The Rise and Fall of CabinCr3w: How Simple Mistakes Doomed a Hacking Group
Transcript of The Rise and Fall of CabinCr3w: How Simple Mistakes Doomed a Hacking Group
Hacking group CabinCr3w was active from September 2011 to their arrests in March 2012
Began with Occupy Wall Street movement doxing financial CEOs then changed into a more destructive hacking organization, targeting government and law enforcement websites
How did CabinCr3w begin and end?
How did CabinCr3w operate?
What mistakes did CabinCr3w make which helped facilitate their end?
Case study is an empirical inquiry that investigates a contemporary phenomenon in depth and within its real-life context, especially when the boundaries between the phenomenon and context are not clearly evident. (Yin, Case Study Research, 2009)
Secondary data collection from documentation, archival records, observations and physical artifacts.
Create a descriptive framework for organizing data when a lot of data has been collected without having settled on an initial set of research questions or propositions.
In Middletown: A Study of Modern American Culture, Lynd & Lynd (1929) were able to frame their analysis by creating descriptive bins of similar data stories.
September 14, 2011 - @CabinCr3w Twitter account is established
September 17 – Occupy Wall Street begins
September – December – doxes of Wall Street CEOs, LAPD, EEOC, start of Operation Pig Roast
January 19, 2012 – Utah Chiefs of Police hack
January 31 – Salt Lack City Police Department hack
February 6 – West Virginia Chiefs of Police Association hack
February 9 – Alabama Department of Public Safety, National Crime Information Center, Texas Department of Safety, City of Mobile Police Department
February 16 – Wyoming State Troopers hack
February 20 – Houston County, AL website hack
February 21 – LA County Police Canine Association, LA County Sheriff's Department hacks
March 20 – 2 members of CabinCr3w arrested
@AnonW0rmer AKA Higinio Ochoa III charged March 15th with hacking into Texas Department of Public Safety, West Virginia Chiefs of Police Association, Alabama Department of Public Safety and Houston County, AL websites
@ItsKahuna AKA John Anthony Borell III charge March 16th with hacking into the Utah Chiefs of Police and Salt Lake City Police Department websites
Ochoa
@higochoa
@CabinCr3w
W0rmer
@AnonW0rmer
AUS Pictures
TX Dept of Safety Galveston IP
TX Dept of Safety
Facebook AUS Girlfriend
Twitter Screenshot
WV COP
2000 AKA
named
named
DL Photo Neighbor’s WiFi
Lead Admin
higochoa
April 2011 – LulzSec offshoot of Anonymous begins hacking run
June 7, 2011 – LulzSec leader Sabu is arrested by FBI and turned
January 29, 2012 – Pastebin conversation of Brazilian Satiagraha hack
February 15 – FBI begins investigation, finds 2 anonymous tips
February 17 – Twitter subpoenaed
March 2 – Twitter responds
March 6 – Sabu is revealed to be an FBI informant
March 20 – CabinCr3w arrests
Borell
BRZ Satiagraha
2 FBI Tips
Kahuna 2 FBI Tips
@ItsKahuna Neighbor’s Wifi
Friend’s house
Toledo Church
Twitter Subpoena
FBI Investigation
2 FBI Tips
Facebook Jborell
Photos
2/15/12
2/6/12
Pastebin conversation
1/29/12
Higinio Ochoa III
March 15, 2012 – charged
March 20, 2012 - arrested
April 7, 2012 – married girlfriend Kylie Gardner
June, 2012 – plead guilty
August 27, 2012 – sentenced to 2 years in Federal Prison, pay $14,000 in restitution
John Anthony Borell III March 16, 2012 –
charged
March 20, 2012 - arrested
April 16, 2012 - Pled Not Guilty
April 16, 2013 - Pled Guilty under plea bargain
September 12, 2013 - sentenced to 3 years in Federal Prison, pay $226,736 in restitution
CabinCr3w transformed from an Occupy Wall Street CEO doxing focus to SQLi break-ins of government and law enforcement organizations
They were sloppy in hiding their identity; brought long-held usernames with them
They were arrogant in Twitter taunts
Likely maintained contact with Anonymous members