Menus Subscribe Search

Follow us


Prospector

prospector-2

(ILLUSTRATION: MAGOZ)

Call Me i$Hm@eL

• November 06, 2013 • 6:00 AM

(ILLUSTRATION: MAGOZ)

For cybercriminals, everything hangs on a nickname.

At the peak of his career in the late-2000s, a mysterious online figure from Eastern Europe attained the position of administrator of DarkMarket. He had climbed to the highest rung of one of the most significant cybercriminal forums—where stolen credit-card data and other illicit goods and services are traded—in history. But before he could do all that, he had to choose a nickname.

For Pavel Kaminski, the reputed Warsaw-based spammer, getting his nickname right was the first step into one of the most elite circles of online criminality. His choice: an homage to a Teenage Mutant Ninja Turtles character, the rat sensei Master Splinter. But Kaminski customized the spelling to exude a certain “hackerish” quality. The handle, Master Splyntr, had no particular significance for its creator; but there was thought and strategy in its invention. In fact, for Keith Mularski, the real person behind Pavel Kaminski, there had to be.

Not only was Master Splyntr a creation; so too was the Polish spammer. Mularski was an FBI agent who had fabricated this cover with help from the spam-fighting organization Spamhaus. The agent was not working out of Warsaw but the offices of the National Cyber-Forensics and Training Alliance, in Pittsburgh. It amused Mularski that he had turned to an underground rat for his nickname. With the rat’s help, soon DarkMarket would be down, and major global cybercriminals would be in jail.

To build a trusted brand, there is an incentive to maintain the same nickname over time, but that increases the risk of being caught. Cybercriminals have to carefully balance these competing interests.

IN CYBERCRIME, IT IS difficult for criminals to establish bona fides. They can’t rely on their reputation in the neighborhood, or chest-pounding prowess. They have to build a virtual identity. In this, as one FBI agent who has spent time undercover online told me, a good nickname is “basically all that you have.”

The key to cybercriminal nicknames is less in the specific choice—the actual name hardly matters—than in the intricate function that they play. An effective handle provides anonymity, and can’t be easily used to identify the cybercriminal behind the name. This is the feature that allows users to advertise their criminality openly online. But a nickname is also the foundation of a cybercriminal’s reputation—of what amounts to a trusted brand. Without it they have no presence online. They’re just a newbie—a “noob.”

On the dark Web, it’s difficult to know who you are really talking to: maybe a Polish spammer or an FBI agent in Pittsburgh. Take the elite hacker Max Butler, aka Max Ray Vision. By the end of his dark digital career, he had accumulated at least five cyber identities: Ghost23, Generous, Iceman, Digits, and finally Aphex. Ghosts are a common trope online, but names Generous and Digits, used by Butler when vending stolen credit-card data, implied attractive profits for customers.

As Wired editor Kevin Poulsen explained in his biography of Butler, Kingpin, Butler took on the handle of Iceman when he established the forum CardersMarket—which would become a rival to DarkMarket. He chose Iceman specifically because it wasn’t unique: There were other Icemen floating around the dark Web. Butler thought that if he ever attracted heat from law enforcement, the multiplicity might thwart efforts to identify him. He further spread his risk by keeping his vendor identity, Digits, separate from his administrator identity, Iceman—in case one or the other was “apprehended.” Ultimately, a damaged reputation was what led to Iceman’s demise: He had started a cyberturf war with other carding forums, attracted media attention, and (ironically) made unproven accusations that the honorable Master Splyntr was a fed. So Butler retired Iceman, and up stepped Aphex as the “new” boss of CardersMarket.

Butler and Mularski both put some strategy into their handles. But one former American hacker told me handles are often simply what “sounds cool,” at the time. Veteran carder and film buff David Thomas used the online nickname El Mariachi as a tribute to the Robert Rodriguez film; Robert Schifreen, who hobby-hacked before it was illegal, in 1980s Britain, went by the name Triludan the Warrior, a reference to the antihistamine medication he used.

TO BUILD A TRUSTED brand, there is an incentive to maintain the same nickname over time, but that increases the risk of being caught. Cybercriminals have to carefully balance these competing interests.

One British identity thief I talked with tweaked his handle up to 20 times over his career—but maintained an identifiable (to the right people) strain throughout. The undercover FBI agent knows of Russian cybercriminals who replaced their nicknames every three months. But even these guarded types must subtly alert select collaborators to their new identity, or face starting from scratch.

Then there are those that value reputation over risk, like the hacker and former spammer I met with in Southeast Asia: He has used the same handle, chosen at random from the dictionary, since he was a teenager, through his forays into crime, and even after going straight. “I mean, I’ve got a reputation, I’ve got friends—people trust me,” he explained. Giving it up, he said, would be akin to relinquishing his identity in the physical world and starting again. Today, he works as what is called a penetration tester, a legal hacker of sorts, hired to find holes in a client’s system before a real attacker does. Some clients have discovered his past, and his long-established online reputation. But they seem pleased. They figure it means he’s more effective at his job.

Jonathan Lusthaus
Jonathan Lusthaus is a writer and sociologist specializing in the study of profit-driven cybercrime at the University of Oxford.

A weekly roundup of the best of Pacific Standard and PSmag.com, delivered straight to your inbox.

Recent Posts

October 31 • 4:00 PM

Should the Victims of the War on Drugs Receive Reparations?

A drug war Truth and Reconciliation Commission along the lines of post-apartheid South Africa is a radical idea proposed by the Green Party. Substance.com asks their candidates for New York State’s gubernatorial election to tell us more.


October 31 • 2:00 PM

India’s Struggle to Get Reliable Power to Hundreds of Millions of People

India’s new Prime Minister Narendra Modi is known as a “big thinker” when it comes to energy. But in his country’s case, could thinking big be a huge mistake?


October 31 • 12:00 PM

In the Picture: SNAP Food Benefits, Birthday Cake, and Walmart

In every issue, we fix our gaze on an everyday photograph and chase down facts about details in the frame.


October 31 • 10:15 AM

Levels of Depression Could Be Evaluated Through Measurements of Acoustic Speech

Engineers find tell-tale signs in speech patterns of the depressed.


October 31 • 8:00 AM

Who Wants a Cute Congressman?

You probably do—even if you won’t admit it. In politics, looks aren’t everything, but they’re definitely something.


October 31 • 7:00 AM

Why Scientists Make Promises They Can’t Keep

A research proposal that is totally upfront about the uncertainty of the scientific process and its potential benefits might never pass governmental muster.


October 31 • 6:12 AM

The Psychology of a Horror Movie Fan

Scientists have tried to figure out the appeal of axe murderers and creepy dolls, but it mostly remains a spooky mystery.


October 31 • 4:00 AM

The Power of Third Person Plural on Support for Public Policies

Researchers find citizens react differently to policy proposals when they’re framed as impacting “people,” as opposed to “you.”


October 30 • 4:00 PM

I Should Have Told My High School Students About My Struggle With Drinking

As a teacher, my students confided in me about many harrowing aspects of their lives. I never crossed the line and shared my biggest problem with them—but now I wish I had.


October 30 • 2:00 PM

How Dark Money Got a Mining Company Everything It Wanted

An accidentally released court filing reveals how one company secretly gave money to a non-profit that helped get favorable mining legislation passed.


October 30 • 12:00 PM

The Halloween Industrial Complex

The scariest thing about Halloween might be just how seriously we take it. For this week’s holiday, Americans of all ages will spend more than $5 billion on disposable costumes and bite-size candy.


October 30 • 10:00 AM

Sky’s the Limit: The Case for Selling Air Rights

Lower taxes and debt, increased revenue for the city, and a much better use of space in already dense environments: Selling air rights and encouraging upward growth seem like no-brainers, but NIMBY resistance and philosophical barriers remain.


October 30 • 9:00 AM

Cycles of Fear and Bias in the Criminal Justice System

Exploring the psychological roots of racial disparity in U.S. prisons.


October 30 • 8:00 AM

How Do You Make a Living, Email Newsletter Writer?

Noah Davis talks to Wait But Why writer Tim Urban about the newsletter concept, the research process, and escaping “money-flushing toilet” status.



October 30 • 6:00 AM

Dreamers of the Carbon-Free Dream

Can California go full-renewable?


October 30 • 5:08 AM

We’re Not So Great at Rejecting Each Other

And it’s probably something we should work on.


October 30 • 4:00 AM

He’s Definitely a Liberal—Just Check Out His Brain Scan

New research finds political ideology can be easily determined by examining how one’s brain reacts to disgusting images.


October 29 • 4:00 PM

Should We Prosecute Climate Change Protesters Who Break the Law?

A conversation with Bristol County, Massachusetts, District Attorney Sam Sutter, who dropped steep charges against two climate change protesters.


October 29 • 2:23 PM

Innovation Geography: The Beginning of the End for Silicon Valley

Will a lack of affordable housing hinder the growth of creative start-ups?


October 29 • 2:00 PM

Trapped in the Tobacco Debt Trap

A refinance of Niagara County, New York’s tobacco bonds was good news—but for investors, not taxpayers.


October 29 • 12:00 PM

Purity and Self-Mutilation in Thailand

During the nine-day Phuket Vegetarian Festival, a group of chosen ones known as the mah song torture themselves in order to redirect bad luck and misfortune away from their communities and ensure a year of prosperity.


October 29 • 10:00 AM

Can Proposition 47 Solve California’s Problem With Mass Incarceration?

Reducing penalties for low-level felonies could be the next step in rolling back draconian sentencing laws and addressing the criminal justice system’s long legacy of racism.


October 29 • 9:00 AM

Chronic Fatigue Syndrome and the Brain

Neuroscientists find less—but potentially stronger—white matter in the brains of patients with CFS.


October 29 • 8:00 AM

America’s Bathrooms Are a Total Failure

No matter which American bathroom is crowned in this year’s America’s Best Restroom contest, it will still have a host of terrible flaws.


Follow us


Levels of Depression Could Be Evaluated Through Measurements of Acoustic Speech

Engineers find tell-tale signs in speech patterns of the depressed.

We’re Not So Great at Rejecting Each Other

And it's probably something we should work on.

Chronic Fatigue Syndrome and the Brain

Neuroscientists find less—but potentially stronger—white matter in the brains of patients with CFS.

Incumbents, Pray for Rain

Come next Tuesday, rain could push voters toward safer, more predictable candidates.

Could Economics Benefit From Computer Science Thinking?

Computational complexity could offer new insight into old ideas in biology and, yes, even the dismal science.

The Big One

One town, Champlain, New York, was the source of nearly half the scams targeting small businesses in the United States last year. November/December 2014

Copyright © 2014 by Pacific Standard and The Miller-McCune Center for Research, Media, and Public Policy. All Rights Reserved.