Brian Krebs had an eventful Thursday. In the early afternoon, his blog was hit with a massive denial-of-service attack that brought it to its knees. As technicians struggled to bring it back online, heavily armed policemen were assembling outside his house. Hackers were upset that Krebs had exposed their favorite online marketplace for stolen social security numbers and credit reports. Theyâd spoofed a 911 call from his house. Hence the SWAT team.
Kreb wasnât amused. He followed tips and dug up dirt on the crew that attacked him. He probably never guessed it would lead him to the alleged identity of the ringleader of one of the most notorious hacks last yearââPhobia,â who along with an accomplice, commandeered and destroyed the âentire digital lifeâ of Wired reporter Mat Honan in the span of one hour in June.
Two people who knew about the attack pointed Krebs to a hacker named Phobia. One, an anonymous tipster, pinned the hack on an Xbox live-gaming clan called Team Hype. The four-person team used social engineering techniques to steal the Xbox gamertags of Microsoft employees, then sell them off to the highest bidder. They made YouTube videos chronicling their exploits. One of the members was named Phobia.
âThey hack/social engineer Gamertags off Microsoft employees by using SSNs,â the anonymous tipster told Krebs. âI didnât DDoS your site and I didnât SWAT you, Phobia has been telling everyone he did.â
At some point in Phobiaâs murky online life, heâd made enemies of the wrong person. Krebsâ anonymous source directed him to a âdoxââhacker speak for identifying informationâthat revealed Phobiaâs identity, his home address, and his home phone number. Krebs called it. A 20-year-old named Ryan Stevenson picked up. They chatted while Stevensonâs nervous father listened in.
Hereâs a snippet of their conversation:
[Brian Krebs]: Iâm looking at a story in Wired magazine from Mat Honan about how his Apple iCloud account was hacked. Do you know this guy?
[Ryan Stevenson]: Yeah, I used to.
BK: Uh huh. And is Honan referring to you in this article?
RS: Yeah.
BK Yes?
RS: Uh huh.
BK: So, this was your doing with the Mat Honan hack, but you say you would never use a site like a stresser orâŚ
RS: Yeah, I would never do that. Thatâs stupid.
BK: âŚor hack a reporterâs account or launch a denial of service attack against a reporter, or SWAT his houseâŚ.
RS: <extended silence>
BK: So whatâs the point of hacking a reporterâs iCloud account? Whyâd you do that?
RS: Just to prove a point that, likeâŚthe security is breachable.
Anderson denied having anything to do with the DDOS attack on Krebs. âI didnât even know who you were until someone tweeted your site. I just went to it to see what it was about,â Stevenson told him.
Thatâs when things got weird.
At this point, Ryanâs dad grabs the phone and tries to tell me that his son didnât really say that he hacked Mat Honanâs iCloud account, but that what he really said was he only knew the guy who hacked Honanâs account. Ryanâs dad goes on to explain that his son is basically a good kid who fell in with the wrong crowd, and that his son wouldnât stoop to hacking other people, and certainly not to sending SWAT teams or any of that nonsense.
Krebs could hear someone typing away in away in the background. After their conversation, the Team Hype videos disappeared from YouTube. Krebs promises to keep digging into the group. Be sure to read his full account here.
Photo via Phobia/Twitter
