K o r o v a   M u l t i m e d i a

World Wide Web           http://www.korova.com
                         http://www.chromejob.com

~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-

25 May 1998


S t a r t   B u t t o n

Hoax du Jour: The AOL Hacker Riot II


Many users wrote to me in answer to my page on the 90# Phone Scam. I
thought I had made it pretty clear to begin with, but some clarification is
in order. YES, there is a possibility that the series of keys 9-0-#, or
something similar, might work on certain PBX and other business phone
systems to enable a savvy con artist to get an outside phone at a business'
expense. But NO, it will not work on every system with the same success.
And NO, it will not work on residential phone exchanges.

Much of the confusion apparently resulted from the omission of one line of
the original account, which detailed the specific PBX function needed at a
New Orleans military base to give a caller an outside line. The omission
may've occurred when an Air Force non-com forwarded the warning far and
wide.

Again, it was my stated contention that, though certain phone systems are
vulnerable to social engineering, the fear that the precise same codes
(90#) will work anywhere is ... absurd.

-------------------------------------------------------

It's that time of year again. Schools are wrapping up, Memorial Day has
come and gone, and some dang fool has decided to again put the bugaboo
bamboozle over on AOL Computer Virus Myths users of dubious BS-filtering
abilities.


     AOL RIOT JUNE 1, 1998

     WARNING:

     You must forward this letter to 10 people or your
     account will be terminated on June 1, 1998. All
     recipients of this e-mail are being tracked. When you
     received this, when you forwarded it, who you forwarded
     it to, is all on record. We are AOL's most elite hacker
     group, known as LcW. We have hacked AOL's (easily
     infiltrated) systems on numerous occaisions. We have
     shut down AOL keywords, we can kick any AOL Staff
     member off for 24 hours, we have gained access to Steve
     Case's account, we have created AOL's most famous
     hacking programs (Fate X, HaVoK, HeLL RaIsEr, MaGeNtA)
     and we can certainly get your credit card info.
     However, if you send this to 10 people, like you are
     told, you will escape unharmed. We won't terminate your
     account and you will be able to continue using AOL. So
     if you know whats best for you, you will send this to
     10 people as soon as possible. If you think we are
     bluffing....just wait till June 1, and see if you can
     sign or not.

     CAUTION: THERE WILL BE A VIRUS UPLOADED ON AOL'S MAIN
     SERVER ON JUNE 1, 1998. ANY USERS WHO HAVEN'T FORWARDED
     THIS MESSAGE WILL AUTOMATICALLY HAVE THE VIRUS
     DOWNLOADED INTO THEIR SYSTEM. WE SUGGEST YOU FORWARD
     THIS MESSAGE OR YOUR COMPUTER WILL BE FRIED. [CIAC]

The idea is, of course, absurd. Last year's Valentine's Day "riot" amounted
to little more than inept amateurs disrupting some chat rooms using "basic
tricks of the trade: scrolling text too fast to read, kicking out chatters,
and using macros that spewed out text like 'RIOT!!! RIOT!!! RIOT!!!' and
'Get Ready to Corrupt.'" [WIRED]

This year's announcement seems as pedestrian. Spamming e-mail is easy, and
making assertions of elite hacker status is just as easy. And confer no
more credibility. (Note the brilliant use of ALL CAPS text, usually a good
sign of BS.)

This year's variant introduces the added hysteria of an overt threat that
the senders will close your account, ruin your computer, ruin your credit,
yada yada,... unless you continue spamming the message to your friends.
(And your friends will love you for it, right?)

I don't think so.

Like most other Internet chain letters, this one contains a hook, a threat,
and (of course) a request. [CIAC Internet Chain Letter alert] The threat
this time is a little more preposterous: the sender claims omnipotence over
your account, ability to track your e-mail (and do so for hundreds or
thousands of other users?), and threatens various forms of remote mayhem on
your system (including involuntarily receiving and executing a virus).

It's a slightly new hoax (the "direct-threat chain letter" [Computer Virus
Myths]), but it doesn't even use an original motif. Delete it upon receipt.
Do not forward it. Have a happy Memorial Day.


  Related Links -->

     http://ciac.llnl.gov/ciac/CIACHoaxes.html#aolriot
     http://www.kumite.com/myths/cvha/1997/#evvalentine
     http://www.news.com/News/Item/0,4,7727,00.html
     http://www.wired.com/news/culture/story/2088.html


D.B. Spalding


The HOAX DU JOUR is a regular feature of Korova Multimedia. Tune in to
http://www.korova.com/virus/hoax.htm.

D.B. Spalding is an infopreneur and consultant based in Marin
County, CA. Many of his articles can be found on the World
Wide Web at http://www.korova.com.

(C) Copyright 1998 D.B. Spalding. All rights reserved.