[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
TROMAS H. SWINK _Special Agent - FBI

Date: Sun, 30 Nov 1997 22:16:40 +0000
From: Bob Allisat <bob@wtv.net>
Subject: TROMAS H. SWINK _Special Agent - FBI
> 
> 
>                                                                          
> 
> 
> 
> UNITED STATES DISTRICT COURT 
> EASTERN DISTRICT OF NEW YORK 
> 
> UNITED STATES OF AMERICA 
> 
> - against ~ 
> 
> EUGENE E. KASHPUREFF, 
> Defendant, 
> 
> COMPLAINT 
> 
> (Title 18, U.S.C. Sections 1030, 1343 and 2) 
> 
> EASTERN DISTRICT OF NEW YORK, SS.: THOMAS H. SWINK being duly sworn, deposes and says that he is a,
> Special Agent of the Federal Bureau of Investigation, duly appointed according to law and acting as such. 
> 
> In or about July 1997, within the Eastern District of New York and elsewhere, the defendant EUGENE E.
> KASHPUREFF did knowingly cause the transmission of a program, information, code, or command, and as a
> result of such conduct, intentionally caused damage. without authorization, to a protected computer' , in violation
> of Title 18i United States Code, Section 1030(a)(5)(A). in or about July 1997, within the Eastern District of New
> York and elsewhere the defendant EUGENE E. KASHPUREFF having devised a scheme or artifice to defraud, or
> to obtain money or property by means of false or fraudulent pretenses, representations, or promises, knowingly
> transmitted or caused to be transmitted by means of wire, radio, or television communication in interstate or
> foreign commerce, writings, signs, signals, picture*,, or sounds for the purpose of executing such scheme or
> artifice, in violation of IS U.S*C, Section 1343. The sources of my information and the grounds for my beliefs are
> as follows: 
> 
> 1. I am a special Agent with the Federal Bureau of investigation ("FBI") Since October 1996, 1 have been
> assigned to the Computer Crime Unit in the PBI's New York Field Division. For approximately six and one-half
> years I was employed as a computer programmer at a large corporation* I hold a Bachelor of Business
> Administration degree from Tennessee Technological university specializing in business computer information
> systems* i have received specialized training while with the FBI concerning the means by which individuals use
> computers and the internet to commit various criminal offenses. I have participated in investigations involving the
> use of computers in criminal activity and have conferred with other FBI agents who have participated in similar
> investigations. 
> 
> 2. The information contained in this affidavit is based upon my personal knowledge and upon information
> received by me from other law enforcement officers witnesses and documents. Where statements of others are
> related in this affidavit, they are related in substance and in part only, Because this affidavit is being submitted for
> a limited pu sei I have not sat forth each and every fact that I know concerning this investigation. 
> 
> SUMMARY OF THE FRAUDULENT SCHEME 
> 
> 3. from approximately July 10 through 14. 1997 and again from approximately July 23 through 25, 19970 the
> defendant EUGENE E. KASHPUREPF unleashed software on the Internet that interrupted service for tens of
> thousands of Internet users worldwide and caused significant economic damage to others. KASHPUREFF, a
> self-described "webslinger,," owns AlterNIC, a competitor to InterMIC, the government-debignated registrant for
> domain names associated with Internet Web Sitese KASHPUREFF designed a corruption of the software system
> used throughout the world, which allows internet-linked computers to communicate with each other. By
> exploiting a weakness in that software, KASHPUREFF "hijacked" Internet Users attempting to reach the interNIC
> Web Site to the AlterNIC Web Site, impeding those users' ability to register new Web Site domain names or to
> review InterNIC@s popular 'electronic yellow pageso for existing domain names. 
> 
> BACKGROUND TO THE FRAUDULENT SCHEME 
> 
> 4. The Internet is a cooperative interconnection of computer networks consisting of a 'web' of several million
> "host" computers that provide information services to computer users who may access the information over
> telephone lines. It is estimated that over 25 'Million individuals presently have access to the Internet. 
> 
> 5. The Internet provides a Means to erect electronic 'billboards' to communicate with actual and potential
> customers. Thousands of businesses advertise and offer their products and services to the public on the Internat
> through wweb Sites,w which often feature the company's electronic mail (*emmail*) address in order to attract
> public inquiry and co=ent, The Internet has become a pervasive and effective tool for reaching the public. The
> use of an Internet web Site is a critical method of marketing, promoting and selling goods and services in the
> United states and worldwide. 
> 
> 6. To visit a Web Site or send e-mail on the Internet, an individual must know the electronic address of the
> computer that contains the files that constitute the Site. The main part of the electronic address is known as a
> domain name, and the entire address is known as the URL. 
> 
> 7. Domain names consist of two components: a source identifying designation selected by the registrant,
> followed by a generic abbreviation describing the nature of the registrant. For example, I.B.M. has registered the
> domain name 'ibm.com.' The most prevalent generic abbreviations include (1)".com," for commercial entities; (2)
> ".org" for non-profit organizations; (3) ".edu" for educational institutions; (4) ".net" for computer networks and
> internet service providers; and (5) ".gov" for government entities. These generic designations are known as
> "top-level" domains, The source-identifying part of the domain name, such as "ibm," identifies the host computer
> and the entity whose web Site is located at the host computer This part of the domain name immediately
> precedes the generic abbreviation known as the second-level domain name. Users are required to register
> second-level domain names. 
> 
> 8. An important part of an address on the Internet Is a prefix that can direct the user to a particular file on a server
> identified by a domain name. Internet users have adopted the convention of using the prefix 'www" to identify
> Web Sites. Therefore, the complete address for the l.B.M. Web Site is "www.ibm.com." 
> 
> 9. Network computers on the Internet "communicate" with each other by using Internet Protocol (IP) numbers,
> Because IP numbers are difficult to remember, an alphanumeric "domain name" that is correlated or "mapped" to
> an IP number provides for an Internet address that is easier for people to remember and use. The Domain Name
> System ("DNS") consists of complex code, or computer language, that translates a domain name into its assigned
> IP number, allowing one computer to communicate with another. 
> 
> 10. I have learned from representatives of Network Solutions, Inc. ("Network Solutions") that since 1993, it has
> been the exclusive registrar for second-level domain names within the "com," "org," 'net," "edu," and "gov"
> generic top level domains. Network Solutions maintains Its principal place of business in Herndon, Virginia. Under
> the name "lnterNIC," Network Solutions participates cooperatively with the National Science Foundation ("NSPO)
> as the registrar for all sccond-level domain names. Thus, Network Solutions effectively is known to Internet
> enthusiasts as being synonymous with InterNIC. 
> 
> In 1993, Network Solutions registered and began using the domain name 'internic.net' on the Internet as part of
> its domain name registration business. Internet users who want to gain access to the InterNIC Web Site.can do so
> by using the URL's "www.internic.net," "internic.net," or "rs.internic.net" to do so. The InterNIC Web Site also
> serves as a sort of "electronic yellow pages" for locating the identifying address of registered domain names.
> InterNIC charges a registration fee of approximately $100.00 that a prospective domain name holder must pay in
> order to receive the domain name and to be included in the InterNIC domain name list for a limited period of time.
> InterNIC derives moot of its revenue from the fees it receives for registering domain names. Since 1993. Network
> Solutions has received approximately $78 million in fees from domain name registrants. 
> 
> 12. InterNIC currently administers over 1.2 million second-level domain names. Its Web Site is accessed through
> the Internet on an average of over I million times per day. 
> 
> 13. During the course of my investigation I have become familiar with an *alternative' domain name registration
> service known as "AlterNIC." AlterNIC's stated mission is to provide an alternative to the InterNIC domain name
> registration service, AlterNic has created Its 0 vn alternative top~level domain names, including "ltd", "sex," and
> "med." 
> 
> 14. 1 have reviewed documents indicating that the defendant EUGENE E. KASHPUREFF is an officer, director
> and incorporator of "A Towing Company, Inc,,* a Seattle, Washington based-company that does business under
> the name AlterNIC. 
> 
> THE KASHPUREFF FRAUDULENT SCHEME 
> 
> 15. On approximately July 17, 1997, i received a telephone complaint from an individual concerning disruption of
> internet service experienced by the complainant on approximately July 10, 1997. That complainant has
> described himself as being an Internet enthusiast who regularly uses the Internet for personal and professional
> purposes. The complainant told me that on several occasions on or around July 10, 19970 when he attempted to
> gain access to the InterNIC Web Site, he was unable to do so, Instead, he discovered that he was routed to the
> "AlterNIC" Web Site The complainant told me that he experienced this problem while using his computer from his
> home on Long island. His computer was electronically connected to the Internet by means of a modem
> communication using telephone wires in interstate commerce in and through the Eastern District of New York. 
> 
> 16. In the course of my investigation, I have spoken with InterNIC representatives concerning the nature and
> extent of the fraud. I also have read numerous media articles describing the fraud and containing complaints from
> Internet users who were unable to gain access to the InterNiC Web Site in a manner similar to that experienced by
> the Long Island complainant described above. For example, I have read an e-mail communication from a French
> internet Service Provider (a commercial service that provides e-mail addresses to individuals to allow them to gain
> access to the Internet) complaining that the provider's European customers were unable to complete the
> registration for new domain names for many days because of the defendant's actions. I also have determined that
> Internet Service Providers in the Eastern District of New York, and Eastern District of New York customers of such
> Providers, were affected by the scheme when they attempted to gain access to the InterNIC Web Site. 
> 
> 17. I also have reviewed communications placed on the internet by the defendant EUGENE E. KASHPUREFF, in
> which he brazenly takes credit for the "AlterNIC fraud." Media reports have quoted KASHPUREFF as describing
> himself an a "webslinger." in addition, I have reviewed media reports, and the transcript of an August 1, 1997
> deposition, given under oath, in which the defendant EUGENE E, KASHPUREFF admitted that he perpetrated
> the scheme described in this Complaint. 
> 
> 18. I have determined from my investigation that on or about Thursday, July 10, 1997, the defendant EUGENE E.
> KASHPUREFF "redirected" Internet traffic normally bound for InterNIC at the URL "www.internic.net" and the
> domain name "internic.net" to his own Web Site for AlterNlC, "www.alternic.net." Stated simply, when Internet
> users entered "www.internic.net" they were automatically diverted to "www.alternic.net." 
> 
> 19. Thus, Internet users expecting to find information about or provided by InterNIC or Network solutions, were
> involuntarily rerouted to the AlterNIC Web Page, which stated in part that: 
> 
>        By redirecting the domain name WWW.INTERNIC.NET, we are protesting the recent InterNIC
>        claim to ownership of ".COM" ".ORG," and ".NET," which they were supposed to be running In
>        the public trust.
> 
> 20. During his August 1. 1997 deposition, the defendant admitted that he discovered and exploited a method of
> diverting all web traffic from one URL to another. KASHPUREFF exploited a weakness in the DNS software,
> inserting additional information that misdirected electronic traffic destined for the InterNIC Web Site to his Alternic
> web Site. KASHPUREFF admitted that he worked on developing the technical proficiency to perpetrate this
> scheme over the course of one year before he exploited it on the Internet. 
> 
> 21. As a direct result of the defendent's actions, potential registrants throughout the world who wished to register
> domain names in the top-level domains administered by InterNIC were denied ready access to the registration
> tools that allow such registration through the InterNIC Web Site. In addition, already-registared interNIC customers
> ware unable to modify or update their domain name records during this period of time. Moreover, internet users
> were unable to gain access to information concerning interNIC's policies and practices in its popular "WHOIS
> directory." The WHOIS directory operates essentially as a 'yellow pages,' providing Internet users with the names,
> addresses, telephone numbers and other vital information used to identity and locate individuals and entities
> associated with Web Sites. 
> 
> 22, This first attack continued over approximately a four day period, from July 10 through July 14, 1997, In legal
> papers filed in connection with a civil lawsuit in the Northern District of Virginia, Network Solutions estimated that
> normally it would have received approximately 15,000 registrations through its Web Site over the period of the
> first KASHPUREFF attack. Network Solutions also has estimated that in that period it normally would have
> received approximately 25,000 modification requests from the holders of proviously-reglstered domain names.
> As a result of the July 10-14, 1997 KASHPUREFF attack, InterNIC was unable to receive this volume of business,
> amounting to the loss of hundreds of thousands of dollars of revenue. Moreover, Internet users who had
> expected to register or update domain names were denied ready access to the system to do so, causing
> confusion, frustration, and immeasurable economic harm. 
> 
> 23. The defendant hijacked the InterNIC Web Site to his AlterNIC Web Site partly as a means to diminish his chief
> business competitor's reputation and to enhance the reputation and prospects for his own company. on July 14,
> 1997, the defendant was quoted by C/NET news as boasting "[i]f they [InterNIC] think they own the entire
> domain space, I've got news for them, Over the weekend, I possessed their name.' KASHPUREFF further
> boasted that he had been working on his "project" for a year under the name "DNS Storm." 
> 
> 24. Even after July 14, 1997, when KASHPUREFF ended the first attack, Network Solutions received
> communications from confused Internet users from throughout the world, complaining that the altered data
> received by their computers as a result of the fraud was not yet removed from the memory of their machines, and
> accordingly was causing problems. 
> 
> 25. In a July 16, 1997 Wired magazine article, the defendant continued to boast about the scheme he had
> perpetrated. He was quoted as saying that by his acts "I'm truly demonstrating the power of what it is that we can
> do. . . We can literally go down through the top 100 Web sites and switch them one-for-one, finding the best
> match - we can have all kinds of fun with this thing. I can take China off the air if I choose to do so." In another
> media report, KASHPUREFF claimed that he could affect the ability of individuals to gain access to the White
> House's Web site. 
> 
> 26. On or about July 21. 1997i the defendant once again redirected Internet traffic normally bound for the
> InterNIC Web Site to the AlterNIC Web Site. KASHPUREFF admitted during his August 1, 1997 deposition that
> he mounted this second attack for three days. Network Solutions representatives have stated that this second
> attack had a similar effect as the earlier one on the Internet, and on their ability to deliver services and information
> to customers. 
> 
> WHEREFORE your deponent respectfully requests that an arrest warrant be issued for the defendant EUGENE
> E. KASHPUREFF and that the defendant be dealt with according to law, 
> 
> TROMAS H. SWINK 
> Special Agent 
> Federal Bureau of Investigation 
> 
> Sworn to before me this 
> 12th day of September, 1997 
> UNITED STATES MAGISTRATE JUDGE

 The facts ma'am, just the facts.

 TeleVirtually Yours,

 Bob Allisat

 Director, World TeleVirtual Network             http://www.wtv.net
 PO Box 191 St E Toronto Canada M6H 4E2                 bob@wtv.net
 (416) 534-1999                   http://www.wtv.net/portfolio.html 
> EASTERN DISTRICT OF NEW YORK
Prev by Date: Re: FYI
Next by Date: (fwd) Kashpureff: THE FUGITIVE (CBC TV Report)
Prev by thread: A Treaty Organzation
Next by thread: Re: Truth in Advertising [ACP Style]
Index(es):
- Date
- Thread