Menus Subscribe Search

Prospector

prospector-2

(ILLUSTRATION: MAGOZ)

Call Me i$Hm@eL

• November 06, 2013 • 6:00 AM

(ILLUSTRATION: MAGOZ)

For cybercriminals, everything hangs on a nickname.

At the peak of his career in the late-2000s, a mysterious online figure from Eastern Europe attained the position of administrator of DarkMarket. He had climbed to the highest rung of one of the most significant cybercriminal forums—where stolen credit-card data and other illicit goods and services are traded—in history. But before he could do all that, he had to choose a nickname.

For Pavel Kaminski, the reputed Warsaw-based spammer, getting his nickname right was the first step into one of the most elite circles of online criminality. His choice: an homage to a Teenage Mutant Ninja Turtles character, the rat sensei Master Splinter. But Kaminski customized the spelling to exude a certain “hackerish” quality. The handle, Master Splyntr, had no particular significance for its creator; but there was thought and strategy in its invention. In fact, for Keith Mularski, the real person behind Pavel Kaminski, there had to be.

Not only was Master Splyntr a creation; so too was the Polish spammer. Mularski was an FBI agent who had fabricated this cover with help from the spam-fighting organization Spamhaus. The agent was not working out of Warsaw but the offices of the National Cyber-Forensics and Training Alliance, in Pittsburgh. It amused Mularski that he had turned to an underground rat for his nickname. With the rat’s help, soon DarkMarket would be down, and major global cybercriminals would be in jail.

To build a trusted brand, there is an incentive to maintain the same nickname over time, but that increases the risk of being caught. Cybercriminals have to carefully balance these competing interests.

IN CYBERCRIME, IT IS difficult for criminals to establish bona fides. They can’t rely on their reputation in the neighborhood, or chest-pounding prowess. They have to build a virtual identity. In this, as one FBI agent who has spent time undercover online told me, a good nickname is “basically all that you have.”

The key to cybercriminal nicknames is less in the specific choice—the actual name hardly matters—than in the intricate function that they play. An effective handle provides anonymity, and can’t be easily used to identify the cybercriminal behind the name. This is the feature that allows users to advertise their criminality openly online. But a nickname is also the foundation of a cybercriminal’s reputation—of what amounts to a trusted brand. Without it they have no presence online. They’re just a newbie—a “noob.”

On the dark Web, it’s difficult to know who you are really talking to: maybe a Polish spammer or an FBI agent in Pittsburgh. Take the elite hacker Max Butler, aka Max Ray Vision. By the end of his dark digital career, he had accumulated at least five cyber identities: Ghost23, Generous, Iceman, Digits, and finally Aphex. Ghosts are a common trope online, but names Generous and Digits, used by Butler when vending stolen credit-card data, implied attractive profits for customers.

As Wired editor Kevin Poulsen explained in his biography of Butler, Kingpin, Butler took on the handle of Iceman when he established the forum CardersMarket—which would become a rival to DarkMarket. He chose Iceman specifically because it wasn’t unique: There were other Icemen floating around the dark Web. Butler thought that if he ever attracted heat from law enforcement, the multiplicity might thwart efforts to identify him. He further spread his risk by keeping his vendor identity, Digits, separate from his administrator identity, Iceman—in case one or the other was “apprehended.” Ultimately, a damaged reputation was what led to Iceman’s demise: He had started a cyberturf war with other carding forums, attracted media attention, and (ironically) made unproven accusations that the honorable Master Splyntr was a fed. So Butler retired Iceman, and up stepped Aphex as the “new” boss of CardersMarket.

Butler and Mularski both put some strategy into their handles. But one former American hacker told me handles are often simply what “sounds cool,” at the time. Veteran carder and film buff David Thomas used the online nickname El Mariachi as a tribute to the Robert Rodriguez film; Robert Schifreen, who hobby-hacked before it was illegal, in 1980s Britain, went by the name Triludan the Warrior, a reference to the antihistamine medication he used.

TO BUILD A TRUSTED brand, there is an incentive to maintain the same nickname over time, but that increases the risk of being caught. Cybercriminals have to carefully balance these competing interests.

One British identity thief I talked with tweaked his handle up to 20 times over his career—but maintained an identifiable (to the right people) strain throughout. The undercover FBI agent knows of Russian cybercriminals who replaced their nicknames every three months. But even these guarded types must subtly alert select collaborators to their new identity, or face starting from scratch.

Then there are those that value reputation over risk, like the hacker and former spammer I met with in Southeast Asia: He has used the same handle, chosen at random from the dictionary, since he was a teenager, through his forays into crime, and even after going straight. “I mean, I’ve got a reputation, I’ve got friends—people trust me,” he explained. Giving it up, he said, would be akin to relinquishing his identity in the physical world and starting again. Today, he works as what is called a penetration tester, a legal hacker of sorts, hired to find holes in a client’s system before a real attacker does. Some clients have discovered his past, and his long-established online reputation. But they seem pleased. They figure it means he’s more effective at his job.

Jonathan Lusthaus
Jonathan Lusthaus is a writer and sociologist specializing in the study of profit-driven cybercrime at the University of Oxford.

A weekly roundup of the best of Pacific Standard and PSmag.com, delivered straight to your inbox.

Recent Posts

August 22 • 4:00 PM

The Invention of the Illegal Immigrant

It’s only fairly recently that we started to use the term that’s so popular right now.



August 22 • 2:00 PM

What Can U.S. Health Care Learn From the Ebola Outbreak?

A conversation with Jeanine Thomas, patient advocate, active member of ProPublica’s Patient Harm Facebook Community, and founder and president of the MRSA Survivors Network.


August 22 • 1:22 PM

Two Executions and the Unity of Mourning

The recent deaths of Michael Brown and James Foley, while worlds apart, are both emblematic of the necessity for all of us to fight to uphold the sanctity of human dignity and its enduring story.


August 22 • 10:00 AM

Turbo Paul: Art Thief Turned Art Crime Ombudsman

There’s art theft, there’s law enforcement, and, somewhere in between, there’s Turbo Paul.


August 22 • 8:00 AM

When Climate Change Denial Refutes Itself

The world is warming—and record-cold winters are just another symptom.


August 22 • 6:17 AM

The Impossibility of the Night Shift

Many night workers get “shift-work sleep disorder.” And no one knows how to treat it.


August 22 • 6:00 AM

Long Live Short Novels

Christopher Beha’s Arts & Entertainments comes in at less than 300 pages long, which—along with a plot centered on a sex-tape scandal—makes it a uniquely efficient pleasure.


August 22 • 4:00 AM

Why ‘Nature Versus Nurture’ Often Doesn’t Matter

Sometimes it just doesn’t make any sense to try to separate the social and the biological.


August 21 • 4:00 PM

Julie Chen Explains Why She Underwent Westernizing Surgery

The CBS news anchor and television personality’s story proves that cosmetic surgeries aren’t always vanity projects, even if they’re usually portrayed that way.


August 21 • 2:37 PM

How the Brains of Risk-Taking Teens Work

There’s heightened functional connectivity between the brain’s emotion regulator and reason center, according to a recent neuroscience paper.


August 21 • 2:00 PM

Cracking Down on the Use of Restraints in Schools

Federal investigators found that children at two Virginia schools were being regularly pinned down or isolated and that their education was suffering as a result.


August 21 • 12:00 PM

What Makes You So Smart, School Principal?

Noah Davis talks to Evan Glazer about why kids aren’t getting smarter and what his school’s doing in order to change that.



August 21 • 10:00 AM

Why My Neighbors Still Use Dial-Up Internet

It’s not because they want to. It’s because they have no other choice.


August 21 • 8:15 AM

When Mothers Sing, Premature Babies Thrive

Moms willing to serenade pre-term infants help their babies—and themselves.


August 21 • 8:00 AM

To Fight the Obesity Epidemic Americans Will Have to First Recognize That They’re Obese

There is a void in the medical community’s understanding of how families see themselves and understand their weight.


August 21 • 6:33 AM

One Toxic Boss Can Poison the Whole Workplace

Office leaders who bully even just one member of their team harm everyone.


August 21 • 6:00 AM

The Fox News Effect

Whatever you think of its approach, Fox News has created a more conservative Congress and a more polarized electorate, according to a series of recent studies.


August 21 • 4:00 AM

Do Children Help Care for the Family Pet?

Or does mom do it all?


August 20 • 4:00 PM

Why Can’t Conservatives See the Benefits of Affordable Child Care?

Private programs might do a better job of watching our kids than state-run programs, but they’re not accessible to everyone.


August 20 • 2:00 PM

Oil and Gas Companies Are Illegally Using Diesel Fuel in Hundreds of Fracking Operations

An analysis by an environmental group finds hundreds of cases in which drillers used diesel fuel without obtaining permits and sometimes altered records disclosing they had done so.


August 20 • 12:00 PM

The Mystery of Britain’s Alien Big Cats

In a nation where the biggest carnivorous predator is a badger, why are there so many reported sightings of large cats?


August 20 • 10:00 AM

Death Row in Arizona: Where Human Experimentation Is the Rule, Not the Exception

Recent reports show that chemical roulette is the state’s M.O.


August 20 • 9:51 AM

Diversity Is in the Eye of the Beholder

Perception of group diversity depends on the race of the observer and the extent to which they worry about discrimination.


Follow us


The Impossibility of the Night Shift

Many night workers get “shift-work sleep disorder.” And no one knows how to treat it.

How the Brains of Risk-Taking Teens Work

There's heightened functional connectivity between the brain's emotion regulator and reason center, according to a recent neuroscience paper.

When Mothers Sing, Premature Babies Thrive

Moms willing to serenade pre-term infants help their babies—and themselves.

One Toxic Boss Can Poison the Whole Workplace

Office leaders who bully even just one member of their team harm everyone.

Diversity Is in the Eye of the Beholder

Perception of group diversity depends on the race of the observer and the extent to which they worry about discrimination.

The Big One

One in two full-time American fast-food workers' families are enrolled in public assistance programs, at a cost of $7 billion per year. July/August 2014 fast-food-big-one
Subscribe Now

Copyright © 2014 by Pacific Standard and The Miller-McCune Center for Research, Media, and Public Policy. All Rights Reserved.