FBI Busts Alleged Modem Hacker

[HardOCP News]

If you are going to sell hacked cable modems, making instructional YouTube videos that link your website where you sell the damn things is probably not the best idea.

According to the Manhattan U.S. Attorney's criminal complaint, Delorey sold Motorola SurfBoard 5100 and 5101 cable modems through his Web site that were reconfigured to allow them to be used for free, untraceable access to the Internet by "spoofing" the media access control (MAC) address. Delorey sold a hacked modem to a customer in the Bronx, New York, and also sold two hacked modems to an undercover FBI agent posing as a customer, officials said.

 

[Dataman]

Glad to hear it. Now if they would last more than 3-4 years I would be happy. (modems).

 

[niconx]

Yep, I used to provison cable modems for the cable co, that's all it takes. I have also provisioned DSL modems, same deal there only it's harder to connect to the network than a simple coax connection. I have seen conflicts occur quite frequently on cable networks due to this inherent flaw.

 

[ProfessorKaos64]

Was this the same guy a little back that was selling the hacked modems, and instructions, but saying he wasn't promoting illegal activities?

 

[mintos]

changing the MAC address of a NIC is an inherent ability...how is that hacking? Looks like his defense is just. He "accidently" set the modems to another MAC on the network.

 

[Bgrngod]

changing the MAC address of a NIC is an inherent ability...how is that hacking? Looks like his defense is just. He "accidently" set the modems to another MAC on the network.

And then accidentally sold them as "Accidentally hacked!" modems?

 

[tvdang7]

hmm now im curious to try to aquire this cable modem. ............

 

[WBurchnall]

Yes, and the FBI agent who bought them accidentally used them to surf for porn before turning them into the evidence locker thinking it was untraceable so how could it hurt

 

[quixotic]

hmm now im curious to try to aquire this cable modem. ............

Why? There are much safer ways to get free untraceable internet, without messing (well, not directly) with the cable company.

 

[niconx]

hmm now im curious to try to aquire this cable modem. ............

Having worked for a cable co I can tell you that they will be able to tell where you live.

 

[perrosky]

Having worked for a cable co I can tell you that they will be able to tell where you live.

I would like to know how, Can you explain that please?

 

[niconx]

I would like to know how, Can you explain that please?

They can determine the router the MAC is connected to at the head office for your city reigon. Then they follow that to the card on the area node. Then they follow that to the tap that feeds your premises. Then they follow the tap to your modem. Easy as pie actually.

 

[invi[tus]

Was this the same guy a little back that was selling the hacked modems, and instructions, but saying he wasn't promoting illegal activities?

No, that was TCNISO. run by "derangel"

 

[Phoenix333]

If these people put half the effort into doing legitimate things as they do into trying to get away with stealing things they might go somewhere in life besides prison.

 

[invi[tus]

And then accidentally sold them as "Accidentally hacked!" modems?

In, truth the modems are just off the shelf modems loaded with the manufacturer's diagnostic shell. they are not truly hacked, so much as modified .

the modems themselves are completely legal to sell, purchase or own.

the illegal part is advertising them as a means to get free internet, and showing how to use them in an illegal manner to gain said access .

I have worked for two different cable companies, and we were issued modems loaded with the same diagnostic firmware to enable us to locate issues with system, lines etc.
the only difference being that the ones issued to us were orange, and said diagnostic modem on the bottom. ( and cost 50x more from the manufacturer i'm sure )

 

[invi[tus]

They can determine the router the MAC is connected to at the head office for your city reigon. Then they follow that to the card on the area node. Then they follow that to the tap that feeds your premises. Then they follow the tap to your modem. Easy as pie actually.

That's mostly right, except for that last bit . they can trace it down to node np, the problem lies in the fact that node depending on population of the area could be a few city blocks, or an entire small town , beyond that, you have to disconnect sections of the node, and wait to see if that mac goes offline or not, the light it back up and move you way down the line, until you trace it down to the block. then you go down the block disconnecting one tap drop at a time until you hit the line your looking for.

for instance I used to work for the local cable provider, there is a total of 8 nodes for the 4 adjacent cities , and in truth we never bothered going after cloned devices due to the labor and system downtimes that were required to catch the jerks, not to mention that most of these guys would disappear in a day or two ( guessing they kept changing mac addresses or something ) and the whole trace process would have to start over again.

So, the dirty truth is, we mostly ignore it, we try to beef us CMTS security to keep them from connecting, and when we spot one ( most obvious when there downloading, since they can get around speed caps) we ban the CPE mac and HFC mac and call it job done for the day.

 

[Acoustique]

what a load of crap, FBI to get a modem hacker?

they have all these profiles on a lot drug kingpins that are pretty much guilty and they don't pounce on them so quickly, best to leave those guys to stew (or until they can't pay off the right people anymore)

justice is a farce. if you want it these days, you take it yourself.

 

[ZDPhoenix]

Was this the same guy a little back that was selling the hacked modems, and instructions, but saying he wasn't promoting illegal activities?

Different guy I believe.

Modem hacking's not a wrist slap crime. I hope this stops someone else from doing it.

 

[larryBird44]

Different guy I believe.

Modem hacking's not a wrist slap crime. I hope this stops someone else from doing it.

It's not a wrist slap crime since the cable companies lobbied for harsh penalties, no other reason I am sure. I just don't see why you need the FBI to investigate theft of service, i.e. loss of profit, when there seems to be more pressing issues in today's world.

 

[Nokia]

I'm Glad that the FBI is getting on the ball for thieves of cable internet. While they let guys with panties of explosives go on airplane knowing about it. Seriously Government agencies ain't worth a fuck.

 

[NKDietrich]

That's mostly right, except for that last bit . they can trace it down to node np, the problem lies in the fact that node depending on population of the area could be a few city blocks, or an entire small town , beyond that, you have to disconnect sections of the node, and wait to see if that mac goes offline or not, the light it back up and move you way down the line, until you trace it down to the block. then you go down the block disconnecting one tap drop at a time until you hit the line your looking for.

That was precisely my understanding of how it works as well. Honestly there probably aren't enough of the buggers to warrant all that effort anyway.

 

[Romale23]

okay, what am i missing here, he is buying the modems, altering and selling them right? whats the problem?

 

[pissboy]

I wonder how many people clicked on this thread wondering "oh shit is it my guy?". lol

 

[KMac]

...the only difference being that the ones issued to us were orange, and said diagnostic modem on the bottom. ( and cost 50x more from the manufacturer i'm sure )

Like these?

 

[Imaulle]

the problem is the modems he is selling is set up out of the box to work without paying for service. that is a no no.

you can legally sell modems that have the hacked firmware that lets you get free service, but can't condone or support it. but really that is the only use for them so I don't get it lol.

 

[Thuban]

what a load of crap, FBI to get a modem hacker?

they have all these profiles on a lot drug kingpins that are pretty much guilty and they don't pounce on them so quickly, best to leave those guys to stew (or until they can't pay off the right people anymore)

justice is a farce. if you want it these days, you take it yourself.

I don't know what your problem with this is. The guy advertise on the internet and YouTube. Getting evidence against him was as easy as calling him up telling him you want to buy some modems and confirm that the modems was hacked.

And having profile on drug kingpins isn't the same as knowing where they are or having enough evidence to convict them. Probably because they don't post youtube video telling the FBI who they are, what they do and how to contact them to get some drug.

Plus if you are complaining about the CIA or the NSA going after modem hacker then you would have a point but the FBI job is to enforce all federal laws and not just the one you like.

 

[Imaulle]

20 years in prison is a bit harsh dont ya think?

 

[invi[tus]

Like these?

Yes, exactly like those, sadly the hot naked woman was not included

 

[invi[tus]

okay, what am i missing here, he is buying the modems, altering and selling them right? whats the problem?

to quote myself,

the modems themselves are completely legal to sell, purchase or own.

the illegal part is advertising them as a means to get free internet, and showing how to use them in an illegal manner to gain said access .

 

[Methadras]

It's good to know that the FBI set aside a lot of taxpayer dollars to bust a guy MAC spoofing cable modems. He was a real threat to society. I can just tell. Now if he sold them to terrorists, well, then all the better. Yeah, they sure got that piece of sub-human cable modem MAC spoofing filth off the streets. I wonder if the dealers on the corner were watching his take down?

 

[keenan]

the problem is the modems he is selling is set up out of the box to work without paying for service. that is a no no.

you can legally sell modems that have the hacked firmware that lets you get free service, but can't condone or support it. but really that is the only use for them so I don't get it lol.

I think this is a pretty weak argument to be honest. Why does the way it's sold affect the legality of his actions? It is the end purchaser that's breaking the law by stealing service, and they are fully aware of this, so why is this guy liable for their infractions? I'm not saying what he's doing was right, but I don't understand why he's liable, assuming the modems themselves are not illegal (maybe you can use some kind of DMCA argument, but I can't see any other reason they would be), and all he did was sell them and provide information.

Laws that trickle the liability for the infraction upstream from the actual offender are disturbing. DMCA is similar.

 

[Imaulle]

I wasn't making any argument, was just stating the law. I think its total bullshit. all the guy is doing is showing you how to exploit the ISPs super shitty security and he sells the hardware that is capable of doing it. I doubt he's made more then a grand or 2 from it all.

hollywood makes movies that show you how to kill people. how is that any different? this country is fucked man. the entire judicial system is fucked.

the dude is just trying to make a buck, like every other asshole in this country. leave him the fuck alone.

 

[Dew]

No, that was TCNISO. run by "derangel"

Too bad too, because I have a TCNISO modified SB5100, awesome modem for diagnostics when the cable starts to fuck up.

It also came in handy when I knew that my mom was paying for a higher tier than she was getting. I spoofed her modem and downloaded the config file that was being sent to her. Sure enough, it was a 2meg config when it should have been a 5meg config. Not that I told the ISP how I knew she was getting a 2meg config, but it gave me the knowledge that I could stand my ground and push the issue when they tried to argue with me.

Note: I never used my modem when I was not paying for cable internet. Hell, I even had it registered as my modem on my Comcast/Charter account. I don't even have cable anymore (dropped it in early 2008 when I switched to 20meg DSL).

 

[invi[tus]

Too bad too, because I have a TCNISO modified SB5100, awesome modem for diagnostics when the cable starts to fuck up.

It also came in handy when I knew that my mom was paying for a higher tier than she was getting. I spoofed her modem and downloaded the config file that was being sent to her. Sure enough, it was a 2meg config when it should have been a 5meg config. Not that I told the ISP how I knew she was getting a 2meg config, but it gave me the knowledge that I could stand my ground and push the issue when they tried to argue with me.

Note: I never used my modem when I was not paying for cable internet. Hell, I even had it registered as my modem on my Comcast/Charter account. I don't even have cable anymore (dropped it in early 2008 when I switched to 20meg DSL).

I agree they are really quite good for diagnostics, that is exactly what the firmware was written for. hence the reason the modems themselves are not illegal.

In this case this person knew that these devices could be setup to steal services, and marketed them as such, then showed people how to use them in this manner. that is why he was arrested, and why he is in so much trouble now.

It is not unlike the early days of the cable de-scrambler business, where people were using completely legal equipment ,standard cable box ,a few well placed resistors, filters etc. all legal off the shelf parts, and using those parts to steal services, you would hear of people getting busted for selling the plans to turn these parts into a de-scrambler.

It seems to me, this is very much akin to what happened in this case.

 

[Outamyhead]

changing the MAC address of a NIC is an inherent ability...how is that hacking? Looks like his defense is just. He "accidently" set the modems to another MAC on the network.

MAC addresses are supposed to be a permanent address burned into the ROM of the device, since everyone of them is assigned by the IEEE, changing them to spoof another MAC address is illegal and is a form of hacking.

 

[invi[tus]

MAC addresses are supposed to be a permanent address burned into the ROM of the device, since everyone of them is assigned by the IEEE, changing them to spoof another MAC address is illegal and is a form of hacking.

That is simply incorrect, first off many devices simply do not have a ROM containing the
mac address. secondly Only the first 4 digits of the mac address are assigned, the rest are
left up to the manufacturer, and 3rd it is not in and of itself considered "hacking" to change
the mac address, in fact we used to order network cards in mass, they came with no mac
address preprogramed, Great way to save a few bucks btw if your ordering 1000s of nics
at a time.

 

[TheCommander]

I'm Glad that the FBI is getting on the ball for thieves of cable internet. While they let guys with panties of explosives go on airplane knowing about it. Seriously Government agencies ain't worth a fuck.

The FBI has more than one division or group of people working to solve crimes.