the tap on the call between Mark's office and his girlfriend, Kasden was no longer laughing, but was amazed and delighted. And he suggested that Kevin consider working for his company. However, Mitnick continued to study the strange gray boxes for tapping through calls to Pacific Bell employees under the guise of their colleagues from different departments ... and at one fine moment he discovered that the said boxes were cunningly tapping three phones in his father's house, and not Teltec Investigation.
The initial suspicions turned out to be correct: Pacific Bell's security service simply understood the extent of Mitnick's intelligence and skills and took measures to make surveillance of him as unnoticeable as possible. At the same time, the wiretapping was completely legal, with the consent of the police. Kevin was horrified: the specter of another incarceration became more tangible than ever. It was unclear when exactly the wiretapping began and how much the wiretappers had managed to learn about Kevin's latest illegal adventures. He urgently arranged for his father and Lewis to remove his computer and all incriminating materials from the house. After which they thought about it and managed to find a way to listen in on the wiretapping of Pacific Bell's security service. As it turned out, it was far from always carried out with the sanction of the police and the court - and in one case Kevin and Lewis discovered a wiretap on the phone of a federal judge.
Then Kevin and Lewis had their first face-to-face meeting with Eric Heinz. They immediately disliked him: the guy was very arrogant, persistently talking about how he changed women like gloves, and clearly assumed that "these two" would beg him to let them work with him, the great hacker, at least a little. However, no one was going to beg him - and this clearly angered Heinz. He said that during an illegal penetration of the Pacific Bell station, he managed to get a copy of the dossier on Mitnick, which was kept by the company's security service. Naturally, Mitnick was very interested in getting this information, but when asked directly, Eric began to evade and say that he did not remember where he put it, and would try to look for it, but did not promise anything.
Eric Heinz looked like this
Kevin and Lewis decided to impress their arrogant interlocutor themselves and told him, with a demonstration on their laptop, that they had full access to the very SAS system that he had told them about. Heinz again could not or did not want to hide his anger that the "newbies" had bypassed him in such an important matter. And then things started to get weird. Eric literally demanded that his interlocutors not touch SAS - supposedly it was too dangerous, since this system, which made it easy to wiretap phones, was used by (who would have thought, yeah) the FBI. Then Eric went to the toilet... leaving his laptop on the table in the cafe, as if inviting his friends to look in. Kevin and Lewis thought it was some kind of setup and did not risk it.
An example of a laptop from the early 90s, Toshiba T3200SX
Upon returning, Heinz boasted that he had a universal key for physical access to any of the telephone exchanges. The parties parted clearly dissatisfied with each other, but at the same time interested in each other's resources. However, Kevin was literally running out of time and his ass: he did not know from what date the wiretapping had been installed in his father's house, and what the security service and the FBI might know. If they knew too much and were just waiting for a convenient opportunity to arrest him, it was time for him to flee the United States to any country that did not have an extradition agreement with Washington. Kevin and Lewis, knowing the previously calculated address of Heinz's home, went there - and found not a hacker's hut, but a pretentious apartment complex with a swimming pool and other joys of life.
Modern photo of this apartment, 3636 S Sepulveda Blvd, Los Angeles, CA
Eric was literally furious that they showed up at his house without asking. Kevin asked for a master key. Eric refused to give it to him. Kevin risked telling him about the wiretapping in his father's house. Eric still refused to give the key, but suggested going to the center together some night. After that, he openly gave his friends the cold shoulder for a while, each time promising "tomorrow for sure." One morning, instead of another denial, Eric suddenly said that he went there himself, correctly named all the numbers his father was wiretapping, and said that the wiretapping had begun on January 27. However, there was a nuance: Eric said that they did not have to break the mechanical lock on the door, since he was not there that night.
However, Kevin often drove past that center and saw that the lock was always in place, including that morning. The oddities multiplied. Kevin and Lewis increasingly suspected Eric of being a pathological liar at best, and of working for the FBI at worst. The arrest of Kevin Poulsen, with whom Eric had previously worked and penetrated the phone center, also took on particularly unpleasant tones in this light. When the friends discovered that all the numbers of the Impac Corporation company, where Lewis worked, as well as his home, were wiretapped, they decided to try to expose Eric.
They called him from a ghost phone and told him about Lewis's wiretap. Eric promised to try to figure it out, but for some reason he immediately refused to consider the version that it was the FBI. The next day, Eric called them himself on the agreed number - saying that he was calling from a pay phone. But the call was clearly not from a pay phone. Worse, Heinz tried to get Lewis to verbally admit to using illegal mechanisms at work. At the same time, Lewis called Eric's home number, where an unknown man immediately answered. Irritated, Heinz said that no one should be at his house, he did not like these oddities and he was lying low.
Kevin and Lewis rolled up their sleeves and threw everything they had into figuring out who this fucking Eric Heinz was. Their first few discoveries made their hair stand on end: the calls from Heinz's apartment revealed that he was calling the FBI's Los Angeles headquarters, among other places. Then things got even more fun: they discovered that he had been given an expensive apartment without the usual background checks and so on, and that he was listed there under the name Joseph Wernl. They also found a cell phone number... which turned out to be registered to U.S. government agencies and the name Mike Martinez. Finally, when they got hold of a printout of the calls from that number, they found out that it was constantly calling not only the FBI's Los Angeles headquarters, but also some numbers in Washington, D.C.
"Eric Heinz" was definitely and very actively working for the FBI, this could be considered proven. The only question was whether he was a career undercover agent, which did not fit well with his image of an informal metalhead and strange for an FBI officer manners and complexes, or whether the feds were simply using him as an informant and provocateur in the hacker environment for money, and / or keeping him on the hook for past sins. Having obtained some more classified data, Kevin managed to identify some of "Eric's" regular telephone interlocutors: they, as expected, were FBI employees and Pacific Bell security service. Mitnick even managed to establish the name of the head of his new adversary: Ken McGuire, a career FBI agent from the WCC3 special unit for combating "white-collar crime".
With the help of social engineering, Kevin managed to figure out the real name of "Eric": Joseph Weiss. A career FBI agent. Yes, in the intelligence services of any country there are quite a lot of people who are quite typical for an experienced eye of types, manners and bearing, but still, not all intelligence officers look like intelligence officers. Joseph Weiss, who looked like literally the complete opposite of a typical "federal", who were nicknamed glowies for their visibility even under cover, is a striking example of this.
Joseph Weiss's documents, which Mitnick would later obtain
Kevin knew that the FBI was literally on his tail. However, he had no intention of fleeing the country or at least hiding and lying low. Instead, he led a demonstratively ordinary life... and carefully, with the help of his ghost phone, SAS and growing access to various institutions and their databases, began to study those who were obliged to follow him. Namely: Joseph Weiss and his colleagues. Thus began the very game of cat and mouse between Kevin Mitnick and the FBI, which became a legend in the history of the hacker movement, and turned Mitnick himself into one of the most wanted criminals in the United States, whom even the FBI employees treated with respect and admiration. But more on that in the next part!
Part 6: Cat and Mouse with the Feds
In the previous part, we told how Kevin Mitnick and his friend Lewis managed to figure out the fake hacker "Eric Heinz" - FBI agent Joseph Weiss with the appearance of a slacker rocker, who was playing an operational game with them. The friends, thanks to technical skills and social communications skills, managed to figure out many details - right down to Weiss's colleagues at the Los Angeles FBI headquarters and the address of his parents. At first, Kevin thought about fleeing the country - he really didn't want to end up in prison again, but excitement, a sense of protest and a desire to screw the system over again took over. Mitnick began to play cat and mouse with the FBI. While the FBI tried to follow him and collect evidence for the trial of "the most dangerous hacker in the United States", he learned to track every step of the agents hunting him.
Kevin Mitnick later said that he literally couldn't resist looking for all the information he could about his new enemy: FBI agent Joseph Weiss, aka "famous hacker" Eric Heinz, aka apartment tenant Joseph Veril, aka cell phone subscriber Mike Martinez. Mitnick was also interested in Weiss's immediate superior, Ken McGuire, at FBI headquarters in Los Angeles.
Ken McGuire still works for the FBI today.
To further penetrate the secrets of the feds pursuing him, Mitnick skillfully and habitually disguised himself as a Los Angeles Department of Water and Power (DWP) employee from a special unit that handled law enforcement and emergency services. Employees of this unit were required by security protocols to request certain data from police officers, FBI agents, and so on, since they were giving them access to classified data on civilian suspects.
DWP building in Los Angeles
Mitnick took advantage of this cheat. He went under the guise of a DRW employee to the FBI Special Investigations Division, which had caused problems for Kevin back in college, and obtained from a certain Sergeant Davidson a list of the agency employees in contact with DRW "for the formation of a correct database." And then (oh, the holy simplicity of the 90s!) a list of passwords for these employees, which they had to give to control access to sensitive information. Kevin then used the personal data of the careless Sergeant Davidson to make calls allegedly from the FBI Special Investigations Division especially often.
What can you do?
Mitnick's first move was to find out "Eric Heinz's" new address (he had just rented a new apartment in the same expensive apartment complex) and his new phone number, which was a real turnoff when the FBI agent didn't bother to register it under another fake name. Kevin's next target was the California DMV. He called the sheriff's office extension as a police lieutenant named Moore, and spoke with enough inside knowledge that he was given a special DMV number to contact law enforcement without question or hesitation.
Then Mitnick figured out that calls to that number were being forwarded to one of 20 different numbers in the DMV database, so he arranged for one of them to be forwarded to his ghost phone. He began receiving calls from the police, the FBI, the Drug Enforcement Administration, the Alcohol, Tobacco, and Firearms Administration, and even the Secret Service, the oldest U.S. intelligence agency, which protects top officials and combats counterfeiters.
Secret Service employees on duty
According to protocol, all callers gave the operator their login details and passwords to log into the system, so that it could be tracked who was requesting what information about vehicle registrations for individuals and organizations. Mitnick diligently wrote down all this data until he had collected a sufficient database to log in under the names and passwords of many employees of different agencies. Then he turned off the forwarding, as if nothing had happened. Now Kevin could find out in a matter of minutes who was registered to certain cars, including those used for external surveillance and detentions by FBI agents. This would save him from arrest more than once.
At the same time, Kevin Mitnick was officially hired by the private investigation company Teltec. Its director Mark Kasden, a friend of Kevin's father, and co-owner Michael Grant were impressed by Mitnick's skills in gaining access to wiretaps and various classified data - which was very useful in their work as private detectives and collectors. They were also very interested in why someone had connected listening devices to their telephone lines. Kevin managed to find out that the wiretaps were installed by employees of the sheriff's department and the security service of the Pacific Bell telephone company, which very often became the target of his hacks, because of which he was repeatedly caught by law enforcement, and with which he had been conducting a kind of mutual vendetta for several years.
A typical Pacific Bell payphone
As it turned out, Teltec's office had been raided a few months earlier, suspected of illegally accessing credit card databases. Kevin managed to wiretap the line between a sheriff's department employee and the phone company's security service, and found out that the Teltec case had stalled completely. This pleased his new bosses.
Then Kevin thought about making some money using the method that "Eric Heinz" bragged about: winning radio contests with phone calls from listeners. Mitnick and his friend Lewis figured out how to do this: they got the radio station's internal number to bypass filters that limited the connection speed and the number of incoming calls from the official 8-800-... contest number, and organized "drum" dialing to always be the first. The thing is, the winner of a typical contest at Los Angeles radio station KRTH was simply the one who got through after a certain number of callers.
The scheme worked. Kevin and Lewis split the first prize of $1,000 in half. However, the same person could only become a prize winner once a year, so the friends organized the scheme through their relatives and acquaintances: whoever agreed to accept the money into their account received $400, and Kevin and Lewis split the remaining $600. Many agreed, since at that time... it was not even considered fraud or an offense. Having won about 50 times, the friends exhausted the supply of their acquaintances and "earned" about $7,000 each. According to Mitnick, this was the first time he used his skills to get money, and not just out of interest. For $6,000, Kevin bought his first laptop in his life, the then-fashionable Toshiba T4400SX with a 486 processor.
Toshiba T4400SX
And at that time he came up with a very insidious plan to fool the FBI at least until his suspended sentence ended in a few months and it would become much more difficult to throw him back in prison. He decided to deliberately leak to "Eric" through Lewis a fake about how he was going to contact some cool hacker group in Europe, either in Germany or Bulgaria, to participate in electronic hacking and theft of money from accounts.
The logic of the plan was as follows. Kevin still didn't know how much and what the FBI had managed to dig up about him since the surveillance and wiretapping of his father's house began. They could well have evidence to take him at any moment and throw him in prison for violating his parole. But if the FBI decided that the dangerous hacker Mitnick was going to go on a big and directly criminal case, then they would not take him, but would only keep an eye on him, so that they could take him at the last moment and loudly announce to the American people about the heroic capture of a threat to national security, a villain of computer technology.
Spoiler alert: this was far from the best idea Kevin Mitnick ever had.
The canard was launched, "Eric" became extremely interested and began to try to find out details from Lewis, but he denied that the cautious Mitnick had not told him any details. In parallel, Kevin began to listen in on calls from the Pacific Bell security manager, who was helping the FBI track Mitnick, using his ghost phone and a hacked SAS system.
While listening to one of the manager's audio conferences with his colleagues, he finally heard something that pertained to him: Pacific Bell's security team was brainstorming about how to finally catch the damn Mitnick, collect evidence on him, and hand it over to the FBI so that they could put the annoying hacker and phreaker behind bars. Kevin resisted the huge, mischievous temptation to jump in and say, "I don't think this is going to work. This Mitnick is pretty smart! You never know, maybe he's listening to us right now!"
The trouble came from an unexpected source: the police arrested Teltec owner Armand Grant. His son and the company director posted bail for him, but they were told that Armand would not be released for a couple of days. Mitnick offered to solve the problem in 15 minutes. He dialed the prison bail department's internal phone, introduced himself as a police lieutenant, and said that Armand should be released out of turn immediately after the bail money was deposited in the account, since he was helping with an important investigation. Soon Armand was met by his son and the company director.
Mitnick's search for all possible information about "Eric Heinz" became literally maniacal. After a long search, mostly using social engineering methods, he managed to find the numbers of his two Wells Fargo bank accounts and the latest transaction statements using the Social Security number he had already obtained. To Kevin's surprise, thousands of dollars were constantly coming and going from the accounts every week. He never showed up at Alta-Services, where the owner of these accounts was officially listed under the pseudonym Joseph Veril. Kevin became even more curious - and to clarify the picture of what was happening, he decided to get the tax return of the FBI agent who was following him.
However, the IRS discovered that "Veril" had not paid a cent of income in the last two years, because, according to the IRS, he had no income! Even more surprised, Kevin discovered that "Eric" had in the meantime finally left the apartment complex for an unknown destination. No big deal: Mitnick quickly found out "Joseph Veril's" new address through the already hacked Department of Water and Electricity. However, after Kevin's call, he quickly moved out again.
Then, knowing the number of "Eric-Joseph's" pager, Kevin found out its unique SAP code, bought a similar one and persuaded the company manager to enter it into the device on the grounds that "I accidentally drowned the previous one in the toilet." Now all messages that came to the agent's pager were duplicated on Mitnick's new pager. In addition, Kevin finally figured out how to wiretap "Eric's" phone number through the SAS system: after all, doing it directly was dangerous and pointless, the system made a characteristic click when triggered, which the subscriber could hear, and the agent knew this very well. However, Mitnick figured out how to bypass the restriction, and as usual instructed another company employee on what needed to be done on the equipment.
He did it just in time: soon he heard "Eric" discussing with his boss, Special Agent Ken McGuire, that Mitnick's home needed to be searched, and that in order to get a search warrant, he needed to collect at least some evidence. Kevin put down a pile of bricks on the spot, urgently changed his phone number once again, and rushed to tell Lewis that the feds were really on his tail and that he needed to get rid of any possible evidence immediately. Having shoved all the suspicious equipment and disks among reliable friends and relatives, Mitnick exhaled a little... and began to dig further about "Eric".
He managed to get a number from the Social Security system registered in the name of Eric Heinz. However, the database indicated that the bearer of this number was a disabled person receiving benefits who lost his leg in a motorcycle accident. In addition, it was indicated that Heinz's father was his full namesake. Having obtained his phone number and calling under the cover of a former classmate, Kevin was shocked once again: Eric Heinz Sr. considered the call a very cruel joke, and explained that his son with the same name died with his mother in a car accident at the age of two, and he never had any classmates. Mitnick even managed to get a copy of the death certificate of the real Eric Heinz from the Seattle Bureau of Vital Statistics.
Mitnick also managed to obtain a copy of the driver's license for "Eric Heinz"
As Kevin continued to analyze the FBI's phone traffic, he discovered that Ken McGuire was frequently calling the same number. The number, it turned out, belonged to David Schindler, an assistant U.S. attorney who had prosecuted Poulsen, a former colleague of "Eric Heinz" who had, by some strange coincidence, fallen into the FBI's trap and then into prison. This confirmed Kevin's worst fears: this was serious, the system was working hard and purposefully to put him in prison. Mitnick really didn't want to go to prison.
Mitnick managed to find out a new phone number through the same phone traffic analysis, and through it, the fourth address of "Eric" that he could remember: it was again an expensive apartment, this time near Hollywood. FBI agents live well, Kevin thought. And he began to prepare for a possible visit to his Teltec office. The thing is that Mitnick spent the night and hacked from his laptop "in secluded places", but even he couldn't work remotely at that time.
However, his work brought him not only legal money, but also moral satisfaction: he sincerely enjoyed helping to find and put the screws on various assholes, like malicious alimony defaulters or crazy relatives who kidnapped children from their parents. True, the methods of work of both Mitnick personally and Teltec allowed them to please and fork out their clients, but from the point of view of American laws they were more than questionable.
Kevin bought a radio frequency scanner and a cellular data interpreter. He managed to set up the equipment so that it would alert him whenever any of the numbers he had previously identified as belonging to the FBI, all of the "Eric" subscribers, and other characters he didn't want to cross paths with appeared in the coverage area of the cell tower closest to his office. Again, this was a good time.
One September morning in 1992, Kevin arrived at work before everyone else and heard a distinctive squeak from his work station. The system recorded the appearance of a cell phone in the coverage area of the tower near the office, and not just anyone, but the FBI Special Agent in Charge Ken McGuire, who was personally in charge of his case. He had been in the area for two hours already, and managed to make a call to a pay phone. Having immediately found out the address of the pay phone, Mitnick became even colder: the pay phone was located literally across the street from the rented apartment where he spent the night. The morning was no longer languid at all. The FBI was on Mitnick's tail almost literally.
Having exhaled slightly and having decided that if they were going to take him, most likely the mousetrap would have already slammed shut, and he himself would be lying on the floor and listening to the Miranda rules, Kevin waited for his superiors. He told them that it seemed like they had come for him - and they, being people experienced in such matters, were surprised only by the cunning and foresight of their colleague. Having taken all his things from the office, Mitnick, expecting a chase at any second, rushed out of the city to the north along Highway 101. Having got out and not noticing a tail, he called Lewis and warned him about what was happening. Then they additionally tried to get rid of all potential evidence. Kevin returned to Los Angeles and stayed for a day in a motel not far from his previous home. Having exhaled even more, and even going to work in the office without incident the next day, he regained his composure and decided ... to mock the FBI a little.
He returned to the rented apartment, which was already known to the feds, buying donuts along the way and putting them in a box with a large sign that read "Donuts for the FBI." He left the box in the refrigerator and wrote a similar sign on the door. Then he went to bed.
The love of police officers and security forces in general for donuts is an old American meme
At six in the morning on September 30, 1992, they came for him. True, Kevin woke up from the scraping of a master key in the lock - and in horror assumed that instead of agents (usually loudly knocking on the door and shouting about their departmental affiliation), robbers were trying to break in. Quite a normal assumption, given the place and time of what was happening: LA 1992 is literally a real prototype and source of inspiration for GTA San Andreas.
Mitnick yelled, "Who's there?!", hoping to scare off the robbers by telling them the owner would be ready to fight back. From behind the door, however, came the cry, "Open up, FBI!" At that moment, Kevin realized once again that he had somewhat overestimated his self-control, fearlessness, and moral readiness for a search. Chilled, he went to open the door, and only by the mechanically lowered gaze of the FBI agent who appeared in front of him did he realize that he had come out to the agents as if he were sleeping - completely naked.
As Mitnick had expected, the search was very thorough, but it yielded nothing. He was even a little offended that no one appreciated his joke with the donuts. Then one of the agents - Special Agent Richard Beasley, already familiar to him from previous misadventures - began the conversation. First of all, he quite traditionally told that Lewis "has already given all the evidence against you, so you better spill it yourself, otherwise you'll be gone for a long time." Kevin did not believe this, since he and Lewis had discussed this more than once, and the FBI certainly should not have had any evidence in this direction. However, then Agent Beasley turned on an audio cassette ... on which Kevin proudly showed Mark and Michael from Teltec the wiretap of Detective Simon and Pacific Bell security specialist Santos about the surveillance of Teltec.
However, to Mitnick's sincere surprise, he had not yet been arrested: there was still insufficient evidence for an arrest warrant. He said that he needed to consult with his father and a lawyer, and went to the car. The FBI agents also searched the car - and, to Kevin's horror, they found several forgotten in the glove compartment in the confusion of hiding the disks. He was accompanied by two cars with agents the entire way to his father's house - but they were unable to enter the home without a warrant. When the agents finally left, Mitnick rushed to the office. He did not find any agents or a search there, he breathed a sigh of relief, and just in case, arranged Format Disc C. For such arbitrary use of important company data, Michael Grant became furious and fired Mitnick. Later, Kevin learns that Grant was also going to use potentially incriminating data from his computer to leak it to the FBI and, at this price, get an improvement in the situation with the persecution of his father by law enforcement officers.
There were still three months left on his probation. Mitnick needed to hold out and not get arrested during that time—it would be much harder to put him away later. In early November, he tried to ask his probation officer for permission to go to Las Vegas to visit his mother and grandmother and celebrate Thanksgiving. To his surprise, he received permission on the condition that he report to the Nevada probation office and return by December 4. However, either his growing paranoia or his sixth sense literally forced him to stop shortly after entering the outskirts of the city and start listening to the Vegas police department’s radio using a specially converted radiogram.
Las Vegas 1992 is also very atmospherically conveyed in GTA SA
He studied how cops asked if a car was wanted, went on air, and asked for the same information about his own car. He got the cryptic response, "Are you clear with 440?" After asking the operator to stay on the line, he found out over the phone, posing as a DEA agent, what the code number meant to the Vegas police. It turned out that 440 meant "wanted person." And the operator's question was whether the calling cop could talk out of earshot of the suspect.
That's how Mitnick learned that a warrant had already been issued for his arrest, and that he was now wanted in every state. He later learned that he had been wanted back in early November for illegally accessing the voicemail of a Pacific Bell security officer, but for some reason they were in no hurry to arrest him. Now there was no question of going to the probation office to report: Kevin was officially a hunted man, and they would immediately seize him. He snuck into the Sahara Casino, where his mother was then a waitress, and told her everything. She was horrified and took him home to his grandmother.
Kevin hid with them for a while, notifying the department of his arrival by phone, claiming to be seriously ill, but then asked them to take him back to Los Angeles exactly by the evening of December 4, as he was obliged by the agreement with the handler. On December 7, his probation was ending, and he had a glimmer of hope that after that date the arrest warrant would be invalid.
He spent two nights in his apartment so as not to aggravate the situation by violating the parole rules, although he was very afraid of being arrested. Early in the morning on December 5 and 6, he went out to wander the streets and watch movies in the cinemas. Finally, December 7 arrived. The parole period ended. This time, he went to spend the night at his cousin's, and his mother stayed in the rented apartment to help pack for the move.
Every moment of time during these three days Kevin was expecting something like this.
On the morning of December 10, three men came to the apartment: a bailiff with an arrest warrant, and two FBI agents — including Ken McGuire himself. The mother told them she didn’t know where Kevin had gone, because “we had had a fight the night before and he had gone somewhere.”
Kevin realized that the only way to stay free was to go underground and live the life of a wanted criminal on the run. A new stage in the difficult life of one of the greatest hackers and "Ostap Benders" of American history was beginning. Since childhood, Kevin Mitnick admired and associated himself with the main character of the film "Three Days of the Condor", who skillfully hid from pursuit by CIA killers. Now he had to find himself in his shoes in practice.
Part 7: The Ghost in the Dead Man's Mask
So, December 1992 arrived. The cunning Mitnick failed to avoid the court issuing warrants for his arrest at the last moment of his suspended sentence. The gears of the US law enforcement machine were slowly but surely turning for his soul - and the FBI agents were even somewhat lazy and indifferent about detaining the hacker. They probably thought that a 100% computer geek, with all his skills in tricking the system, would not dare to go on the run and live underground. They underestimated how much Mitnick did not like prison - and how much he did not want to end up behind bars again.
Mitnick was planning to leave Los Angeles for Las Vegas by the most obvious route: Interstate 15, made famous by Hunter Thompson and Terry Gilliam. But before he set off, Kevin couldn’t resist taking another step in studying his personal nemesis, FBI agent “Eric Heinz,” who was masquerading as a successful hacker. Posing as an L.A. County Fugitive Income Tax agent, he requested copies of the driver’s licenses of all three of his opponent’s fake identities from the vehicle registration service.
Ken McGuire still works for the FBI today.
He asked for copies to be faxed to the Kinko's Club in the Hollywood studio area "for urgency." Mitnick, who was hiding at the time with his cousin Truvy, didn't know that the feds had already figured out this move, and the operator immediately reported the call to the senior special investigator of the same agency. He suggested sending Mitnick any suitable fake ID, and a standard template ID in the name of the non-existent "Annie Driver" was faxed to the club. Cars with vehicle registration investigator Shirley Lessiak, her team of colleagues, and a plainclothes FBI representative immediately left for the club to detain "one of the most dangerous hackers in the United States."
DWP building in Los Angeles
Mitnick, probably still not fully aware of the seriousness of the situation and the hunt for him, went to the club with his grandmother to get copies. Having parked for cover in a disabled parking space near a supermarket, the grandmother stayed in the car, and Kevin went to pick up the documents. By that time, law enforcement officers had been lying in wait for him for about two hours, and were sincerely waiting for the “damn Mitnick” to show up as soon as possible. The FBI agent even left on more urgent business. The hall turned out to be overcrowded, and it was Kevin’s turn to get angry and wait in line to receive a fax: there weren’t many of them in use yet, and receiving faxes was a popular commercial service.
Mitnick had no idea that he was already being followed by several people who had been hiding in the crowd of visitors. He had no suspicions even when the coveted folder turned out to contain the license of some unknown lady instead of "Eric Heinz". Outraged by the carelessness of the vehicle registration service employees, Mitnick wandered around the hall and thought about what to do, and he was followed by plainclothes officers of her own security unit, led by investigator Lessyak, waiting for a convenient moment to detain him.
Finally, Kevin left the building through the back door to vent his frustration on a pay phone – and as soon as he started dialing, he saw four men in civilian clothes, led by an energetic lady. They approached and introduced themselves as employees of the investigations department of the vehicle registration service. At this point, Mitnick was already acting on reflexes fueled by paranoia. Roaring, “I don’t want to talk to you!” he threw fax sheets into the air in the hope of distracting his pursuers – and took off running.
At that moment, he really appreciated all the time and effort he had devoted to training, losing weight, proper nutrition and a healthy lifestyle. And also his habit of wearing sports shorts and a T-shirt under his regular clothes. Having easily broken away from his less trained pursuers, almost like parkour through alleys and gateways, he threw his sweater and trousers into some bushes - and ran on, already under the guise of a person training on a run. After 45 minutes, he finally exhaled - and from the nearest pay phone, he dialed his grandmother on the cell phone that was left in the car.
Novatel PTR-825, which is roughly what Mitnik was using at the time
Nobody picked up the phone. Kevin had time to panic for her until he thought of calling his cousin and asking her to find his grandmother. She was found in the car, where Mitnick had left her. When, already at the agreed place in a remote cafe, he asked her why she had not picked up her cell phone, his grandmother was genuinely surprised and said that she had no idea how to use this ingenious device and was afraid of breaking something. It simply did not occur to Kevin that an elderly person from the early 90s might not know how to use a mobile phone. His grandmother also said that she tried to find her grandson in the building, but all she saw was a very puzzled lady with a videotape under her arm: it was investigator Lessiak, who had lost Mitnick, and she had a recording with Kevin’s images from surveillance cameras with her.
And so, the desert hills of eastern California and western Nevada were already flashing past the windows. Kevin was racing to Las Vegas in his beloved grandmother's car. She was driving - and, apparently, the cops did not yet have a description of her car. The trip passed without incident, Kevin stayed with friends of relatives. By this time, he had already drawn up preliminary sketches of plans for further action. The first step was to quickly create a temporary false identity. The second - a more thorough registration of the most plausible new persona with all the papers and documents. Approximately as "Eric Heinz" had already done more than once.
He had the system to back him up, of course, with four profiles created for him as an undercover FBI agent. But Mitnick decided to follow in his footsteps, albeit completely illegally. Kevin Mitnick was to disappear without a trace from the eyes of the state - and the hacker who bore that name was going to start a new life somewhere else under a new name. How to do it? Our hero was going to use both his extensive experience in social engineering and the results of his observation of "Eric Heinz" and his methods, as well as a semi-underground collection of tips for such cases called The Paper Trip.
The Paper Trip, by a certain Barry Reid — most likely also a pseudonym — was published in 1970 by the Californian counterculture publishing house Eden Press. It was intended to help Americans at odds with the system — like anti-war activists, social justice fighters, and radicals of all kinds — hide from its all-seeing eye by posing as other people. The manual suggested the best way to do this was to use the names, birth certificates, and Social Security numbers of deceased people who were similar in age, gender, skin color, and other characteristics — a method called ghosting.
The calculation was that the integration of different databases from different US agencies was only at the initial stage, the entire system was poorly computerized, and the Social Security Service might have no idea that a person with a particular social security number had been dead for many years. Databases in different states were poorly integrated, and often not integrated at all.
The manual considered the best option for the initial selection of candidates for ghosting to be a search in old newspapers for publications about families who had died collectively while traveling to other states: this reduced the likelihood of meeting living "relatives" and made it difficult to link databases about what had happened in different states due to the peculiarities of American document flow. This is roughly how the same "Eric Heinz" came into being - whose real prototype died in a car accident with his mother at the age of two, and his name and data were useful to the FBI to create a legend of its undercover agent in the hacker environment.
However, in order to urgently create a temporary conspiratorial identity, Mitnick decided to borrow the data of a completely living person. Under the guise of a postal inspector, he contacted the vehicle registration service of the northwestern state of Oregon and requested data on a certain Eric Weiss, born between 1958 and 1968. Why Eric and Weiss? These were the real first and last names of the famous magician, who gained worldwide fame under the name Harry Houdini. Mitnick once again could not resist a postmodern joke - and decided to temporarily borrow the data of the namesake of the great illusionist, whom he admired since childhood.
There was such a person in the database with a birth date of 1968 - five years younger than Kevin. However, thirty-year-old Mitnick was in excellent physical shape and could pass for a person of 25 years old. Then he found a number - and dialed ... Eric Weiss himself, asking if he was a graduate of Oregon's main university, Portland State University. He replied that he was confused with someone else, because he graduated from the university in Ellensburg. Having the first leads, Mitnick managed in a few weeks of social engineering and studying databases to extract almost all the personal data of the unsuspecting manager from Oregon and organize for himself a virtually complete package of documents in his name.
Kevin obtained a copy of the birth certificate and forged a W-2 tax form with data on salary and taxes at his alleged previous place of work. Based on this, he passed the driving test under the legend that he had lived in Australia for several years, where traffic drives on the left side of the road, and wanted to make sure that he had the skills to drive in the United States, where traffic drives on the right side of the road. This is how he obtained a driver's license in the name of Eric Weiss - which in the States largely replaces the functions of an internal passport in other countries. And the license allowed him to obtain an official duplicate of the social security policy - with which he could officially get a job.
From Vegas, Kevin Mitnick moved to Denver, the capital of Colorado on the border of the Great Plains and the Rocky Mountains. He chose this place as one of the most dynamically developing cities in the country with a fairly strong IT sector. At the same time, Colorado is located far from California, where he was sought, in the very heart of the United States. In addition, Kevin always dreamed of learning to ski, and from Denver to the ski resorts was a stone's throw: mountain ranges with ice caps are visible directly from the city.
Having reached Denver and temporarily settled into a motel, Mitnick began to look for a job in some company with a computer profile. He wrote a fake, but beautiful and convincing resume - and went to get a job in the local office of a large international law firm Holm, Roberts and Owens. At the interview, in order not to arouse suspicions of excessive knowledge, more typical of a hacker, he deliberately gave several incorrect answers on the technical part. His last place of work was listed as a non-existent Green Valley Systems from Vegas - and when HR called the number indicated in the resume, Kevin, slightly changing his voice, without unnecessary modesty gave himself the most flattering recommendations. Soon he was hired with a salary of $ 28,000 per year. He was supposed to go to the office in two weeks to become a general computer specialist, literally an IT guy.
Now, while there was still some free time left, he had to create another, permanent fake identity, which would be much more difficult to undermine. His choice fell on South Dakota - one of the quietest, most remote, agricultural and provincial states in the entire US - with a population of less than 700 thousand people at the time. Literally "Barnaul, Altai Krai" from the meme. There, Mitnick figured, the digitalization of databases and their comparison with databases of other states would not happen soon, and a lot of water would flow under the bridge since then. In addition, in South Dakota, death certificates were public documents, and any citizen had the right to access them.
Kevin made 20 business cards in the name of a private detective named Eric Weiss, which had a fictitious Nevada private detective license number, a fictitious Las Vegas address, and a fake phone number that went to an answering service. He made his way to the state capital, the town of Pierre with a population of only 13,000, and showed up at the state registrar's office in a formal business suit. The head of the organization was very gracious about the visit of such a polite person, and provided all possible assistance to the "investigation."
Growing up in the California metropolis, Mitnick was literally captivated by the quiet pastoral landscapes of South Dakota and the town of Pierre
Determined to create a new official identity, Mitnick dug through the archives in search of records of white children under three years old, originally from states not neighboring South Dakota, who died in South Dakota between 1965 and 1975. Along the way, Kevin used his social engineering skills to help one of the employees find her lost relative from Vegas — for which he was finally recognized by the team as “one of the guys.” He also accidentally found some treasures he really needed: blank birth certificates were simply lying around in boxes in one of the offices, and the official state seal (!) was simply always on one of the tables. In California or Nevada, such a thing would have been completely unthinkable, but South Dakota was a very quiet and peaceful place.
Seizing the right moment, Mitnick quietly grabbed the seal, locked himself in one of the offices and in five minutes organized 50 birth certificate forms with official seals, after which he returned everything to its original position. When Kevin finally sifted through all the archives, the employees saw him off almost as if he were a colleague about to quit, hugged him and almost cried. Having reached Denver, Mitnick, through his acquaintance from the Social Security Administration, picked up a suitable name for a dead child, to whom the parents had managed to assign a social security number. It turned out to be a certain Brian Merrill: now Kevin had to become a person with this first and last name.
For Mitnick, the quiet and calm office routine in a 50-story skyscraper in downtown Denver had finally begun. In his free time, he learned to ski, improved his legal literacy to avoid new problems with the law, and went to rock concerts. And everything seemed to be going well, but our hero’s misadventures were not going to end there…
Part 8: The Underground Man Gone Wild
In the previous part, our hero took advantage of yet another loophole in the system and created two new identities: a temporary one under the name of Eric Weiss and a more developed one under the name of Brian Merrill. Having obtained documents and records in state databases by hook or by crook, Kevin Mitnick got a job in the Denver office of an international law firm under the first pseudonym. The office routine of a generalist in a very friendly team of employees alternated with skiing in the picturesque Rocky Mountains, hours in the gym, long bike rides, trips to rock concerts and blackjack in Indian casinos. FBI agents seemed to have lost track of him and did not show themselves in any way. Life finally turned to the side he was looking for for “one of the most dangerous hackers in the United States”. But Mitnick would not be himself if he was satisfied with such a peaceful and quiet life.
Denver, nestled in the Rocky Mountains, is one of the most beautiful cities in the United States in terms of its surroundings.
Naturally, Mitnick, like a seasoned bird, did not forget to insure himself. Among other things, he wrote a special script, thanks to which any calls from the company's phones to the phones of the FBI offices and the US federal prosecutor's office in Los Angeles and Denver would immediately result in a coded message being sent to his pager. During his time working at the Denver branch of Holm, Roberts and Owens, the script worked twice: each time Kevin's heart sank below his heels, but both times it turned out that the calls had nothing to do with him. Just in case, he grew his hair long and had a mustache, which he had never worn before.
There are no surviving photos of this period of Mitnick's life, but he probably looked something like this
In addition, Mitnick at that time lived and worked under a temporary and not very well-developed pseudonym in terms of the legend, Eric Weiss - with the data of an unsuspecting real middle manager from the northwestern state of Oregon. He was not completely sure that he had thrown the feds off his tail - and refrained from starting a serious friendship with anyone, much less a relationship. He already knew that if they took him again, the FBI would give everyone close to him a lot of stress, and did not want to set up people he liked - with whom in another situation he would be happy to be friends or meet. Out of the same precautions not to blab to anyone too much, Mitnick almost never drank, even at corporate parties - except for light cocktails in bars.
However, there were also more cynical considerations: he was afraid of letting it slip at some point to a loved one, after which the latter could accidentally or even intentionally cast unnecessary suspicion on him. Mitnick, who once dreamed of being like the main character of the political thriller Three Days of the Condor, now literally found himself in the shoes of an illegal agent in hostile territory, and this turned out to be by no means as exciting as in spy films. But it was very lonely and very nervous. It is not surprising that many real intelligence officers, and not the steely super-agents from films and tabloid novels, have progressive mental problems (which is often why they fall apart), which they compensate for with alcohol and other not particularly useful things.
The only exception and gap in the security system of the illegal Mitnick were regular phone calls with his mother and grandmother, without which his cuckoo, worn out by persecution and loneliness, could really fly away somewhere. His mother would call him from a random phone in the Sahara casino, where she worked - and the call would go to a pre-agreed number, which he would enter into his cunningly upgraded phone. After several months of living in Denver, he could not stand it any longer and came by train to Vegas: several meetings with his mother and grandmother in secret, pre-agreed locations took place literally in the format of spy safe houses (Kevin suspected that his relatives were being secretly followed by the FBI with the aim of catching him).
And with all this, Kevin Mitnick... could not give up his main passion: hacking and gaining access to other people's data through social engineering. So, having hacked the computer of a hacker friend from Los Angeles and having found the login details for the accounts of employees of the company Sun Microsystems, Mitnick could not resist the temptation to go further. He got administrator rights for their network and got to the server with the source code of the latest SunOS operating system. Then his social engineering skills came into play: posing as a technical support employee, Kevin convinced the company employee to accept this source code, write it to a suitable medium and leave it at the checkpoint for the "courier".
At some point during Kevin's wanderings around the Sun Microsystems network and copying anything interesting from it, the administrators and security guys realized that someone was wandering around the system. They even figured out that the hacker was using social engineering, assumed that it was That Very Kevin Mitnick, and took a number of precautions. This only led to Mitnick starting to behave more cautiously, but by that time he was walking around their network as if he was at home and was quietly laughing, reading the correspondence about how he had been weaned off the Sun Microsystems system. One of the employees even received a thank you note on the wall for saving the company's network and defeating Kevin Mitnick - which, however, never actually happened.
Feeling the excitement and impunity, Mitnick went further. He targeted Novell and its network operating system NetWare: including because, according to rumors, everything was very cool with information security there - and it was all the more interesting for him to hack them. After the first successes in obtaining access passwords up to administrators, the scythe met a stone: when trying to get to the server with the NetWare source code, social engineering did not work, the employees quickly realized that a hacker was calling them under the guise of colleagues, the security service took measures. After several attempts, Kevin managed to get some of the files through some less cautious employees, but attempts to get the OS source code only ran into a wall of suspicion and security protocols. Moreover, Mitnick began to suspect that his voice was being recorded and could be used for new legal charges.
To improve his capabilities, Mitnick decided to switch from an upgraded but already outdated Novatel PTR-825 phone to the latest cool Motorola MicroTAC Ultra Lite model. But in order to turn an ordinary "mobile" into a secure tool for hacker manipulations and bypassing the system on bends, he needed the source code of the phone's software. Kevin began calling the company's offices and employees under the guise of an engineer from the Motorola R&D department in Arlington Heights, Illinois. And in this case, luck was on the hacker's side: in just a couple of calls, he ran into a naive young lady replacing her boss, who had gone on vacation, who did not suspect anything and was even so kind as to convince the wary security officers to allow him to send the latest version of the source code.
There was one problem: Mitnick made this call from a street payphone, having rushed out of the office and assuming that it would take more than one call and more than one day; it was a sharply continental Colorado winter outside, and while he was explaining to the young lady what FTP was and how to archive files, he managed to freeze to death. But Kevin was jubilant: according to him, he felt like a CIA officer who managed to recruit an agent in the Iranian embassy under the guise of a representative of a third country. Knowing our hero, you could already guess what happened next: Mitnick got brazen and decided to get into Motorola servers seriously and for a long time. In short, he decided - and did it. In the most brazen way. The company's employees, unlike the savvy Novell staff, were easily led by the most primitive social engineering and after a couple of polite phrases were ready to almost vouch for a random interlocutor in front of their own colleagues.
Kevin Mitnick let his guard down again, got carried away... and made mistakes again. At one not-so-great moment for him, he discovered that the administrator of Colorado Internet provider Colorado Supernet - on whose servers the hacker most brazenly stored his loot in the form of code borrowed from corporations - was monitoring his activities, including attempts to break into Novell and hiding pieces of NetWare source code on servers. And worse, he was concerned about what was happening to a certain FBI agent from Colorado Springs.
Mitnick, instead of immediately leaving Colorado and lying low, decided to have some fun and make fun of his enemies. First, he fabricated a fake registration file with data on his actions that did not actually take place, and sent it to the FBI under the guise of that same admin. Then he found an insufficiently cautious employee in one of Novell's offices, used social engineering to get into their network again and stole the source code of the latest operating system. At some point, he realized with his sixth sense that his actions were being tracked. Then, as the sacramental cherry on the cake, he couldn't resist writing: "I know you're watching me, but you'll never catch me." Later, Novell's security staff would tell him that they had indeed been reading his actions and were pretty freaked out at that moment.
After that, Kevin decided it would be a good idea to leave Novell alone... and switched to Nokia. Specifically, he decided to get the source code for the newest Nokia 121 phone. Now he had to call Finland, but Mitnick was already in no hurry. However, it turned out that the Finns from the Finnish office did not speak English very well: they had difficulty understanding Kevin, and Kevin - their attempts to express themselves in the language of Shakespeare. After several fruitless attempts, Mitnick howled and tried to switch to the British office of the company. It was better there, but only partially: the employee he managed to contact had a very pronounced British accent, and even with dialectisms, and Mitnick, who had previously only communicated with Americans, had to make a lot of effort to understand English by ear. The security measures in the British office were very primitive, so Kevin managed to download the source code of the Nokia 101 and Nokia 121 to the Colorado servers without any problems.
Mitnick decided to go further again. He was interested in the source code of the latest phone under development under the working code HD760. But then a problem arose: the Finnish company's security team realized that something was wrong and blocked the upload of files from their servers via FTP. Social engineering came into play, and Kevin was lucky again: he found a trusting lead developer with good English in the office in Oulu, Finland, who was so kind that he agreed to download the code, write it to a magnetic medium and send it to the Nokia office in Largo, Florida. Where Mitnick was going to pick it up himself or through one of his trusted friends.
However, when Mitnick started calling Largo and asking if the package had arrived, he was clearly being frozen on the line under various pretexts. He realized that they were stalking him again and trying to figure out the location of the outgoing call. Kevin turned to his friend Lewis, who came up with nothing better than to call Largo on behalf of none other than the head of Nokia's American branch, Karri-Pekka Wilska, demanding that they urgently send him a package. His pseudo-Finnish accent did not convince anyone, and the employees immediately reported the strange call to the FBI. It would seem that it was time to slow down, but Kevin and Lewis were stamping their hooves and were eager to get the source code at any cost.
Lewis called the Largo office again as Wilsk and instructed them to send the package to the front desk of the Ramada Inn, not far from Lewis's office. When the package arrived, Kevin called the hotel and asked if it was there. The receptionist kept him on the cold shoulder for several minutes, and the hacker's suspicions grew. When the call was over, Mitnick called the hotel manager and introduced himself as... FBI Special Agent Wilson. The manager practically clicked his heels and obediently reported that the hotel was under the full control and surveillance of the police and the FBI's White Collar Crime Unit. At that moment, a police officer entered the manager's office, and Mitnick, insolent, demanded that he report the situation.
Kevin and Lewis were ready to storm the ill-fated hotel to get to the coveted code. For them, it was already a matter of excitement and self-respect as Very Cool Hackers. But they had to back down. Out of anger, Mitnick went to hack the Japanese-American company NEC in search of the source code of cell phones. Well, he hacked it. He uploaded the results to the servers of the University of Southern California. It took a special effort to get the code for the newest NEC P7 mobile phone: to get it, Mitnick, following Lewis's footsteps, called the company's office under the guise of a Very Important Japanese Man from the central office in Tokyo. With a heavy pseudo-Japanese accent. Oddly enough, this time everything worked out. Oh, the naive 90s.
Kevin became so brazen that he agreed to give a sensational interview about himself to Playboy magazine, not without precautions, of course. However, all this did not go unnoticed. The FBI was literally besieged by angry representatives of corporations with demands to find the damn hackers who were stealing the source codes of their latest products. No one believed that one unbridled adventurer could do this simply out of love for art and self-affirmation: they suspected industrial espionage on the part of competitors, and mentally calculated billions of losses in horror. Mitnick began to understand the scale of the problem when, during another hack on the servers of the University of Southern California, he discovered correspondence about his actions between the administrator Asbed Bedrosyan and the FBI.
As it turned out later, in 1994, Attorney General David Schindler held a secret meeting with representatives of the affected corporations about what was happening. They were all extremely outraged, suspicious of each other, and initially refused to talk publicly about their own leaks. However, in the process of work, law enforcement officers and managers came to the conclusion that the handwriting was quite characteristic and most likely pointed to a very specific culprit: Kevin Mitnick, one of the most dangerous hackers in the United States, who was on the run. However, the company representatives still refused to believe that Mitnick was doing all this out of interest, and not to resell the loot to competitors for large sums as part of some kind of cunning game.
Then, in the spring of 1994, Mitnick was suddenly fired from his job. His department was taken over by a stern new boss who wanted to impose some discipline. She thought Kevin was staying at work suspiciously late and chatting on the phone—meaning he was using his work time to work outside the company with his private clients. The funny thing is that Mitnick did do a lot of illegal and even unauthorized work, but he didn’t do any private work. Unlike his colleague, who was fired along with him for the same thing, but deservedly so. Mitnick had a bit of a row during the firing process, and then became paranoid that his angry ex-boss would dig into his background and find out that his entire identity as Eric Weiss from Oregon was a fake.
With the help of a now former colleague, Kevin managed to quietly hack the company's network from the outside, erase all potentially dangerous files and traces on his former computer, and at the same time stick his nose into his boss's correspondence. As it turned out, the management had no serious suspicions against him, and all that the management cared about was that the fired employee would not start legal proceedings. Kevin, of course, was not going to sue. However, the problem arose where no one expected it. The higher management considered that the unsubstantiated accusation of "Eric" working for third-party clients left too much scope for a lawsuit - and decided to dig deeper to find more significant screw-ups in the fired employee. Well, in the process of finding out, they discovered what Mitnick feared: no Eric Weiss in the form in which he was known in the company existed. Just like the previous place of work indicated in the resume.
Kevin was astonished when his former colleague told him about this. He immediately made up an excuse and said that he was an undercover private detective, after which he cut off all contact. Mitnick really liked Denver, he fought the temptation for a while to simply move to another part of it under a new name, but in the end he rightly decided that he had already exposed his face too much here, and it was risky. In addition, the Playboy journalist working on the interview reported that gentlemen in civilian clothes from the FBI came to him and were very interested in where the main character of the upcoming publication might be.
So Eric Weiss was dead - now the pre-prepared Brian Merrill had to be born, who in fact died as an infant in a car accident many years ago, but left behind a bureaucratic trail.
Source
Part 1: The Dark Genius's Wild Youth
Part 2: The Condor Learns to Fly
Part 3: "My Fortune Has Turned Its Back"
Part 4: The Strangest Reason to Hack the Military
Part 5: The Phantom Number and the Mysterious
Part 6: Cat and Mouse with the Feds
Part 7: The Ghost in the Dead Man's Mask
Part 8: The Underground Man Gone Wild
Part 1: The Dark Genius's Wild Youth
On July 16, 2023, Kevin Mitnick, one of the most famous and archetypal hackers in history, passed away at the age of 59. In the mid-90s, he was considered the most wanted hacker in the world, and for good reason: Mitnick famously hacked corporate and US government networks, bypassed most security systems, wiretapped FBI agents, and obtained tons of confidential information and bank card data, including the accounts of Silicon Valley executives — but he is believed to have never stolen money. And having closed his problems with American law, Kevin Mitnick became one of the best cybersecurity experts. Let's remember the man who largely formed the basis for the classic image of a 90s hacker.
"Did you break it? Did you break it! But you didn't take the money."
Kevin Mitnick was born in Los Angeles in August 1963. It was a turbulent time for the United States: the Cuban Missile Crisis, which almost turned into a nuclear catastrophe, had just died down. Less than six months later, President Kennedy would be assassinated in Dallas. To the sounds of rock and roll, the States were shaken by the psychedelic revolution and the fight for civil rights for the black population, Beatlemania, the hippie movement, and the Vietnam War were on the horizon, and Soviet spaceships with astronauts were honking overhead. And against this backdrop, computer technology was being developed in the United States, at first not very noticeably to the public, but more and more rapidly: both in Silicon Valley and beyond.
Street on the outskirts of Los Angeles, 1963
Young Kevin's life was not particularly cheerful. His parents, Shelley Jaffe and Alan Mitnick, divorced when he was three. However, his father continued to be involved in Kevin's life, but mostly remotely during the first decade. Shelley, half-Armenian, worked as a simple waitress in the diners of the San Fernando Valley: no two-story houses with a lawn from sitcoms, just work from morning until night. They lived in the northern suburbs of Los Angeles on the other side of the Hollywood Hills. The nerd boy with big teeth was lonely and unpopular at schools, which he often changed following his mother's new jobs, but he was very fond of technology. An important feature distinguished him from the "typical nerd": Kevin had a hard time with his peers, but he was not shy and was great at finding a common language with adults, convincing them to do what he needed. He also really liked breaking systems in every sense of the word.
Young Kevin with his mother, early 70s
At the age of one and a half, Kevin managed to get out of his crib and open the front door, as if hinting at his future profile. Kevin's very attractive mother had already changed three official and several common-law husbands in his memory. Alas, they had a hard time finding a common language with the boy, Kevin was mostly annoyed by them, and one even tried to harass him. At the first sign of problems with her son, Shelley threw another man out of the house with his things - and Kevin himself later suggested in his memoirs that the difficulties with his mother's partners also contributed to the formation of his desire to give a damn about authorities and hack the systems of all sorts of high-status dudes.
He also got it from the FBI agents, whom Mitnick literally wiretapped himself.
Kevin's first thoughts about how systems can be broken and how people can be easily deceived came when he was ten. He met a girl his age and even found mutual interest, but they had not yet reached the point of romance. But the girl had a magician father, and Kevin was glued to his sleight of hand for a long time.
Another source of inspiration was a school bus driver who told Kevin about the possibility of hacking police radio frequencies and making free phone calls via special frequencies and telephone network systems. Inspired by the prospects, Kevin spent several months taking evening courses in amateur radio and was officially certified at the age of 12.
Kevin with his mother in a mock prison for a photo op: in 2016 he posted this photo with the comment "If only I knew ;-)"
The adventures of the future hacker in social engineering and system hacking in the broad sense of the word began at the age of 12. Kevin was always short of pocket money, but he loved to ride the streets of the endless Los Angeles on the bus. A ticket cost 25 cents, a transfer cost another 10. And Kevin loved to ride often. He found out from one of the drivers where they sold punches for composting tickets, begged his mother for 15 dollars to buy one, and then dug up unused tickets in the trash at the bus station. After that, he began to travel around Los Angeles and the surrounding areas even more, and spent the pocket money he saved on immoderate consumption of burgers (because of which he lost his athletic shape and slightly increased in circumference).
Los Angeles, 1975 - these are the streets Kevin loved riding the bus on so much that he started counterfeiting tickets
Kevin also discovered his talents for social mimicry and acting. During his Bar Mitzvah ceremony on turning 13, he imitated a rabbi so accurately and in such detail - thinking that this was the norm - that his parents considered it indecent banter. The ability to get into character no worse than the bald guy
In his dangerous business, Kevin Mitnick acted not only as a brilliant hacker, but also as a follower of Ostap Bender
In high school, he befriended fellow radio hacker Steven Shalita. Together, they immersed themselves in the fascinating world of tapping into other people's frequencies to gather information and pull pranks. By tapping police waves and phone companies, they learned the internal procedures and habits of employees so they could sound and communicate like "their own." Kevin soon learned to extract almost any information he needed from the phone company's internal networks, including the personal numbers of Hollywood celebrities: this was called phreaking, and was a popular pastime among not-so-law-abiding American geeks in the 1970s.
In high school, Kevin became fascinated with phones and walkie-talkies, and people around him became a bit uneasy about it.
Along the way, he played a trick on several enemies, causing them to be charged 10 cents for every call they made: the system thought they were calling from a pay phone. Then Kevin got to computer science classes, and the abyss swallowed him up in an instant. He realized that compared to computers and computer networks, telephone systems were a thing of the past. Naturally, Kevin had absolutely no time for studying: neither for studying a new field for him, nor for computer games.
Young Geeks and Early Computer Games
Naturally, Kevin didn't leave it at that and very soon got the hang of breaking primitive passwords on the school computer for unlimited access. The teacher, Mr. Crisp, tried to replace the usual passwords with a punch card reader - but he didn't take into account that he carried these punch cards in his shirt pocket, where the sequence of holes was easy to read by eye. Worse, Kevin managed to get to the network that connected the school machines with the computers of the University of Southern California, and also put to shame all attempts to block access to them. Well, and then decided not to trifle, he went directly to the dean of the computer science department of the California Institute of Technology, Wes Hampton - and begged him to give him, as a young talent, access to their machines, more powerful and advanced.
If Dean Hampton knew who he was letting into the "garden"...
Kevin Mitnick began studying BASIC and Fortran and after a few weeks wrote a phishing program to steal passwords from students at the institute. This was soon discovered, but the lab assistant who noticed it was rather touched by the student's talents and even helped him debug the code. Kevin did not commit any malicious acts: he simply wildly enjoyed having access to the widest possible range of information, especially if it was classified.
However, the password hacks were then discovered by another lab assistant. The matter ended with three campus security officers storming into the classroom where Kevin was working, restraining him, handcuffing him, and not letting him leave the station until his mother picked him up. Naturally, he was banned from the institute's cars, but there were no legal consequences: US laws were just beginning to recognize such things as criminal. Kevin was told about it all the time, but it only made him more excited.
The character of Hackerman is largely based on a young Kevin Mitnick.
Then there was admission to Pierce College in Los Angeles... from where Kevin was soon expelled for hacking everything and everyone with the wording "we have nothing to teach him, he already knows everything." At this time, Mitnick did not stop improving both the art of penetrating telephone networks and the art of hacking computer networks. His passion for the latter played a cruel joke on him. He got in touch with a group of hackers who decided to use the 16-year-old talent in the dark. In 1979, they instructed him to hack into the networks of Digital Equipment Corporation, supposedly to "test his skills" - from where they were actually going to steal the code for one of the newest programs. Mitnick did not hack the network directly, but simply convinced the chief system administrator that he was one of the developers who had screwed up the password. The system administrator was so kind that he gave Kevin everything, including the status of a privileged user. The "friends" stole everything they wanted, disappeared into the sunset, and turned the performer over to Digital Equipment Corporation.
Happens!
At that time, no criminal case was opened against Kevin – the legal basis was still very weak. However, already in December 1980, he managed to attract the attention of the FBI: together with his friend Misha Gershman, they hacked the database of a company that systematized the pedigrees of racehorses. They noticed the hack and informed the FBI. To Kevin’s horror and his mother’s amazement, an agency employee came to him – but for now he only gave him a pedagogical talk.
As you might guess, it didn't help: Kevin immediately contacted another team of hackers, with whom he began to hack even more ferociously and brazenly. Later, he recalled that he repeatedly promised himself and his worried mother to quit phreaking and hacking, especially when it became fraught with prison, but he could no more fulfill these promises than a seasoned alcoholic could quit drinking. British psychiatrist Roy Escapa, who later observed Kevin Mitnick in prison, officially stated that he really could not help but hack systems due to a serious compulsive mental disorder... Well, Kevin helped him hack the international communication system and call England from the USA for free.
Anonymous Hackers Club
Kevin was framed at his new company, too: in 1981, after stealing lists of internal numbers and technical manuals from the Pacific Telephone building, his hacker colleague Lewis couldn't think of anything cleverer than to brag about this epic achievement to his ex-girlfriend, a hacker named Susan. They had recently broken up in a scandal because Lewis had cheated on them - and who had already tried to frame the impostor along with his friends by hacking into US Teasing's computer system, erasing files and printing the text "MITNIK WAS HERE DAMN YOU" on all printers.
Hacker, don't call your ex when you're drunk, especially if they're also hackers!
Naturally, Susan leaked everything to the cops. Soon Kevin was intercepted in a standard Ford Crown Victoria, which didn't even have the word "cops" written on it at the time, pulled over to the side of the road with a siren on the roof blaring, and three guns pointed at him. After that, they roughly laid him face down on the ground, handcuffed him, and started shouting about Kevin having a "logic bomb" in the trunk. Apparently, this was Susan's crazy joke, which the cops took too literally.
Kevin Mitnick arrested
Kevin ended up in the California Youth Authority (CYA) in Norwalk, where they kept juvenile offenders in almost full-fledged prison conditions and wondered what to do with them next. In Norwalk, in the company of aspiring South Central gangsters and other wonderful people, Kevin Mitnick celebrated his 18th birthday in the summer of 1981.
Then he was released on probation, and everything would have been fine... But Kevin couldn't resist. Together with his hacker friend Lenny DiCicco, they dug into the network from the lab of the long-suffering University of Southern California: Kevin still couldn't afford a normal machine and used the university's. And they quietly hacked all the networks and passwords they could get their hands on.
Kevin Mitnick just couldn't help but break networks.
The connection was slow, and his hacker friends were pissed off. But one of the university buildings had a cluster of DEC TOP-20 mainframes connected to the ARPAnet… Anyway, in December 1982, armed police stormed the classroom where Kevin and Lenny were sitting again. As it turned out, they managed to hack into not only the accounts of university employees, but also at least one of the accounts of high-ranking Pentagon employees via ARPAnet. The police leaked the case of the young hacker to the press, and journalists got carried away, as usual, and to this day there are articles circulating on the Internet claiming that Kevin hacked into nothing less than the North American Aerospace Defense Command (NORAD) in retaliation for his first stint in prison.
Yes, yes, this very command center in case of a nuclear war in a deep underground bunker. Kevin Mitnick himself denies this
Kevin was sentenced to three years in prison, released on parole after six months, but was kept in suspense for a long time with periodic arrests. Apparently, law enforcement officers were already beginning to understand who they were dealing with.
Naturally, after getting out, Kevin Mitnick couldn't quit, although he tried. And almost the first thing he did was hack no less than the US National Security Agency - which, in fact, was supposed to be on guard of national cybersecurity.
… But we will look at the further adventures of Kevin Mitnick, the blossoming of his career and the crazy cat and mouse with the FBI in the status of the most wanted cybercriminal on the planet in the second part. Stay with us!
Part 2: The Condor Learns to Fly
In the previous part, we left Kevin Mitnick at the stage of his first "trip": he managed to get out on parole, but the state police and the feds already realized who they were dealing with and began to keep an eye on "Condor". Mitnick took this nickname as a teenager - after watching the spy thriller "Three Days of the Condor", where a CIA analyst with the same call sign found himself a target for hunting by his colleagues. Despite the attention from the "authorities", Kevin Mitnick literally could not resist hacking everything and everyone - and the dangerous game continued with increasing stakes.
Having escaped to freedom, Kevin first of all got into the frequencies of local radio amateurs. And he quickly quarreled with someone there, so quickly that the latter reported to the police about another hack of a private company's networks. Mitnick and his mother were called to the probation officer to "clarify some issues": since he initially got into trouble at the age of 19, for the American Themis he remained a juvenile offender. However, in the office he was tied up, handcuffed and taken to the detention center in Van Nuys.
The Van Nuys detention center where Kevin Mitnick spent time in the early 1980s
Luckily for Mitnick, just a week before the events described, his uncle Mitchell had been there - creatively squandering his billion-dollar fortune, made in the real estate market, on cocaine and other substances. Kevin helped his uncle by reconfiguring one of the pay phones in the detention center in such a way that you could call anywhere from it and talk for as long as you wanted, and the call would be recorded on the police account. Well, who else?
Officer Tenpenny would be very unhappy with suspect Mitnick.
Now Mitnick himself found himself in this detention center - and due to the rather free regime on the territory, he managed to contact many people during the first night. In particular, thanks to this, he managed to escape from one of the most dangerous places in the California penitentiary system - the Los Angeles County Detention Center. It is not entirely clear why, but soon Kevin was sent to the very place where suspects from street gangs and other equally dangerous characters, familiar to the Russian gamer mainly from the GTA series, were kept in large numbers. The fat geek in glasses was thrown into a common cell with comrades of the creepiest appearance and behavior, and only the timely intervention of his parole supervisor allowed Mitnick to get out to more decent places the next morning.
"Everyone knows what they can do in prison"
So, Kevin served his 60 days and was free again. Where did he go first? You'll never guess: to the police academy! Where... no, he didn't apply for admission, as you might expect from a detective comedy, but bought a colorfully illustrated annual magazine of the Los Angeles Police Department. In its photographs - oh, the naive 80s! - the white teeth of employees, including those working in civilian clothes and undercover, were flashing. It's no surprise that our hero studied the photo portraits and lists of personnel of the department with great care, with whom he planned to intersect as little as possible in the future.
After his release, Kevin got a job as a computer programmer at a company owned by one of his mother's friends. As expected, he got bored there very quickly, found another like-minded person and again went on a rampage in the field of hacking and phone phreaking. However, big brother was already watching - and soon Kevin, going out for lunch with a female colleague, noticed a suspicious group of fit men near the office, whose faces were familiar to him. Not only from the LAPD yearbook, but also from personal experience: a couple of years ago, one of the law enforcement officers had already laid him face down on the ground, and then diligently searched the trunk for a "logic bomb".
Instead of running away and getting caught, Kevin put his arm around his colleague and asked her to play along, whispering that he had spotted an unpleasant acquaintance and didn't want to be seen (which was basically the truth). They got into the car together, Mitnick ducked down and asked to be driven to a pay phone a couple of blocks away. I don't know what his colleague thought, but soon Kevin was dialing one of the Los Angeles police departments:
Having learned that he was being charged with a parole violation again (and most likely deservedly so), Kevin went into hiding at his grandmother's house. Having studied the laws, Kevin found out that if he kept quiet for another four months until February 1985, the arrest warrant would expire and he would be formally cleared before the law. With this in mind, he made a deal with his grandmother's friend, whose parents had a house north of San Francisco, jumped on a Greyhound under the name Michael Phelps and was gone. Helping to throw the cops off the scent was the fact that a rumor had been spread in the hacker community about "Condor" escaping to Israel.
In the village of Californian pensioners, pastoral and grace reigned, but Kevin suffered: there was not a single computer anywhere, and even the radio was hard to find. It was also not recommended to get behind the wheel of a car - Kevin had a license in his real name, under which he was wanted. He had to ride around the neighborhood on a bicycle and at the same time lose weight. But even here Mitnick found something to do: he signed up for a course on criminal law, where he listened very carefully to the mistakes that the police and the FBI most often "catch" criminals.
"Very interesting, continue, I'm writing it down"
In February 1985, Kevin was finally sadly informed that he was no longer wanted under a “dishonorable termination.” Our hero rushed back to Los Angeles, met his old friend Lenny di Cicco, and… they immediately went on another job. It was probably a case of compulsive disorder: Mitnick literally could not help but break systems if he had even the slightest opportunity. So one night, using Lenny’s romantic relationship, they broke into the Hughes office and hacked into the ARPAnet via a VAX computer.
By 1985, ARPAnet already had thousands of nodes both in the United States and abroad - and as a defense network, it included highly sensitive and secret ones.
The first thing the two hackers did was to get into the Dockmaster computer system from the resources of none other than the National Security Center of the US NSA. No small talk, right? However, this was again largely a “social hack”: Lenny managed to impersonate an employee of the center and get the login data from one of the real employees of the US NSA Computer Security Center . They didn’t manage to find out anything particularly interesting, but both friends were delighted with the opportunity to poke their noses into the NSA’s coffers.
And it’s no surprise: let me remind you that it is the NSA, not the FBI or the CIA, that is literally the “all-seeing eye” of the American government, monitoring everything and everyone.
However, Kevin did not give up hope for a legitimate career. The object of his dreams was to work as a programmer at General Telephone. But this required much greater knowledge and skills in the field of programming than the semi-self-taught Mitnick had. Therefore, having barely hacked the NSA for the first (but not the last) time, Kevin received a federal grant for training and became a student at the computer school "Computer Training Center" in Los Angeles. There he passionately fell in love with Assembler, realizing what broad opportunities with the proper knowledge and skills a low-level programming language provides. He liked high-level languages like COBOL less, but he diligently studied them too.
In class, Mitnick hid his knowledge of hacking and pretended to be a lamer when it was brought up. Well, at night, for most of 1985-86, Kevin and Lenny enthusiastically hacked into telephone company systems, not neglecting their favorite social engineering. The main thing was to know who to introduce themselves as from within a large company in order to pass for one of their own, but hardly personally familiar, employees - to whom all passwords and logins would be leaked routinely and without a second thought:
During this period, Kevin's main hobby was not so much hacking as phreaking, breaking into telephone networks.
By the end of 1986, Kevin and Lenny had taken over all of the Pacific Bell switches and the Utah and Nevada switches without the FBI noticing, but that wasn't the limit. The young talents had infiltrated the Chesapeak and Potomak Telephone Company, also known as C&P. It was already servicing no less than the US capital, Washington, including US government departments and the Pentagon. Thanks to this, Kevin was able to extend his metaphorical tentacles further, to the NSA, which had long been troubling him.
"The National Security Agency: The Only Part of the U.S. Federal Government That Actually Listens to You"
Kevin's first move was to gain access to the switchboard of the Maryland phone company that served the NSA. He figured out what common prefixes the NSA phone numbers had, then used one of their test procedures to listen in on the calls. And voila! He was soon tapping into a conversation that was clearly between NSA employees. Little did they know they were being listened to by a 24-year-old hacker from Los Angeles.
In his memoirs, Mitnick claims that, having achieved his goal and confirmed the awesomeness of his skills, he immediately stopped any further attempts to enter the holy of holies of the American Deep State. The times were tense and harsh, the Cold War was still going on, and he was not at all happy to repeat the sad fate of the character from Three Days of the Condor. On the other hand, Mitnick's entire biography literally screams that it would have been extremely difficult for him to refrain from THIS, regardless of the risks.
In any case, "according to the official version," Kevin only took a peek at the NSA and left immediately. And he even prudently wrote about that in his memoirs only after all the statutes of limitations had expired.
Kevin Mitnick and his 2011 memoir, Ghost in the Net
However, Big Brother did not give up trying to catch the annoying hackers: the first entry into the database of the National Computer Security Center of the US NSA from the office of an airline (!) was difficult to remain unnoticed. The FBI came for Lenny, he honestly tried not to spill the beans and furiously denied everything, but he was still kicked out of the company.
After that, everything seemed to calm down. Soon, Mitnick found his first mutual love, finally received an invitation to the very company where he dreamed of working, and even convinced himself that hacking and phreaking were over… But if everything were that simple, we wouldn’t be talking about “the greatest of hackers” now, would we?
So, to be continued.
Part 3: "My Fortune Has Turned Its Back"
In the last article, we left Kevin Mitnick at a time when everything seemed to be going well for him. He had sorted out his teenage problems with the law, had successfully poked his nose into the US National Security Agency twice, had finally received a grant for professional programming training, and had even become hooked on assembler. Kevin was already thinking about quitting hacking and phreaking — breaking into telephone networks, which had been his main hobby in his youth. But… If he had managed to quit then, we wouldn’t be writing a biography of the most famous hacker of the 90s, right?
So, it's 1986. Kevin Mitnick is still studying at a computer school and learning programming languages. Naturally, his classmates in those years were mostly guys, but sometimes he met girls. Among them was a petite Italian named Bonnie Vitello, who our hero fell hard for. The problem was that Bonnie was beautiful and popular, and Kevin... Well, Kevin loved fast food since his teenage years - as a result, he became plumper and plumper with each passing year.
Kevin with his mother in 1984: not very fat yet, but already bearded (before it became mainstream)
At first, Mitnick was sure that there was literally nothing to catch here - but courage and intelligence came to his aid here too. The first approach, however, was very geeky: Kevin tried to attract the attention of his passion by asking her not to terminate the execution of his high-priority programs on the work computer. And when he decided to directly express his interest, he received a polite refusal: it turned out that Bonnie was already engaged. Well, that's a challenge, Kevin decided!
The northern outskirts of Los Angeles in the 80s - this is roughly where Kevin Mitnick lived
To begin with, Mitnick continued the conversation anyway — and after a while, he found out that Bonnie suspected her fiancé of not telling her everything about his finances and debts. Finding out other people's secrets? Ha! You found the very man who loves it, knows how to do it, and practices it. Kevin got into the TRW credit company system, and also found discarded reports on the credit history of potential buyers in the trash at the Ford dealership — with the access codes to the system kindly left behind. Whoosh, and very soon Mitnick had a complete credit history of his competitor for Bonnie's hand and heart. As expected, the comrade was deeply in debt, although he pretended to be a wealthy macho. The engagement was broken off, and Bonnie began to sympathize even more with her hacker friend.
Literally a couple of weeks after breaking up with her fiancé, Kevin became her new boyfriend. The fact that Bonnie was six years older than Kevin was only to her advantage: she was more experienced and knew how to organize a relationship, while our hero was a real lame in a personal sense. Perhaps the couple of a fragile Italian beauty and a heavyset geek looked a little dubious by the standards of California in the 80s, obsessed with gorgeous female and male bodies, but for the first few months they were completely happy. They devoured tons of Thai cuisine, and in order not to make her boyfriend even fatter, Bonnie taught him to take long walks along the picturesque mountain trails of the San Gabriel Range.
San Gabriel - Great Places to Lose Weight
Along the way, it turned out that Bonnie works at the very GTE company where Kevin Mitnick literally dreamed of getting a job - and for this he was ready to reluctantly quit hacking and phreaking. True, he clearly lacked self-control. For example, he deliberately stayed late at the computer school to hack the school network and ensure himself administrator rights in it. He was caught in this exciting activity by a system administrator named Ariel. But instead of a scandal and expulsion with shame, he suddenly offered Kevin ... to improve the network security system, and even count it as a diploma work. Mitnick happily agreed - and received a diploma with honors.
In his memoirs, Mitnick recalled this moment:
It seemed that life was going well, and Kevin had a stable future as a law-abiding corporate programmer.
Mitnick worked at GTE for a long time. Nine whole days. Then the security service came for him, accompanied by the same manager who had conducted the interview. Kevin was told he was fired, thoroughly searched, his disks were checked to make sure there were no corporate secrets or codes on them, and he was escorted with his things to his car in the parking lot. As Kevin found out later, GTE's security service had acquaintances in the security service of the Pacific Bell company he had hacked, who began to laugh like hell at their colleagues about the fact that their management had personally introduced a well-known and dangerous hacker into the ranks of the corporation.
This is roughly what Kevin Mitnick looked like from the point of view of US information corporation security in the 80s
Kevin didn't give up here either: he was honestly going to quit hacking and get an official job. An attempt to become an information security specialist at Security Pacific bank followed. Kevin's skills impressed the company, and he was offered a very solid salary of $34,000. However, there were reinsurers in the security service who dug into our hero's hacker background. The company asked if Kevin owned the amateur radio call sign WA6VPS and whether he had a bad habit of digging through trash bins near offices... after which they rejected his employment simply "just in case."
All these were strong blows for Kevin, which were smoothed out only by a wonderful relationship with Bonnie. The two boots turned out to be a pair, moved in together and literally lived in perfect harmony, munching peanut butter, walking through the surrounding hills and picturesquely cluttering the apartment: both were too lazy to clean, and "it was fine as is." However, Kevin, plunging into gloom from failures with employment, gradually began to cheat on Bonnie - naturally, not with other girls, but with his favorite illegal pastimes and still best friend Lenny di Cicco. He also got a job at the University of Southern California for advanced training, but instead of studying, he spent hours sitting with Lenny and enthusiastically hacking.
Then Kevin's painful addiction to hacking systems took hold of him again, to the point that he would increasingly hang out at the computer at home while Bonnie watched TV or read. Kevin's partial justification could be that he finally got a part-time job at Fromin's Delicatessen, where he helped improve electronic accounting mechanisms... And along the way, he tried to hack into the systems of the Santa Cruz Operations (SCO) telephone company. They were working on improving a version of Unix, Xenix, specially optimized for the functionality of telephone companies - and our hero couldn't wait to fully understand this thing already at the development stage in order to subsequently hack everything and everyone.
Using his usual methods of social engineering, Kevin found out the login and password for accessing the SCO network through Pacific Bell (mwa-ha-ha), after which he dug into it in search of the source code for their version of Xenix. The local system administrator was so kind that, having found Kevin in the system, he himself said that he could see him because “that’s the job” — and even created his own account with the nickname “Hacker” for him. Kevin, diligently feigning the idle interest of an amateur, did find the source code of the system, but it turned out to be too heavy for his modem. At least, that’s what Kevin himself later assured.
And everything would be fine, but soon Bonnie returned home to find the apartment turned upside down. The first thought was that thieves had broken in. However, it then turned out that the dollar bills from Kevin's stash were carefully laid out on the table. Next to them lay an official search warrant from the police department investigating computer crimes. But Kevin's computer was no longer in the apartment, as were all of his disks. This was a disaster. Even worse, the police came to Bonnie's work - to question her about the penetration of the SCO company database from her apartment.
Kevin was in a panic. In addition to the next problems for his own bottom, he was extremely worried about the fact that he had literally set up his girlfriend (we will leave the question of what he was thinking when he went online with her IP off-screen), and he was sure that after that she would definitely leave him. He also caused problems for his mother and grandmother, who had to spend a lot of time looking for a lawyer. At that time, Kevin was sitting in a hotel with Bonnie, and they were either crying on each other's shoulders or breaking the bed in an attempt to distract themselves. To Kevin's surprise, Bonnie did not accuse him of incredible idiocy and irresponsibility, but said that they needed to go through this together. In his memoirs, Mitnick honestly admits that Bonnie loved him, and he behaved like an asshole.
After speaking with lawyers, Bonnie and Cla... sorry, Kevin turned themselves in to the Los Angeles County Sheriff's Office in West Hollywood and confessed. Aunt Chickie posted $5,000 bail. Over the next few months of 1987, the couple spent most of their time with lawyers, went to court multiple times, spent all of their savings, and were forced to borrow heavily from Kevin's relatives.
In these unhappy circumstances, they got married, not so much for romantic reasons as for legal ones. As spouses, Bonnie and Kevin had the right not to testify against each other in court, and Bonnie could also visit Kevin in prison, where he was likely to end up.
Kevin Mitnick and Bonnie Vitello's wedding party, June 1987
In addition to the criminal charges, SCO sued Kevin and Bonnie for $1.4 million each for “damages.” However, the company agreed to drop these lawsuits if Kevin would tell how he had managed to get into their system so ingeniously. During an official interview with the company’s system administrator, Mitnick honestly admitted that he had not hacked anything as a hacker, but had used social engineering methods and, under a convincing pretext, had gotten the login and password from a Pacific Bell employee.
In the end, it was limited to two years of probation and a fine of $216 for Kevin and a complete dismissal of the charges against Bonnie. Kevin also had to officially promise not to commit any more offenses.
But unlike the computer, Kevin's disks were not returned, and they were enough evidence for new charges. The cops sent the disks to Pacific Bell's security service. They were extremely impressed by the contents, but they did not charge Mitnick with anything and only sent an instructive letter to their offices listing his adventures and which of his employees had screwed up and how. Kevin managed to get hold of the text of the letter, and the hair on the back of his neck stood on end: if the corporation's management wanted, he should have been dealt with not by the regular Santa Cruz County cops, but by the FBI.
Below we will quote from the memoirs what exactly was found on Kevin's disks
Over the next year, Kevin held on as best he could. He officially took a job at Franmark; Bonnie continued working at GTE, although she suspected that she was under very close security scrutiny. The couple began saving for their own home and, to save money, moved in with Kevin's mother - with obvious consequences for family life in the near-constant presence of a hyperactive mother-in-law.
To cope with the stress, Kevin… no, he didn’t propose moving out again, or exercise, or see a therapist, or take antidepressants. He got close to Lenny again, and the hacker buddies couldn’t think of anything better to do than hack into systems again. This time, at Digital Equipment Corporation (DEC).
Kevin and Lenny enrolled in the computer lab at Pierce College and the first thing they did was hack into a terminal there, trying to copy the Micro VAX virtual memory system. However, it could only be copied to a magnetic tape reel, the process took several hours, and Kevin was warned in time that Professor Schlippenbach had noticed the outrage and wanted to ambush the intruders.
In the end, Kevin and Lenny didn't go to pick up the reel, but they still came under suspicion - reputation, you know. After that, the friends discovered that a real hunt had begun for them. The cops literally followed them home in the evenings, and sometimes they were even found on the roofs of college buildings, spying through binoculars on what a couple of hackers were doing there.
Later, Kevin, through the same social engineering, managed to find out that while they were trying to hack into DEC's systems, the corporation's security service was already working with the police to catch them hacking. DEC even planted an employee in the college, who was monitoring Kevin and Lenny through the computer systems from a specially designated room.
Even Kevin and Lenny's personal accounts and directories in the college system were under the control of DEC programmers. And here Kevin couldn't resist a joke. He wrote a simple script that listed the files in his directory over and over again. Since all actions in the suspects' directories were recorded with output to the printer, the poor agent soon found himself literally buried in paper from a continuously running printer. Technically, this was not a violation (Kevin and Lenny tried very hard to not get caught in any way from the moment they were discovered being followed), but they were still expelled from college based on the totality of evidence and suspicions.
In fact, this was the beginning of Kevin's future habit of mocking the agents who were following him.
It seemed like everything was screaming at Kevin to stop. In California, he was known as a hacker by seemingly everyone, including the cleaning ladies and the doughnut vendors. Did he stop? Of course not — in fact, he went on a rampage, eventually attracting the attention of not just the county or state police, but the FBI itself.
But more about that in the next part.
Part 4: The Strangest Reason to Hack the Military
In the previous article, we told you about Kevin Mitnick’s failed attempts to become a law-abiding citizen, a corporate IT specialist, and even a good husband. The sins of his youth and the fame of a dangerous hacker followed him literally on his heels — and then detectives joined the pursuers. And our hero was bad at dealing with stress without hacking something and breaking into someone’s networks just for fun. Kevin and his best friend Lenny couldn’t resist trolling the agents watching them even under total control — and as a result, they were kicked out of college. Naturally, they didn’t stop there, which led to some very serious consequences.
In the 1980s, Digital Equipment Corporation was one of the largest manufacturers of mini-computers in the world, and their products were of great interest in the USSR
The main reason for Kevin and Lenny dropping out of college was their keen interest in the software of the Digital Equipment Corporation (DEC). The interest was mutual: while the hacker friends were trying to get the code of their VMS operating system along with the developers' internal data on security systems, DEC agents were following them along with the police and trying to catch them red-handed. It was Kevin and Lenny's joke about a corporation employee who was secretly monitoring their educational accounts that became the last straw - after the poor guy was literally buried under paper from the printer, which began to print a report on literally every action of the friends, they were asked to leave college as far away as possible.
Left without studying, Kevin and Lenny devoted all their time to getting the coveted code and shaming DEC and the police. By means of “social engineering” and phone phreaking, they already habitually pretended to be a call from a company employee from an internal corporate number - and received logins and passwords with the necessary access from yet another noob in digital security. After which they discreetly changed one of the passwords - which was done quite easily in those days - and soon they were enthusiastically digging through a directory with the delightfully inconspicuous name VMS_SOURCE. Oh, the innocent 80s!
In the 1980s, Digital Equipment Corporation nearly knocked IBM off the boat of modernity with its rapid advances in mini- and personal computers, but digital security was poor for just about everyone in those days.
Then our heroes wrote a "small tool" to bypass security verification systems - and hacked a couple more accounts with unlimited rights from among those that had not been used for more than six months. Thanks to them, they got into the mail of developers, including one of the creators of the VMS operating system Andy Goldstein, and found there letters from the British enthusiastic programmer Neil Clift from the University of Leeds, who was excellent at finding vulnerabilities in the system and helped Andy fix them. In the correspondence, Kevin and Lenny also found an analysis of the work of the harsh German hacker group Chaos Computer Club (CCC), which had previously managed to tweak the login system for the VMS operating system to make the user invisible - while simultaneously disabling security settings for him.
The history of the German hacker club "Chaos", also known by the abbreviation CCC, is a separate and very interesting topic, and the life of one of its founders, Karl Koch, formed the basis of the film "23"
Kevin contacted German hackers - who, as it turned out, were already aware of his identity - and together they began to improve their VMS hacking skills. Lenny, being less known to the police and corporations, managed to get a job at a company that actively used DEC computers running the VMS operating system - which allowed Mitnick and di Cicco to patch the hacking system literally immediately after each update. When DEC programmers created a sniffer program to detect unauthorized access to the system, it was broken literally immediately after its release.
Then Kevin and Lenny took on the Easynet computer network, which DEC was building for its computers as an alternative to the developing Internet. They planned to pump out large amounts of operating system source code data from it, but everything ran into the problem of a lack of servers to store it. Having come up with nothing better, the friends found nodes that connected Easynet to ARPAnet, which remained largely an American military network in case of a nuclear war. And these nodes were located mainly at American military facilities. And really, where else could two young talents store stolen data if not on secret military servers?
The first suitable node was found… at the US Naval Air Station Patuxent River in Maryland, which covers the approaches to the country's capital, Washington, and the largest naval base in Baltimore from the Atlantic Ocean. Soon, the space on their servers was completely filled with Kevin and Lenny's archived data, disguised as digital garbage. Then they got into the servers of the all-important National Jet Propulsion Laboratory in Pasadena, California.
Naval Air Station Patuxent River, which Kevin and Lenny hacked simply because they ran out of disk space
However, the computer scientists at the California research center were smarter than those at the naval air base. They managed to record the unauthorized modification of the files, performed reverse engineering by deciphering the structure of the binary files, and determined that the code used for the cracking was written by German hackers from the Chaos Club. Since some members of the West German hacker community, including one of the founders of the CCC, also collaborated with the KGB of the USSR, there was a considerable uproar in the American press in the genre of "German communist hackers are breaking into our secret servers!"
Fortunately, Kevin and Lenny were not noticed at the time. They hacked several less advanced military facilities that had Easynet connection points with ARPAnet and began to download gigabytes of source code for the VMS operating system version 5. Naturally, such huge amounts of traffic did not escape the attention of DEC system administrators, and they spent many sleepless nights trying to stop what was happening, blocking accounts and changing passwords. But by this time, Kevin and Lenny had such tight control over their entire system that they literally knew about all the “enemy’s” moves in real time — and took all measures to continue downloading everything they wanted.
And then one fine day, all the source code was downloaded. Now it needed to be transferred to magnetic tapes. The process was launched using good old social engineering - after which the number of tapes with the VMS source code in the stashes of hacker friends began to go into the tens. And everything would have been fine, but in the process, Kevin and Lenny began to compete in hacking computer networks, each time betting $ 150. It quickly became clear that Kevin was constantly winning one-sidedly. Lenny was getting more and more annoyed with this each time, but he refused to stop the competition on principle.
After some time, Lenny offered Kevin to hack the electronic lock to the office with computers - with a stake of the same $150. Kevin simply found the code in his wallet, Lenny, as usual, lost his temper - and when Kevin demanded his hundred and fifty bucks, he replied that he did not have any money at the moment. With approximately the same excuses, he continued to "freeze" his colleague for quite a long time. Then the indignant Kevin could not think of anything better than to call his employer company on behalf of the bailiff and announce the court decision to block Lenny's accounts. After which, as you might guess, he finally went beyond the orbit of Pluto on aphedron thrust.
(approximately here)
Soon, one night, Lenny invited Kevin to work from his office: he was trying to hack the account of Neil Clift, the same enthusiastic programmer who helped DEC improve the security of the operating system. Several days passed. Lenny called him again - supposedly, he finally received the money and he could pay. When Kevin arrived at the agreed place in the underground parking lot, he saw that his friend was grinning strangely, and when he finally got out of the car, FBI agents flew out from everywhere and laid Mitnick on the hood. A few hours later, he was taken to a federal prison on an island with the grim name of Terminal Island. Well, Lenny did not even fulfill Kevin's last request - to call his mother and tell him that he was detained by the FBI.
As it turned out, after the story with the lock, Lenny, completely mad with anger, told his superiors about what happened, and they informed the DEC and the FBI. On that last night of the hack, the computers in Lenny's office were already under the full control of the Bureau's agents, and Lenny himself was wiretapped to collect evidence. From the island prison, Kevin was taken to the FBI's Los Angeles office, and then to court - where he was presented with a whole train of charges.
Among them were:
- hacking into the US National Security Agency system and obtaining classified access codes;
- disconnecting the telephone connection of a former probation officer;
- fabricating a judge's credit report after Kevin didn't like his attitude;
- planting a fake story in the media that the national bank Security Pacific lost millions of dollars after Kevin was denied employment;
- repeated malicious use and disconnection of actress Kristy McNichol's phone;
- hacking into the police department's computers and deleting information about Kevin's previous arrests.
As the assistant prosecutor read out the list, Kevin's eyes widened and his ass grew hotter. He had indeed hacked and stolen a lot of data, but on these particular counts he was completely innocent! At least, that's what Mitnick claimed until his dying day. For example, all he had stolen from the NSA was an unclassified list of the agency's phone codes, which was publicly available on the ARPAnet in a file called NSA.TXT. It wasn't Kevin who had planted the fake about the bank. And he had no connection or interest in the actress Christy McNichol - and she herself later denied any problems with the phone.
However, all this did not help. American Themis turned out to be extremely unfair to Kevin, and he finally lost faith in it. What this led to - we will tell in the next part.
Part 5: The Phantom Number and the Mysterious
So, Kevin Mitnick, due to the betrayal of his friend Lenny di Cicco, who inopportunely bombed from a lost bet, fell into the clutches of the FBI. In court, he was charged with various actions that he, at least as Mitnick claimed before his death, did not commit. However, many of his real crimes remained unknown at the time. At this point, in front of a prosecutor who spoke of his non-existent crimes, including the phrase "He can whistle into the phone and launch a nuclear missile from the NORAD base!", Kevin began to doubt the American justice system. As a result, he decided to do everything possible to never get caught. However, abiding by the law and giving up hacking were not part of his plans...
The Los Angeles Courthouse next to City Hall
The capture and trial of Kevin Mitnick was hailed in the American press as a landmark victory for justice against one of the most dangerous hackers, who could break into virtually any system using a computer and a regular telephone. Time magazine ran an article in January 1989 that said: “Even the most dangerous criminals are usually allowed to use the telephone, but Kevin Mitnick is not. At least not without a guard watching. And he is only allowed to call his wife, mother and lawyer. Giving Mitnick a telephone is like giving a gun to a criminal. The 25-year-old former college student is accused by federal authorities of using telephone lines to become one of the most dangerous computer hackers of all time.”
In the public eye, Mitnick already seemed like a sinister superhacker in 1989, capable of starting a nuclear war just for fun.
Mitnick was both flattered and outraged by such assessments. At the judge’s request, he was in a solitary confinement cell measuring 3 by 2.5 meters, and once again in his young life he sadly looked out the narrow window at the center of Los Angeles, which was seething with life, but so inaccessible. Later, he would describe this oppressive existence as spending many days in a cell for 23 hours a day with a dim light bulb. He was taken out of the cell only to take a shower and take a short walk in a small courtyard-well. Mitnick’s rare meetings with relatives, the radio and books he was allowed, as well as… mountains of high-calorie and sweet food that he ordered from the prison store as an anti-stress, helped him stay sane. As a result, during his time in the cell with minimal physical activity, he gained weight up to 109 kg.
Living conditions in solitary confinement looked something like this
Kevin could only make calls from a payphone, to a strictly limited list of numbers for relatives and a lawyer, under the supervision of a security guard. He could only call his wife Bonnie outside of working hours. In a combination of longing for his beloved wife, a desire to show the system his independence, and spite, Mitnick learned to call Bonnie at work under the guise of calling her mother. To do this, he would dial the number on a payphone blindly, pretending to scratch his back, and then discreetly hang up, holding the receiver tightly to his ear so that the guard would not hear the beeps.
American prison payphone
After two weeks of such calls, Kevin Mitnick was visited in his cell by surprised men in civilian clothes. They took him into the interrogation room and began asking him how he was able to make unauthorized calls right in front of the guard. Kevin denied everything, but the phone connections from the prison payphone were easily tracked. Eventually, he was given a personal phone, but with one caveat: the device itself was outside the cell, the guard dialed the number, and only the receiver was given to the cell. Now even Kevin Mitnick, with his dexterity and intelligence, could not bypass the system, and he was furious.
At first, DEC, whose source code Kevin and Lenny accidentally uploaded to the servers of US military bases, planned to bring the most serious charges against Mitnick. The federal authorities also wanted to stage a high-profile and show trial of a dangerous hacker who posed a threat to national security. However, while Mitnick was in solitary confinement, the company's management reconsidered its position and became less harsh. As a result, Mitnick managed to conclude a pre-trial agreement: he admitted his guilt, revealed to Andy Goldstein from DEC all his methods of hacking their systems and testified against Lenny di Cicco, which Kevin was very, very happy about.
As punishment, he was sent to a federal prison for one year, or, as they would say in Russia, to a penal colony. In addition, Mitnick had to spend another six months in a social rehabilitation center for ex-prisoners. Luckily for Kevin, in the colony in Lompoc, he was not placed with representatives of the criminal world from South Central or Grove Street, but with people who, like himself, were intelligent and were mostly in prison for financial crimes. One of his cellmates literally transformed Mitnick physically: he taught him to take long walks and exercise, and also convinced him to switch to a healthy diet. The hacker's physical data gradually returned to a more decent state.
Mitnick had to learn to love dishes like rice with vegetables, which he had previously despised as a fast food fan.
However, literally on the eve of his release, life once again presented Mitnick with an unpleasant surprise. His beloved wife Bonnie, whom he dreamed of returning to every day in prison, announced that she was filing for divorce. Moreover, with the help of the same social engineering and his technical savvy, Mitnick learned that she had been cheating on him for some time with his best friend Lewis de Payne. Attempts to get Bonnie back were unsuccessful. In anger and stress, Kevin began to actively engage in physical exercise, and as a result, instead of 109 kilograms, he weighed only 64 kilograms.
Kevin and Bonnie at the wedding (and this is before prison)
Kevin after switching to physical and healthy lifestyle
After working for a while in tech support and rehabilitation, Mitnick moved to Las Vegas, where his mother lived. There he purchased one of the most advanced mobile phones of the time, the Novatel PTR-825. Kevin immediately began to think about how to use this phone to make calls and talk without being tracked and tapped by federal agencies. Using his social engineering skills and ability to bypass office procedures, Kevin, posing as a company employee, received several special chips with modified firmware from a certain Kumamoto-san from Novatel.
Novatel PTR-825
There was still a lot of work to do after that, including a long game of cat and mouse with the FBI. But even in his later years, Mitnick considered this chip scam by Novatel and other companies to be the pinnacle of his social engineering skills. Each of these chips, with special firmware for technicians, allowed the phone's ESN to be freely changed and hidden from the cellular network, making it look like any other phone from the same manufacturer. Now Kevin was a ghost in American cellular networks, elusive to eavesdropping. As befits a Condor, Mitnick took this hacker pseudonym in honor of the protagonist of the 1975 American spy thriller, who masterfully evaded pursuit by CIA assassins.
Mitnick liked to associate himself with the main character of the film Three Days of the Condor
And it was very fortunate, because soon Mitnick received information through mutual friends that Eric Heinz, one of the greatest hackers of his time, wanted to meet him. According to rumors, he and his team had penetrated the systems of US telephone companies so deeply that they could do whatever they wanted there, and Eric himself told how he bought himself two new Porsches by rigging the results of telephone TV contests. Kevin hesitated for a while, but eventually the thirst for adventure and hacking won out. He contacted Heinz through his "shadow" phone and they began to communicate carefully and gradually. Lewis de Payne, the same one who stole Kevin's wife, also took part in this. Mitnick never forgave him completely, but the quarrel did not last long, and the old friendship with a common passion for hacking outweighed the insult.
Lewis de Payne, Kevin's best friend and a bit of an enemy
Eric clearly wanted something from Kevin and was trying to find out as much as possible about his hacking activities and his acquaintances in this field. Mitnick, of course, was wary - this all resembled some kind of trick on the part of the FBI. In his opinion, Heinz even phrased his questions like a cop or an investigator, and not like a hacker. But that was not the only problem. Mitnick could not find a normal job because of his reputation as a dangerous hacker. Worse, a special handler assigned to him according to protocol called every potential employer that Mitnick was supposed to tell him about and warned them about the possible risks of working with Kevin. Naturally, few were willing to take the risk. Mitnick was also kicked out of an advanced programming course at the University of Nevada. In the first week of classes, he could not resist and hacked a workstation, receiving administrative rights.
Meanwhile, the conversations with Eric Heinz continued. One day, Heinz told Mitnick that he and another hacker, Kevin Poulsen, who was later captured by the FBI and sent to prison, had broken into a central telephone exchange in West Hollywood at night. There they found strange equipment and a Switched Access Service (SAS) unit in one of the rooms. As they found out, the system was intended for testing telephone lines, but in fact provided the ability to eavesdrop on telephone conversations on the network. Mitnick was fired up by the idea of getting personal access to this system.
Using the same social engineering talents, he first obtained the system developers' contacts from Pacific Bell technicians. Then, posing as a Pacific Bell employee, he obtained detailed information on how to operate SAS, including remotely, from the system developers. Moreover, Mitnick managed to obtain complete technical data and instructions from the SAS developers. As a result, Kevin and Lewis were able to listen in on any call in Southern California. The scheme had a funny bug: when Kevin connected to the wiretapping system, he had to loudly hum into the receiver, simulating the beep that should have occurred when the equipment was triggered.
Having received information from Heinz about the existence and capabilities of SAS, Mitnick first used it to figure out Heinz's number. Heinz never gave this number directly, contacting him through his other colleagues on a conference call. Then, posing as a telephone company repairman who was troubleshooting, Mitnick also learned the address of the house where Heinz lived. Mitnick especially emphasized that he was able to so easily deceive company employees and pretend to be their colleagues not because he came across frivolous idiots, but because he carefully studied typical process protocols, the manner of communication of people of different professions, professional slang and habits. Thanks to this, he could easily gain their trust, introducing himself as "one of their own from the next office."
In essence, Kevin Mitnick was a kind of hybrid of a cool hacker and Ostap Bender
A lot changed in Kevin's life after a family tragedy that occurred in early 1992 in Los Angeles. His brother Adam was found dead in a car near a crack house. Doctors stated that the cause of death was a drug overdose. The LAPD, the Los Angeles police, did not show much interest in the death of "another fucking junkie" - it was 1992, literally the time and place of GTA San Andreas. However, Kevin decided to independently investigate his brother's death. He was bothered by the fact that the injection site of the syringe did not match the usual place. Kevin suspected two people of involvement in his brother's death: one of his friends and their mutual uncle Mitchell, who also abused substances and could have hooked his nephew on them.
Unfortunately, all of Kevin's knowledge of hacking and social engineering didn't help him find the clues and collect evidence. It wasn't until many years later that one of Mitchell's ex-wives, who had already died, told him the truth: his uncle and Adam had indeed been using drugs together that night. Adam had overdosed after Mitchell's injection, and in a panic, his uncle didn't call 911, deciding that his own ass should be the priority, not his nephew's life. Instead, he and another addict put Adam in a car and drove his body to a known drug den.
During the investigation, which Kevin tried to conduct in parallel with the hacking of the SAS system, he lived in his father's house and, thanks to the common tragedy, unexpectedly for himself for the first time in his life became close to him. However, at some point he realized that under the weight of his brother's death and consolation of his father, he made idiotic mistakes that could cost him very dearly. In particular, he used for some calls, including the hacking of SAS, not his "ghost phone", but one of the phones that were in his father's house. These phones could be tapped by the FBI, the police, or the Pacific Bell security service out of habit. Mitnick was still on probation and was at great risk of going to prison for a decent term for this. Of course, he really did not want to go to "jail" again.
Kevin used technical skills and social engineering, posing as a Pacific Bell security officer, to find out from the switchboard operator at the nearest telephone exchange that there were three gray boxes attached to the wires at the exchange that security had installed there. Mitnick went cold, but found out through the operator that the wires were not wired at his father's house, but at a company called Teltec Investigation. It was engaged in private investigations and what is now called collection. And the head of the company, coincidentally, was an old acquaintance of Kevin's father named Mark Kasden.
When Kevin and his father arrived at the Teltec Investigation office and told Kasden that his phones were being tapped, he just laughed and said that the young man was playing James Bond. A few minutes later, when Kevin, using his cell phone and SAS, playfully turned on the tap on the call between Mark's office and his girlfriend, Kasden was no longer laughing, but was amazed and delighted. And he suggested that Kevin consider working for his company. However, Mitnick continued to study the strange gray boxes for tapping through calls to Pacific Bell employees under the guise of their colleagues from different departments ... and at one fine moment he discovered that the said boxes were cunningly tapping three phones in his father's house, and not Teltec Investigation.
The initial suspicions turned out to be correct: Pacific Bell's security service simply understood the extent of Mitnick's intelligence and skills and took measures to make surveillance of him as unnoticeable as possible. At the same time, the wiretapping was completely legal, with the consent of the police. Kevin was horrified: the specter of another incarceration became more tangible than ever. It was unclear when exactly the wiretapping began and how much the wiretappers had managed to learn about Kevin's latest illegal adventures. He urgently arranged for his father and Lewis to remove his computer and all incriminating materials from the house. After which they thought about it and managed to find a way to listen in on the wiretapping of Pacific Bell's security service. As it turned out, it was far from always carried out with the sanction of the police and the court - and in one case Kevin and Lewis discovered a wiretap on the phone of a federal judge.
Then Kevin and Lewis had their first face-to-face meeting with Eric Heinz. They immediately disliked him: the guy was very arrogant, persistently talking about how he changed women like gloves, and clearly assumed that "these two" would beg him to let them work with him, the great hacker, at least a little. However, no one was going to beg him - and this clearly angered Heinz. He said that during an illegal penetration of the Pacific Bell station, he managed to get a copy of the dossier on Mitnick, which was kept by the company's security service. Naturally, Mitnick was very interested in getting this information, but when asked directly, Eric began to evade and say that he did not remember where he put it, and would try to look for it, but did not promise anything.
Eric Heinz looked like this
Kevin and Lewis decided to impress their arrogant interlocutor themselves and told him, with a demonstration on their laptop, that they had full access to the very SAS system that he had told them about. Heinz again could not or did not want to hide his anger that the "newbies" had bypassed him in such an important matter. And then things started to get weird. Eric literally demanded that his interlocutors not touch SAS - supposedly it was too dangerous, since this system, which made it easy to wiretap phones, was used by (who would have thought, yeah) the FBI. Then Eric went to the toilet... leaving his laptop on the table in the cafe, as if inviting his friends to look in. Kevin and Lewis thought it was some kind of setup and did not risk it.
An example of a laptop from the early 90s, Toshiba T3200SX
Upon returning, Heinz boasted that he had a universal key for physical access to any of the telephone exchanges. The parties parted clearly dissatisfied with each other, but at the same time interested in each other's resources. However, Kevin was literally running out of time and his ass: he did not know from what date the wiretapping had been installed in his father's house, and what the security service and the FBI might know. If they knew too much and were just waiting for a convenient opportunity to arrest him, it was time for him to flee the United States to any country that did not have an extradition agreement with Washington. Kevin and Lewis, knowing the previously calculated address of Heinz's home, went there - and found not a hacker's hut, but a pretentious apartment complex with a swimming pool and other joys of life.
Modern photo of this apartment, 3636 S Sepulveda Blvd, Los Angeles, CA
Eric was literally furious that they showed up at his house without asking. Kevin asked for a master key. Eric refused to give it to him. Kevin risked telling him about the wiretapping in his father's house. Eric still refused to give the key, but suggested going to the center together some night. After that, he openly gave his friends the cold shoulder for a while, each time promising "tomorrow for sure." One morning, instead of another denial, Eric suddenly said that he went there himself, correctly named all the numbers his father was wiretapping, and said that the wiretapping had begun on January 27. However, there was a nuance: Eric said that they did not have to break the mechanical lock on the door, since he was not there that night.
However, Kevin often drove past that center and saw that the lock was always in place, including that morning. The oddities multiplied. Kevin and Lewis increasingly suspected Eric of being a pathological liar at best, and of working for the FBI at worst. The arrest of Kevin Poulsen, with whom Eric had previously worked and penetrated the phone center, also took on particularly unpleasant tones in this light. When the friends discovered that all the numbers of the Impac Corporation company, where Lewis worked, as well as his home, were wiretapped, they decided to try to expose Eric.
They called him from a ghost phone and told him about Lewis's wiretap. Eric promised to try to figure it out, but for some reason he immediately refused to consider the version that it was the FBI. The next day, Eric called them himself on the agreed number - saying that he was calling from a pay phone. But the call was clearly not from a pay phone. Worse, Heinz tried to get Lewis to verbally admit to using illegal mechanisms at work. At the same time, Lewis called Eric's home number, where an unknown man immediately answered. Irritated, Heinz said that no one should be at his house, he did not like these oddities and he was lying low.
Kevin and Lewis rolled up their sleeves and threw everything they had into figuring out who this fucking Eric Heinz was. Their first few discoveries made their hair stand on end: the calls from Heinz's apartment revealed that he was calling the FBI's Los Angeles headquarters, among other places. Then things got even more fun: they discovered that he had been given an expensive apartment without the usual background checks and so on, and that he was listed there under the name Joseph Wernl. They also found a cell phone number... which turned out to be registered to U.S. government agencies and the name Mike Martinez. Finally, when they got hold of a printout of the calls from that number, they found out that it was constantly calling not only the FBI's Los Angeles headquarters, but also some numbers in Washington, D.C.
"Eric Heinz" was definitely and very actively working for the FBI, this could be considered proven. The only question was whether he was a career undercover agent, which did not fit well with his image of an informal metalhead and strange for an FBI officer manners and complexes, or whether the feds were simply using him as an informant and provocateur in the hacker environment for money, and / or keeping him on the hook for past sins. Having obtained some more classified data, Kevin managed to identify some of "Eric's" regular telephone interlocutors: they, as expected, were FBI employees and Pacific Bell security service. Mitnick even managed to establish the name of the head of his new adversary: Ken McGuire, a career FBI agent from the WCC3 special unit for combating "white-collar crime".
With the help of social engineering, Kevin managed to figure out the real name of "Eric": Joseph Weiss. A career FBI agent. Yes, in the intelligence services of any country there are quite a lot of people who are quite typical for an experienced eye of types, manners and bearing, but still, not all intelligence officers look like intelligence officers. Joseph Weiss, who looked like literally the complete opposite of a typical "federal", who were nicknamed glowies for their visibility even under cover, is a striking example of this.
Joseph Weiss's documents, which Mitnick would later obtain
Kevin knew that the FBI was literally on his tail. However, he had no intention of fleeing the country or at least hiding and lying low. Instead, he led a demonstratively ordinary life... and carefully, with the help of his ghost phone, SAS and growing access to various institutions and their databases, began to study those who were obliged to follow him. Namely: Joseph Weiss and his colleagues. Thus began the very game of cat and mouse between Kevin Mitnick and the FBI, which became a legend in the history of the hacker movement, and turned Mitnick himself into one of the most wanted criminals in the United States, whom even the FBI employees treated with respect and admiration. But more on that in the next part!
Part 6: Cat and Mouse with the Feds
In the previous part, we told how Kevin Mitnick and his friend Lewis managed to figure out the fake hacker "Eric Heinz" - FBI agent Joseph Weiss with the appearance of a slacker rocker, who was playing an operational game with them. The friends, thanks to technical skills and social communications skills, managed to figure out many details - right down to Weiss's colleagues at the Los Angeles FBI headquarters and the address of his parents. At first, Kevin thought about fleeing the country - he really didn't want to end up in prison again, but excitement, a sense of protest and a desire to screw the system over again took over. Mitnick began to play cat and mouse with the FBI. While the FBI tried to follow him and collect evidence for the trial of "the most dangerous hacker in the United States", he learned to track every step of the agents hunting him.
Kevin Mitnick later said that he literally couldn't resist looking for all the information he could about his new enemy: FBI agent Joseph Weiss, aka "famous hacker" Eric Heinz, aka apartment tenant Joseph Veril, aka cell phone subscriber Mike Martinez. Mitnick was also interested in Weiss's immediate superior, Ken McGuire, at FBI headquarters in Los Angeles.
Ken McGuire still works for the FBI today.
To further penetrate the secrets of the feds pursuing him, Mitnick skillfully and habitually disguised himself as a Los Angeles Department of Water and Power (DWP) employee from a special unit that handled law enforcement and emergency services. Employees of this unit were required by security protocols to request certain data from police officers, FBI agents, and so on, since they were giving them access to classified data on civilian suspects.
DWP building in Los Angeles
Mitnick took advantage of this cheat. He went under the guise of a DRW employee to the FBI Special Investigations Division, which had caused problems for Kevin back in college, and obtained from a certain Sergeant Davidson a list of the agency employees in contact with DRW "for the formation of a correct database." And then (oh, the holy simplicity of the 90s!) a list of passwords for these employees, which they had to give to control access to sensitive information. Kevin then used the personal data of the careless Sergeant Davidson to make calls allegedly from the FBI Special Investigations Division especially often.
What can you do?
Mitnick's first move was to find out "Eric Heinz's" new address (he had just rented a new apartment in the same expensive apartment complex) and his new phone number, which was a real turnoff when the FBI agent didn't bother to register it under another fake name. Kevin's next target was the California DMV. He called the sheriff's office extension as a police lieutenant named Moore, and spoke with enough inside knowledge that he was given a special DMV number to contact law enforcement without question or hesitation.
Then Mitnick figured out that calls to that number were being forwarded to one of 20 different numbers in the DMV database, so he arranged for one of them to be forwarded to his ghost phone. He began receiving calls from the police, the FBI, the Drug Enforcement Administration, the Alcohol, Tobacco, and Firearms Administration, and even the Secret Service, the oldest U.S. intelligence agency, which protects top officials and combats counterfeiters.
Secret Service employees on duty
According to protocol, all callers gave the operator their login details and passwords to log into the system, so that it could be tracked who was requesting what information about vehicle registrations for individuals and organizations. Mitnick diligently wrote down all this data until he had collected a sufficient database to log in under the names and passwords of many employees of different agencies. Then he turned off the forwarding, as if nothing had happened. Now Kevin could find out in a matter of minutes who was registered to certain cars, including those used for external surveillance and detentions by FBI agents. This would save him from arrest more than once.
At the same time, Kevin Mitnick was officially hired by the private investigation company Teltec. Its director Mark Kasden, a friend of Kevin's father, and co-owner Michael Grant were impressed by Mitnick's skills in gaining access to wiretaps and various classified data - which was very useful in their work as private detectives and collectors. They were also very interested in why someone had connected listening devices to their telephone lines. Kevin managed to find out that the wiretaps were installed by employees of the sheriff's department and the security service of the Pacific Bell telephone company, which very often became the target of his hacks, because of which he was repeatedly caught by law enforcement, and with which he had been conducting a kind of mutual vendetta for several years.
A typical Pacific Bell payphone
As it turned out, Teltec's office had been raided a few months earlier, suspected of illegally accessing credit card databases. Kevin managed to wiretap the line between a sheriff's department employee and the phone company's security service, and found out that the Teltec case had stalled completely. This pleased his new bosses.
Then Kevin thought about making some money using the method that "Eric Heinz" bragged about: winning radio contests with phone calls from listeners. Mitnick and his friend Lewis figured out how to do this: they got the radio station's internal number to bypass filters that limited the connection speed and the number of incoming calls from the official 8-800-... contest number, and organized "drum" dialing to always be the first. The thing is, the winner of a typical contest at Los Angeles radio station KRTH was simply the one who got through after a certain number of callers.
The scheme worked. Kevin and Lewis split the first prize of $1,000 in half. However, the same person could only become a prize winner once a year, so the friends organized the scheme through their relatives and acquaintances: whoever agreed to accept the money into their account received $400, and Kevin and Lewis split the remaining $600. Many agreed, since at that time... it was not even considered fraud or an offense. Having won about 50 times, the friends exhausted the supply of their acquaintances and "earned" about $7,000 each. According to Mitnick, this was the first time he used his skills to get money, and not just out of interest. For $6,000, Kevin bought his first laptop in his life, the then-fashionable Toshiba T4400SX with a 486 processor.
Toshiba T4400SX
And at that time he came up with a very insidious plan to fool the FBI at least until his suspended sentence ended in a few months and it would become much more difficult to throw him back in prison. He decided to deliberately leak to "Eric" through Lewis a fake about how he was going to contact some cool hacker group in Europe, either in Germany or Bulgaria, to participate in electronic hacking and theft of money from accounts.
The logic of the plan was as follows. Kevin still didn't know how much and what the FBI had managed to dig up about him since the surveillance and wiretapping of his father's house began. They could well have evidence to take him at any moment and throw him in prison for violating his parole. But if the FBI decided that the dangerous hacker Mitnick was going to go on a big and directly criminal case, then they would not take him, but would only keep an eye on him, so that they could take him at the last moment and loudly announce to the American people about the heroic capture of a threat to national security, a villain of computer technology.
Spoiler alert: this was far from the best idea Kevin Mitnick ever had.
The canard was launched, "Eric" became extremely interested and began to try to find out details from Lewis, but he denied that the cautious Mitnick had not told him any details. In parallel, Kevin began to listen in on calls from the Pacific Bell security manager, who was helping the FBI track Mitnick, using his ghost phone and a hacked SAS system.
While listening to one of the manager's audio conferences with his colleagues, he finally heard something that pertained to him: Pacific Bell's security team was brainstorming about how to finally catch the damn Mitnick, collect evidence on him, and hand it over to the FBI so that they could put the annoying hacker and phreaker behind bars. Kevin resisted the huge, mischievous temptation to jump in and say, "I don't think this is going to work. This Mitnick is pretty smart! You never know, maybe he's listening to us right now!"
The trouble came from an unexpected source: the police arrested Teltec owner Armand Grant. His son and the company director posted bail for him, but they were told that Armand would not be released for a couple of days. Mitnick offered to solve the problem in 15 minutes. He dialed the prison bail department's internal phone, introduced himself as a police lieutenant, and said that Armand should be released out of turn immediately after the bail money was deposited in the account, since he was helping with an important investigation. Soon Armand was met by his son and the company director.
Mitnick's search for all possible information about "Eric Heinz" became literally maniacal. After a long search, mostly using social engineering methods, he managed to find the numbers of his two Wells Fargo bank accounts and the latest transaction statements using the Social Security number he had already obtained. To Kevin's surprise, thousands of dollars were constantly coming and going from the accounts every week. He never showed up at Alta-Services, where the owner of these accounts was officially listed under the pseudonym Joseph Veril. Kevin became even more curious - and to clarify the picture of what was happening, he decided to get the tax return of the FBI agent who was following him.
However, the IRS discovered that "Veril" had not paid a cent of income in the last two years, because, according to the IRS, he had no income! Even more surprised, Kevin discovered that "Eric" had in the meantime finally left the apartment complex for an unknown destination. No big deal: Mitnick quickly found out "Joseph Veril's" new address through the already hacked Department of Water and Electricity. However, after Kevin's call, he quickly moved out again.
Then, knowing the number of "Eric-Joseph's" pager, Kevin found out its unique SAP code, bought a similar one and persuaded the company manager to enter it into the device on the grounds that "I accidentally drowned the previous one in the toilet." Now all messages that came to the agent's pager were duplicated on Mitnick's new pager. In addition, Kevin finally figured out how to wiretap "Eric's" phone number through the SAS system: after all, doing it directly was dangerous and pointless, the system made a characteristic click when triggered, which the subscriber could hear, and the agent knew this very well. However, Mitnick figured out how to bypass the restriction, and as usual instructed another company employee on what needed to be done on the equipment.
He did it just in time: soon he heard "Eric" discussing with his boss, Special Agent Ken McGuire, that Mitnick's home needed to be searched, and that in order to get a search warrant, he needed to collect at least some evidence. Kevin put down a pile of bricks on the spot, urgently changed his phone number once again, and rushed to tell Lewis that the feds were really on his tail and that he needed to get rid of any possible evidence immediately. Having shoved all the suspicious equipment and disks among reliable friends and relatives, Mitnick exhaled a little... and began to dig further about "Eric".
He managed to get a number from the Social Security system registered in the name of Eric Heinz. However, the database indicated that the bearer of this number was a disabled person receiving benefits who lost his leg in a motorcycle accident. In addition, it was indicated that Heinz's father was his full namesake. Having obtained his phone number and calling under the cover of a former classmate, Kevin was shocked once again: Eric Heinz Sr. considered the call a very cruel joke, and explained that his son with the same name died with his mother in a car accident at the age of two, and he never had any classmates. Mitnick even managed to get a copy of the death certificate of the real Eric Heinz from the Seattle Bureau of Vital Statistics.
Mitnick also managed to obtain a copy of the driver's license for "Eric Heinz"
As Kevin continued to analyze the FBI's phone traffic, he discovered that Ken McGuire was frequently calling the same number. The number, it turned out, belonged to David Schindler, an assistant U.S. attorney who had prosecuted Poulsen, a former colleague of "Eric Heinz" who had, by some strange coincidence, fallen into the FBI's trap and then into prison. This confirmed Kevin's worst fears: this was serious, the system was working hard and purposefully to put him in prison. Mitnick really didn't want to go to prison.
Mitnick managed to find out a new phone number through the same phone traffic analysis, and through it, the fourth address of "Eric" that he could remember: it was again an expensive apartment, this time near Hollywood. FBI agents live well, Kevin thought. And he began to prepare for a possible visit to his Teltec office. The thing is that Mitnick spent the night and hacked from his laptop "in secluded places", but even he couldn't work remotely at that time.
However, his work brought him not only legal money, but also moral satisfaction: he sincerely enjoyed helping to find and put the screws on various assholes, like malicious alimony defaulters or crazy relatives who kidnapped children from their parents. True, the methods of work of both Mitnick personally and Teltec allowed them to please and fork out their clients, but from the point of view of American laws they were more than questionable.
Kevin bought a radio frequency scanner and a cellular data interpreter. He managed to set up the equipment so that it would alert him whenever any of the numbers he had previously identified as belonging to the FBI, all of the "Eric" subscribers, and other characters he didn't want to cross paths with appeared in the coverage area of the cell tower closest to his office. Again, this was a good time.
One September morning in 1992, Kevin arrived at work before everyone else and heard a distinctive squeak from his work station. The system recorded the appearance of a cell phone in the coverage area of the tower near the office, and not just anyone, but the FBI Special Agent in Charge Ken McGuire, who was personally in charge of his case. He had been in the area for two hours already, and managed to make a call to a pay phone. Having immediately found out the address of the pay phone, Mitnick became even colder: the pay phone was located literally across the street from the rented apartment where he spent the night. The morning was no longer languid at all. The FBI was on Mitnick's tail almost literally.
Having exhaled slightly and having decided that if they were going to take him, most likely the mousetrap would have already slammed shut, and he himself would be lying on the floor and listening to the Miranda rules, Kevin waited for his superiors. He told them that it seemed like they had come for him - and they, being people experienced in such matters, were surprised only by the cunning and foresight of their colleague. Having taken all his things from the office, Mitnick, expecting a chase at any second, rushed out of the city to the north along Highway 101. Having got out and not noticing a tail, he called Lewis and warned him about what was happening. Then they additionally tried to get rid of all potential evidence. Kevin returned to Los Angeles and stayed for a day in a motel not far from his previous home. Having exhaled even more, and even going to work in the office without incident the next day, he regained his composure and decided ... to mock the FBI a little.
He returned to the rented apartment, which was already known to the feds, buying donuts along the way and putting them in a box with a large sign that read "Donuts for the FBI." He left the box in the refrigerator and wrote a similar sign on the door. Then he went to bed.
The love of police officers and security forces in general for donuts is an old American meme
At six in the morning on September 30, 1992, they came for him. True, Kevin woke up from the scraping of a master key in the lock - and in horror assumed that instead of agents (usually loudly knocking on the door and shouting about their departmental affiliation), robbers were trying to break in. Quite a normal assumption, given the place and time of what was happening: LA 1992 is literally a real prototype and source of inspiration for GTA San Andreas.
Mitnick yelled, "Who's there?!", hoping to scare off the robbers by telling them the owner would be ready to fight back. From behind the door, however, came the cry, "Open up, FBI!" At that moment, Kevin realized once again that he had somewhat overestimated his self-control, fearlessness, and moral readiness for a search. Chilled, he went to open the door, and only by the mechanically lowered gaze of the FBI agent who appeared in front of him did he realize that he had come out to the agents as if he were sleeping - completely naked.
As Mitnick had expected, the search was very thorough, but it yielded nothing. He was even a little offended that no one appreciated his joke with the donuts. Then one of the agents - Special Agent Richard Beasley, already familiar to him from previous misadventures - began the conversation. First of all, he quite traditionally told that Lewis "has already given all the evidence against you, so you better spill it yourself, otherwise you'll be gone for a long time." Kevin did not believe this, since he and Lewis had discussed this more than once, and the FBI certainly should not have had any evidence in this direction. However, then Agent Beasley turned on an audio cassette ... on which Kevin proudly showed Mark and Michael from Teltec the wiretap of Detective Simon and Pacific Bell security specialist Santos about the surveillance of Teltec.
However, to Mitnick's sincere surprise, he had not yet been arrested: there was still insufficient evidence for an arrest warrant. He said that he needed to consult with his father and a lawyer, and went to the car. The FBI agents also searched the car - and, to Kevin's horror, they found several forgotten in the glove compartment in the confusion of hiding the disks. He was accompanied by two cars with agents the entire way to his father's house - but they were unable to enter the home without a warrant. When the agents finally left, Mitnick rushed to the office. He did not find any agents or a search there, he breathed a sigh of relief, and just in case, arranged Format Disc C. For such arbitrary use of important company data, Michael Grant became furious and fired Mitnick. Later, Kevin learns that Grant was also going to use potentially incriminating data from his computer to leak it to the FBI and, at this price, get an improvement in the situation with the persecution of his father by law enforcement officers.
There were still three months left on his probation. Mitnick needed to hold out and not get arrested during that time—it would be much harder to put him away later. In early November, he tried to ask his probation officer for permission to go to Las Vegas to visit his mother and grandmother and celebrate Thanksgiving. To his surprise, he received permission on the condition that he report to the Nevada probation office and return by December 4. However, either his growing paranoia or his sixth sense literally forced him to stop shortly after entering the outskirts of the city and start listening to the Vegas police department’s radio using a specially converted radiogram.
Las Vegas 1992 is also very atmospherically conveyed in GTA SA
He studied how cops asked if a car was wanted, went on air, and asked for the same information about his own car. He got the cryptic response, "Are you clear with 440?" After asking the operator to stay on the line, he found out over the phone, posing as a DEA agent, what the code number meant to the Vegas police. It turned out that 440 meant "wanted person." And the operator's question was whether the calling cop could talk out of earshot of the suspect.
That's how Mitnick learned that a warrant had already been issued for his arrest, and that he was now wanted in every state. He later learned that he had been wanted back in early November for illegally accessing the voicemail of a Pacific Bell security officer, but for some reason they were in no hurry to arrest him. Now there was no question of going to the probation office to report: Kevin was officially a hunted man, and they would immediately seize him. He snuck into the Sahara Casino, where his mother was then a waitress, and told her everything. She was horrified and took him home to his grandmother.
Kevin hid with them for a while, notifying the department of his arrival by phone, claiming to be seriously ill, but then asked them to take him back to Los Angeles exactly by the evening of December 4, as he was obliged by the agreement with the handler. On December 7, his probation was ending, and he had a glimmer of hope that after that date the arrest warrant would be invalid.
He spent two nights in his apartment so as not to aggravate the situation by violating the parole rules, although he was very afraid of being arrested. Early in the morning on December 5 and 6, he went out to wander the streets and watch movies in the cinemas. Finally, December 7 arrived. The parole period ended. This time, he went to spend the night at his cousin's, and his mother stayed in the rented apartment to help pack for the move.
Every moment of time during these three days Kevin was expecting something like this.
On the morning of December 10, three men came to the apartment: a bailiff with an arrest warrant, and two FBI agents — including Ken McGuire himself. The mother told them she didn’t know where Kevin had gone, because “we had had a fight the night before and he had gone somewhere.”
Kevin realized that the only way to stay free was to go underground and live the life of a wanted criminal on the run. A new stage in the difficult life of one of the greatest hackers and "Ostap Benders" of American history was beginning. Since childhood, Kevin Mitnick admired and associated himself with the main character of the film "Three Days of the Condor", who skillfully hid from pursuit by CIA killers. Now he had to find himself in his shoes in practice.
Part 7: The Ghost in the Dead Man's Mask
So, December 1992 arrived. The cunning Mitnick failed to avoid the court issuing warrants for his arrest at the last moment of his suspended sentence. The gears of the US law enforcement machine were slowly but surely turning for his soul - and the FBI agents were even somewhat lazy and indifferent about detaining the hacker. They probably thought that a 100% computer geek, with all his skills in tricking the system, would not dare to go on the run and live underground. They underestimated how much Mitnick did not like prison - and how much he did not want to end up behind bars again.
Mitnick was planning to leave Los Angeles for Las Vegas by the most obvious route: Interstate 15, made famous by Hunter Thompson and Terry Gilliam. But before he set off, Kevin couldn’t resist taking another step in studying his personal nemesis, FBI agent “Eric Heinz,” who was masquerading as a successful hacker. Posing as an L.A. County Fugitive Income Tax agent, he requested copies of the driver’s licenses of all three of his opponent’s fake identities from the vehicle registration service.
Ken McGuire still works for the FBI today.
He asked for copies to be faxed to the Kinko's Club in the Hollywood studio area "for urgency." Mitnick, who was hiding at the time with his cousin Truvy, didn't know that the feds had already figured out this move, and the operator immediately reported the call to the senior special investigator of the same agency. He suggested sending Mitnick any suitable fake ID, and a standard template ID in the name of the non-existent "Annie Driver" was faxed to the club. Cars with vehicle registration investigator Shirley Lessiak, her team of colleagues, and a plainclothes FBI representative immediately left for the club to detain "one of the most dangerous hackers in the United States."
DWP building in Los Angeles
Mitnick, probably still not fully aware of the seriousness of the situation and the hunt for him, went to the club with his grandmother to get copies. Having parked for cover in a disabled parking space near a supermarket, the grandmother stayed in the car, and Kevin went to pick up the documents. By that time, law enforcement officers had been lying in wait for him for about two hours, and were sincerely waiting for the “damn Mitnick” to show up as soon as possible. The FBI agent even left on more urgent business. The hall turned out to be overcrowded, and it was Kevin’s turn to get angry and wait in line to receive a fax: there weren’t many of them in use yet, and receiving faxes was a popular commercial service.
Mitnick had no idea that he was already being followed by several people who had been hiding in the crowd of visitors. He had no suspicions even when the coveted folder turned out to contain the license of some unknown lady instead of "Eric Heinz". Outraged by the carelessness of the vehicle registration service employees, Mitnick wandered around the hall and thought about what to do, and he was followed by plainclothes officers of her own security unit, led by investigator Lessyak, waiting for a convenient moment to detain him.
Finally, Kevin left the building through the back door to vent his frustration on a pay phone – and as soon as he started dialing, he saw four men in civilian clothes, led by an energetic lady. They approached and introduced themselves as employees of the investigations department of the vehicle registration service. At this point, Mitnick was already acting on reflexes fueled by paranoia. Roaring, “I don’t want to talk to you!” he threw fax sheets into the air in the hope of distracting his pursuers – and took off running.
At that moment, he really appreciated all the time and effort he had devoted to training, losing weight, proper nutrition and a healthy lifestyle. And also his habit of wearing sports shorts and a T-shirt under his regular clothes. Having easily broken away from his less trained pursuers, almost like parkour through alleys and gateways, he threw his sweater and trousers into some bushes - and ran on, already under the guise of a person training on a run. After 45 minutes, he finally exhaled - and from the nearest pay phone, he dialed his grandmother on the cell phone that was left in the car.
Novatel PTR-825, which is roughly what Mitnik was using at the time
Nobody picked up the phone. Kevin had time to panic for her until he thought of calling his cousin and asking her to find his grandmother. She was found in the car, where Mitnick had left her. When, already at the agreed place in a remote cafe, he asked her why she had not picked up her cell phone, his grandmother was genuinely surprised and said that she had no idea how to use this ingenious device and was afraid of breaking something. It simply did not occur to Kevin that an elderly person from the early 90s might not know how to use a mobile phone. His grandmother also said that she tried to find her grandson in the building, but all she saw was a very puzzled lady with a videotape under her arm: it was investigator Lessiak, who had lost Mitnick, and she had a recording with Kevin’s images from surveillance cameras with her.
And so, the desert hills of eastern California and western Nevada were already flashing past the windows. Kevin was racing to Las Vegas in his beloved grandmother's car. She was driving - and, apparently, the cops did not yet have a description of her car. The trip passed without incident, Kevin stayed with friends of relatives. By this time, he had already drawn up preliminary sketches of plans for further action. The first step was to quickly create a temporary false identity. The second - a more thorough registration of the most plausible new persona with all the papers and documents. Approximately as "Eric Heinz" had already done more than once.
He had the system to back him up, of course, with four profiles created for him as an undercover FBI agent. But Mitnick decided to follow in his footsteps, albeit completely illegally. Kevin Mitnick was to disappear without a trace from the eyes of the state - and the hacker who bore that name was going to start a new life somewhere else under a new name. How to do it? Our hero was going to use both his extensive experience in social engineering and the results of his observation of "Eric Heinz" and his methods, as well as a semi-underground collection of tips for such cases called The Paper Trip.
The Paper Trip, by a certain Barry Reid — most likely also a pseudonym — was published in 1970 by the Californian counterculture publishing house Eden Press. It was intended to help Americans at odds with the system — like anti-war activists, social justice fighters, and radicals of all kinds — hide from its all-seeing eye by posing as other people. The manual suggested the best way to do this was to use the names, birth certificates, and Social Security numbers of deceased people who were similar in age, gender, skin color, and other characteristics — a method called ghosting.
The calculation was that the integration of different databases from different US agencies was only at the initial stage, the entire system was poorly computerized, and the Social Security Service might have no idea that a person with a particular social security number had been dead for many years. Databases in different states were poorly integrated, and often not integrated at all.
The manual considered the best option for the initial selection of candidates for ghosting to be a search in old newspapers for publications about families who had died collectively while traveling to other states: this reduced the likelihood of meeting living "relatives" and made it difficult to link databases about what had happened in different states due to the peculiarities of American document flow. This is roughly how the same "Eric Heinz" came into being - whose real prototype died in a car accident with his mother at the age of two, and his name and data were useful to the FBI to create a legend of its undercover agent in the hacker environment.
However, in order to urgently create a temporary conspiratorial identity, Mitnick decided to borrow the data of a completely living person. Under the guise of a postal inspector, he contacted the vehicle registration service of the northwestern state of Oregon and requested data on a certain Eric Weiss, born between 1958 and 1968. Why Eric and Weiss? These were the real first and last names of the famous magician, who gained worldwide fame under the name Harry Houdini. Mitnick once again could not resist a postmodern joke - and decided to temporarily borrow the data of the namesake of the great illusionist, whom he admired since childhood.
There was such a person in the database with a birth date of 1968 - five years younger than Kevin. However, thirty-year-old Mitnick was in excellent physical shape and could pass for a person of 25 years old. Then he found a number - and dialed ... Eric Weiss himself, asking if he was a graduate of Oregon's main university, Portland State University. He replied that he was confused with someone else, because he graduated from the university in Ellensburg. Having the first leads, Mitnick managed in a few weeks of social engineering and studying databases to extract almost all the personal data of the unsuspecting manager from Oregon and organize for himself a virtually complete package of documents in his name.
Kevin obtained a copy of the birth certificate and forged a W-2 tax form with data on salary and taxes at his alleged previous place of work. Based on this, he passed the driving test under the legend that he had lived in Australia for several years, where traffic drives on the left side of the road, and wanted to make sure that he had the skills to drive in the United States, where traffic drives on the right side of the road. This is how he obtained a driver's license in the name of Eric Weiss - which in the States largely replaces the functions of an internal passport in other countries. And the license allowed him to obtain an official duplicate of the social security policy - with which he could officially get a job.
From Vegas, Kevin Mitnick moved to Denver, the capital of Colorado on the border of the Great Plains and the Rocky Mountains. He chose this place as one of the most dynamically developing cities in the country with a fairly strong IT sector. At the same time, Colorado is located far from California, where he was sought, in the very heart of the United States. In addition, Kevin always dreamed of learning to ski, and from Denver to the ski resorts was a stone's throw: mountain ranges with ice caps are visible directly from the city.
Having reached Denver and temporarily settled into a motel, Mitnick began to look for a job in some company with a computer profile. He wrote a fake, but beautiful and convincing resume - and went to get a job in the local office of a large international law firm Holm, Roberts and Owens. At the interview, in order not to arouse suspicions of excessive knowledge, more typical of a hacker, he deliberately gave several incorrect answers on the technical part. His last place of work was listed as a non-existent Green Valley Systems from Vegas - and when HR called the number indicated in the resume, Kevin, slightly changing his voice, without unnecessary modesty gave himself the most flattering recommendations. Soon he was hired with a salary of $ 28,000 per year. He was supposed to go to the office in two weeks to become a general computer specialist, literally an IT guy.
Now, while there was still some free time left, he had to create another, permanent fake identity, which would be much more difficult to undermine. His choice fell on South Dakota - one of the quietest, most remote, agricultural and provincial states in the entire US - with a population of less than 700 thousand people at the time. Literally "Barnaul, Altai Krai" from the meme. There, Mitnick figured, the digitalization of databases and their comparison with databases of other states would not happen soon, and a lot of water would flow under the bridge since then. In addition, in South Dakota, death certificates were public documents, and any citizen had the right to access them.
Kevin made 20 business cards in the name of a private detective named Eric Weiss, which had a fictitious Nevada private detective license number, a fictitious Las Vegas address, and a fake phone number that went to an answering service. He made his way to the state capital, the town of Pierre with a population of only 13,000, and showed up at the state registrar's office in a formal business suit. The head of the organization was very gracious about the visit of such a polite person, and provided all possible assistance to the "investigation."
Growing up in the California metropolis, Mitnick was literally captivated by the quiet pastoral landscapes of South Dakota and the town of Pierre
Determined to create a new official identity, Mitnick dug through the archives in search of records of white children under three years old, originally from states not neighboring South Dakota, who died in South Dakota between 1965 and 1975. Along the way, Kevin used his social engineering skills to help one of the employees find her lost relative from Vegas — for which he was finally recognized by the team as “one of the guys.” He also accidentally found some treasures he really needed: blank birth certificates were simply lying around in boxes in one of the offices, and the official state seal (!) was simply always on one of the tables. In California or Nevada, such a thing would have been completely unthinkable, but South Dakota was a very quiet and peaceful place.
Seizing the right moment, Mitnick quietly grabbed the seal, locked himself in one of the offices and in five minutes organized 50 birth certificate forms with official seals, after which he returned everything to its original position. When Kevin finally sifted through all the archives, the employees saw him off almost as if he were a colleague about to quit, hugged him and almost cried. Having reached Denver, Mitnick, through his acquaintance from the Social Security Administration, picked up a suitable name for a dead child, to whom the parents had managed to assign a social security number. It turned out to be a certain Brian Merrill: now Kevin had to become a person with this first and last name.
For Mitnick, the quiet and calm office routine in a 50-story skyscraper in downtown Denver had finally begun. In his free time, he learned to ski, improved his legal literacy to avoid new problems with the law, and went to rock concerts. And everything seemed to be going well, but our hero’s misadventures were not going to end there…
Part 8: The Underground Man Gone Wild
In the previous part, our hero took advantage of yet another loophole in the system and created two new identities: a temporary one under the name of Eric Weiss and a more developed one under the name of Brian Merrill. Having obtained documents and records in state databases by hook or by crook, Kevin Mitnick got a job in the Denver office of an international law firm under the first pseudonym. The office routine of a generalist in a very friendly team of employees alternated with skiing in the picturesque Rocky Mountains, hours in the gym, long bike rides, trips to rock concerts and blackjack in Indian casinos. FBI agents seemed to have lost track of him and did not show themselves in any way. Life finally turned to the side he was looking for for “one of the most dangerous hackers in the United States”. But Mitnick would not be himself if he was satisfied with such a peaceful and quiet life.
Denver, nestled in the Rocky Mountains, is one of the most beautiful cities in the United States in terms of its surroundings.
Naturally, Mitnick, like a seasoned bird, did not forget to insure himself. Among other things, he wrote a special script, thanks to which any calls from the company's phones to the phones of the FBI offices and the US federal prosecutor's office in Los Angeles and Denver would immediately result in a coded message being sent to his pager. During his time working at the Denver branch of Holm, Roberts and Owens, the script worked twice: each time Kevin's heart sank below his heels, but both times it turned out that the calls had nothing to do with him. Just in case, he grew his hair long and had a mustache, which he had never worn before.
There are no surviving photos of this period of Mitnick's life, but he probably looked something like this
In addition, Mitnick at that time lived and worked under a temporary and not very well-developed pseudonym in terms of the legend, Eric Weiss - with the data of an unsuspecting real middle manager from the northwestern state of Oregon. He was not completely sure that he had thrown the feds off his tail - and refrained from starting a serious friendship with anyone, much less a relationship. He already knew that if they took him again, the FBI would give everyone close to him a lot of stress, and did not want to set up people he liked - with whom in another situation he would be happy to be friends or meet. Out of the same precautions not to blab to anyone too much, Mitnick almost never drank, even at corporate parties - except for light cocktails in bars.
However, there were also more cynical considerations: he was afraid of letting it slip at some point to a loved one, after which the latter could accidentally or even intentionally cast unnecessary suspicion on him. Mitnick, who once dreamed of being like the main character of the political thriller Three Days of the Condor, now literally found himself in the shoes of an illegal agent in hostile territory, and this turned out to be by no means as exciting as in spy films. But it was very lonely and very nervous. It is not surprising that many real intelligence officers, and not the steely super-agents from films and tabloid novels, have progressive mental problems (which is often why they fall apart), which they compensate for with alcohol and other not particularly useful things.
The only exception and gap in the security system of the illegal Mitnick were regular phone calls with his mother and grandmother, without which his cuckoo, worn out by persecution and loneliness, could really fly away somewhere. His mother would call him from a random phone in the Sahara casino, where she worked - and the call would go to a pre-agreed number, which he would enter into his cunningly upgraded phone. After several months of living in Denver, he could not stand it any longer and came by train to Vegas: several meetings with his mother and grandmother in secret, pre-agreed locations took place literally in the format of spy safe houses (Kevin suspected that his relatives were being secretly followed by the FBI with the aim of catching him).
And with all this, Kevin Mitnick... could not give up his main passion: hacking and gaining access to other people's data through social engineering. So, having hacked the computer of a hacker friend from Los Angeles and having found the login details for the accounts of employees of the company Sun Microsystems, Mitnick could not resist the temptation to go further. He got administrator rights for their network and got to the server with the source code of the latest SunOS operating system. Then his social engineering skills came into play: posing as a technical support employee, Kevin convinced the company employee to accept this source code, write it to a suitable medium and leave it at the checkpoint for the "courier".
At some point during Kevin's wanderings around the Sun Microsystems network and copying anything interesting from it, the administrators and security guys realized that someone was wandering around the system. They even figured out that the hacker was using social engineering, assumed that it was That Very Kevin Mitnick, and took a number of precautions. This only led to Mitnick starting to behave more cautiously, but by that time he was walking around their network as if he was at home and was quietly laughing, reading the correspondence about how he had been weaned off the Sun Microsystems system. One of the employees even received a thank you note on the wall for saving the company's network and defeating Kevin Mitnick - which, however, never actually happened.
Feeling the excitement and impunity, Mitnick went further. He targeted Novell and its network operating system NetWare: including because, according to rumors, everything was very cool with information security there - and it was all the more interesting for him to hack them. After the first successes in obtaining access passwords up to administrators, the scythe met a stone: when trying to get to the server with the NetWare source code, social engineering did not work, the employees quickly realized that a hacker was calling them under the guise of colleagues, the security service took measures. After several attempts, Kevin managed to get some of the files through some less cautious employees, but attempts to get the OS source code only ran into a wall of suspicion and security protocols. Moreover, Mitnick began to suspect that his voice was being recorded and could be used for new legal charges.
To improve his capabilities, Mitnick decided to switch from an upgraded but already outdated Novatel PTR-825 phone to the latest cool Motorola MicroTAC Ultra Lite model. But in order to turn an ordinary "mobile" into a secure tool for hacker manipulations and bypassing the system on bends, he needed the source code of the phone's software. Kevin began calling the company's offices and employees under the guise of an engineer from the Motorola R&D department in Arlington Heights, Illinois. And in this case, luck was on the hacker's side: in just a couple of calls, he ran into a naive young lady replacing her boss, who had gone on vacation, who did not suspect anything and was even so kind as to convince the wary security officers to allow him to send the latest version of the source code.
There was one problem: Mitnick made this call from a street payphone, having rushed out of the office and assuming that it would take more than one call and more than one day; it was a sharply continental Colorado winter outside, and while he was explaining to the young lady what FTP was and how to archive files, he managed to freeze to death. But Kevin was jubilant: according to him, he felt like a CIA officer who managed to recruit an agent in the Iranian embassy under the guise of a representative of a third country. Knowing our hero, you could already guess what happened next: Mitnick got brazen and decided to get into Motorola servers seriously and for a long time. In short, he decided - and did it. In the most brazen way. The company's employees, unlike the savvy Novell staff, were easily led by the most primitive social engineering and after a couple of polite phrases were ready to almost vouch for a random interlocutor in front of their own colleagues.
Kevin Mitnick let his guard down again, got carried away... and made mistakes again. At one not-so-great moment for him, he discovered that the administrator of Colorado Internet provider Colorado Supernet - on whose servers the hacker most brazenly stored his loot in the form of code borrowed from corporations - was monitoring his activities, including attempts to break into Novell and hiding pieces of NetWare source code on servers. And worse, he was concerned about what was happening to a certain FBI agent from Colorado Springs.
Mitnick, instead of immediately leaving Colorado and lying low, decided to have some fun and make fun of his enemies. First, he fabricated a fake registration file with data on his actions that did not actually take place, and sent it to the FBI under the guise of that same admin. Then he found an insufficiently cautious employee in one of Novell's offices, used social engineering to get into their network again and stole the source code of the latest operating system. At some point, he realized with his sixth sense that his actions were being tracked. Then, as the sacramental cherry on the cake, he couldn't resist writing: "I know you're watching me, but you'll never catch me." Later, Novell's security staff would tell him that they had indeed been reading his actions and were pretty freaked out at that moment.
After that, Kevin decided it would be a good idea to leave Novell alone... and switched to Nokia. Specifically, he decided to get the source code for the newest Nokia 121 phone. Now he had to call Finland, but Mitnick was already in no hurry. However, it turned out that the Finns from the Finnish office did not speak English very well: they had difficulty understanding Kevin, and Kevin - their attempts to express themselves in the language of Shakespeare. After several fruitless attempts, Mitnick howled and tried to switch to the British office of the company. It was better there, but only partially: the employee he managed to contact had a very pronounced British accent, and even with dialectisms, and Mitnick, who had previously only communicated with Americans, had to make a lot of effort to understand English by ear. The security measures in the British office were very primitive, so Kevin managed to download the source code of the Nokia 101 and Nokia 121 to the Colorado servers without any problems.
Mitnick decided to go further again. He was interested in the source code of the latest phone under development under the working code HD760. But then a problem arose: the Finnish company's security team realized that something was wrong and blocked the upload of files from their servers via FTP. Social engineering came into play, and Kevin was lucky again: he found a trusting lead developer with good English in the office in Oulu, Finland, who was so kind that he agreed to download the code, write it to a magnetic medium and send it to the Nokia office in Largo, Florida. Where Mitnick was going to pick it up himself or through one of his trusted friends.
However, when Mitnick started calling Largo and asking if the package had arrived, he was clearly being frozen on the line under various pretexts. He realized that they were stalking him again and trying to figure out the location of the outgoing call. Kevin turned to his friend Lewis, who came up with nothing better than to call Largo on behalf of none other than the head of Nokia's American branch, Karri-Pekka Wilska, demanding that they urgently send him a package. His pseudo-Finnish accent did not convince anyone, and the employees immediately reported the strange call to the FBI. It would seem that it was time to slow down, but Kevin and Lewis were stamping their hooves and were eager to get the source code at any cost.
Lewis called the Largo office again as Wilsk and instructed them to send the package to the front desk of the Ramada Inn, not far from Lewis's office. When the package arrived, Kevin called the hotel and asked if it was there. The receptionist kept him on the cold shoulder for several minutes, and the hacker's suspicions grew. When the call was over, Mitnick called the hotel manager and introduced himself as... FBI Special Agent Wilson. The manager practically clicked his heels and obediently reported that the hotel was under the full control and surveillance of the police and the FBI's White Collar Crime Unit. At that moment, a police officer entered the manager's office, and Mitnick, insolent, demanded that he report the situation.
Kevin and Lewis were ready to storm the ill-fated hotel to get to the coveted code. For them, it was already a matter of excitement and self-respect as Very Cool Hackers. But they had to back down. Out of anger, Mitnick went to hack the Japanese-American company NEC in search of the source code of cell phones. Well, he hacked it. He uploaded the results to the servers of the University of Southern California. It took a special effort to get the code for the newest NEC P7 mobile phone: to get it, Mitnick, following Lewis's footsteps, called the company's office under the guise of a Very Important Japanese Man from the central office in Tokyo. With a heavy pseudo-Japanese accent. Oddly enough, this time everything worked out. Oh, the naive 90s.
Kevin became so brazen that he agreed to give a sensational interview about himself to Playboy magazine, not without precautions, of course. However, all this did not go unnoticed. The FBI was literally besieged by angry representatives of corporations with demands to find the damn hackers who were stealing the source codes of their latest products. No one believed that one unbridled adventurer could do this simply out of love for art and self-affirmation: they suspected industrial espionage on the part of competitors, and mentally calculated billions of losses in horror. Mitnick began to understand the scale of the problem when, during another hack on the servers of the University of Southern California, he discovered correspondence about his actions between the administrator Asbed Bedrosyan and the FBI.
As it turned out later, in 1994, Attorney General David Schindler held a secret meeting with representatives of the affected corporations about what was happening. They were all extremely outraged, suspicious of each other, and initially refused to talk publicly about their own leaks. However, in the process of work, law enforcement officers and managers came to the conclusion that the handwriting was quite characteristic and most likely pointed to a very specific culprit: Kevin Mitnick, one of the most dangerous hackers in the United States, who was on the run. However, the company representatives still refused to believe that Mitnick was doing all this out of interest, and not to resell the loot to competitors for large sums as part of some kind of cunning game.
Then, in the spring of 1994, Mitnick was suddenly fired from his job. His department was taken over by a stern new boss who wanted to impose some discipline. She thought Kevin was staying at work suspiciously late and chatting on the phone—meaning he was using his work time to work outside the company with his private clients. The funny thing is that Mitnick did do a lot of illegal and even unauthorized work, but he didn’t do any private work. Unlike his colleague, who was fired along with him for the same thing, but deservedly so. Mitnick had a bit of a row during the firing process, and then became paranoid that his angry ex-boss would dig into his background and find out that his entire identity as Eric Weiss from Oregon was a fake.
With the help of a now former colleague, Kevin managed to quietly hack the company's network from the outside, erase all potentially dangerous files and traces on his former computer, and at the same time stick his nose into his boss's correspondence. As it turned out, the management had no serious suspicions against him, and all that the management cared about was that the fired employee would not start legal proceedings. Kevin, of course, was not going to sue. However, the problem arose where no one expected it. The higher management considered that the unsubstantiated accusation of "Eric" working for third-party clients left too much scope for a lawsuit - and decided to dig deeper to find more significant screw-ups in the fired employee. Well, in the process of finding out, they discovered what Mitnick feared: no Eric Weiss in the form in which he was known in the company existed. Just like the previous place of work indicated in the resume.
Kevin was astonished when his former colleague told him about this. He immediately made up an excuse and said that he was an undercover private detective, after which he cut off all contact. Mitnick really liked Denver, he fought the temptation for a while to simply move to another part of it under a new name, but in the end he rightly decided that he had already exposed his face too much here, and it was risky. In addition, the Playboy journalist working on the interview reported that gentlemen in civilian clothes from the FBI came to him and were very interested in where the main character of the upcoming publication might be.
So Eric Weiss was dead - now the pre-prepared Brian Merrill had to be born, who in fact died as an infant in a car accident many years ago, but left behind a bureaucratic trail.
Source
