Skip to main content
cyberTAP a service of the Technical Assistance Program
Contact Us

Hackers of the 2000s

DATE: August 27, 2024

TAGS:

If you thought the ‘90s were packed with cybercrime, the next decade brought an even greater wave of cyber threats. The rapid evolution of the internet introduced a multitude of unprecedented challenges that shaped the digital landscape forever. Starting off with a bang, the ILOVEYOU worm affected around 45 million users in May of 2000. Only a couple of months prior was the biggest denial of service attack to date, that took down Yahoo!, Fifa.com, Amazon, eBay, CNN, E*Trade, and Dell. Even more startling, the attacks were carried out by a 15-year-old.  

 

MafiaBoy’s Mega Ego 

Michael Calce (aka MafiaBoy) was obsessed with computers from a young age. Receiving his first computer at only six years old, he had years to hone his hacking skills before even reaching adulthood. Having joined serval online hacking groups, Calce became invested in creating a name for himself and his group by proving his hacking abilities. In the early days of the internet there were laundry lists of vulnerabilities for any given system or site. A young Calce made it his mission to find as many of these vulnerabilities as possible. His most notable attack started with taking over a handful of university networks. Using them together allowed Calce to overwhelm bigger sites with too much information, thereby rendering them useless. These servers became so overloaded with the different types of communication from the university sites that they became unresponsive. Yahoo! received the most damage. The top search engine in the world was down for over an hour. Unfortunately for him, Calce was unable to keep from bragging and went to online forums to boast about the attacks. He included information about how he took down Dell, whose attack had yet to be announced to the public. Calce had taken down six major websites within a few hours and practically turned himself in. He was arrested soon after and went to trial, being charged with over 50 crimes. He had caused around $7.5 million in damage according to the trial prosecutor but because of his young age he only received eight months in a youth detention center and probation with limited computer access. Years later he went on a string of interviews, sometimes owning up to his actions, other times completely reframing the story. One thing was for sure, every time the story would change ever so slightly in favor of Calce. Sometimes he claimed that the Yahoo! attack wasn’t him at all, but his biggest argument was that his attacks weren’t that big of a deal and the government just wanted to make an example out of him. Either way these attacks exposed some very worrisome weak spots that the sites were forced to patch and learn from.  

 

Solo’s Hunt for UFOs 

In what is described as “the biggest military computer hack of all time” a man named Gary Mckinnon managed to hack into 97 United States military and NASA computer in 2001-2002. Turns out, all he was looking for was evidence of UFOs. His search was conducted from an apartment in London where he found his way into the Pentagon’s system first. Mckinnon claims that he became obsessed with accessing hidden information on UFOs after spotting one himself. He was also interested in finding information on free energy suppression that he theorized was being covered up by the US government. Mckinnon, who went by Solo during his hacking endeavors, used a simple dial-up modem to scan for vulnerabilities, of which he found quite a few. He discovered that important systems were especially full of password vulnerabilities. Solo found multiple systems with default or blank passwords and compiled a list of the more high-level accounts. Solo would then install remote access software. He made his first move on NASA’s systems. Once he gained confidence in his ability to avoid detection, he started leaving notes. For example, “Your security system is crap.” He claims to have found several images of UFO’s and extraterrestrials along with lists and spreadsheets detailing off-Earth programs. However, he claims to have been kicked out before having time to save any proof. Poking around these systems landed Mckinnon in hot water with the U.S. government that led to a ten year long legal battle. He had had multiple charges against him that amassed around $700,000 in damages. If extradited to the U.S., he faced up to 70 years in prison. Britain refused to comply with the request with concerns of an unfair trial and mental health risks. Their argument was that he hadn’t distributed, leaked, or saved any of the information he saw. After 10 years the case was dropped. The TV series The People V. Gary Mckinnon is currently in pre-production set to air sometime in 2025. 

 

Lamo Leaking WikiLeakers 

Adrian Lamo is yet another example of an infamous hacker who got their start phone phreaking. Lamo is best known for breaking into the systems of major corporations in the U.S. The New York Times, Yahoo!, and Microsoft all fell victim to his break ins. Some were mildly alarmed but appreciative because he would break in, notify them of their vulnerability, and offer to fix it. Others, such as The New York Times, were not as understanding when he went poking around their systems. He was reported multiple times by multiple corporations which led to a warrant for his arrest. His tendency to access sensitive information landed him two years' probation, six months of house arrest, and $65,000 in restitution. A few years after his release, Lamo fell into more controversy as he had become acquainted with a former Army soldier Chelsea Manning online. Lamo turned her in to authorities for disclosing classified and sensitive military documents to WikiLeaks, stating that lives were in danger because of her actions. The gargantuan leak landed her a sentence of 35 years in maximum security prison, but she was later commuted by Obama only seven years into her sentence. 

 

Leave the Cybercrime, Take the Plea Deal 

Another notorious cybercriminal of the 2000’s is Brett Johnson, sometimes referred to as the ‘Original Internet Godfather.” He was the perpetrator of seemingly countless offences. Some of which included building the first organized cybercrime community, filing tax returns for dead people, and selling fake merchandise on eBay. Unlike the aforementioned Gary Mckinnon, Johnson was purely in it for the money. He created Shadow Crew, a website that was the precursor to the dark web to make money by committing cybercrimes. It was a marketplace for stolen data that housed anything from stolen credit card numbers to the wholesaling of drugs. In addition, Shadow Crew was also a forum for hackers. They could find tips and tricks on things like virus development, credit card fraud, scamming, phishing, etc. In an interview with Vice, Johnson admits to being a despicable person for some of the things he did. He describes a time when he sent a counterfeit check that ended up getting a man arrested and a time he stole thousands of dollars from a family that was trying to pay for a new roof. He spent the late 90s to the early 2000s committing many more cybercrimes. At one point he was making as much as $500,000 a month off e-bay fraud and tax return identity theft. This list of criminal activity landed him on the U.S. most wanted list. He was first arrested in 2005, a year after Shadow Crew was raided by the FBI. Upon arrest he was given the opportunity to avoid prison time by becoming an informant for the Secret Service, to which he agreed. Immediately upon release he started committing crimes again, even while being an informant. After being arrested again, he was sentenced to seven and a half years in federal prison. Now a days he seems to have turned a new leaf, being hired by company after company to provide security tests and assessments. Johnson also does a lot of public speaking about cybersecurity to bring awareness to just how vulnerable we may be.

 

Dave & Busted 

A member of the previously mentioned website Shadow Crew, Albert Gonzalez was a hacker best known as being the mastermind behind a series of attacks on TJX, Dave & Buster’s, and Heartland Payment. At just 14 he was visited by the FBI for hacking into NASA. His antics had started as an exploration of any system he could get into, but they quickly evolved into more high-profile instances of hacking. Starting in July of 2005 Gonzalez and a group of hacking acquaintances stole around 45.6 million credit and debit card numbers from TJX Companies by exploiting vulnerabilities in their wireless networks and POS systems. He did this to not only TJX but Office Max, DSW, Barnes & Noble, Sports Authority, and BJ’s Wholesale Club. He was arrested in 2008 specifically for hacking into Dave & Buster’s corporate network. He and his accomplices had stolen over 5,000 card numbers and made over $600,000 in fraudulent purchases. The police seized around $1.6 million in cash from his hotel room at the time of his arrest. He received 20 years in federal prison for the theft, which was the longest sentence out of the group. 

These were just a few of the ill-famed hackers of the 2000s. Their exploits served as a wake-up call, a warning about just how vulnerable these systems were. Thankfully, we were able to evolve alongside these threats to move toward a safer digital world. 

About the author

Hope Trampski

Student Assistant

htrampsk@purdue.edu

Sign up for the newsletter

Topics

Recent Articles

Return to main content

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2021 Purdue University | An equal access/equal opportunity university | Copyright Complaints | Maintained by Technical Assistance Program

Trouble with this page? Disability-related accessibility issue? Please contact Technical Assistance Program at tap@purdue.edu.