Advertisement

Hacker Interviewed in Web Attacks May Face Other Charges

Share via
TIMES STAFF WRITERS

A teenage computer hacker recently interviewed by the FBI as a potential suspect in last month’s attacks on major Web sites is close to being charged with unrelated computer crimes in Los Angeles, authorities said Thursday.

The hacker, a 17-year-old New Hampshire resident known publicly only by his moniker “Coolio,” has admitted to defacing at least three Web sites in recent months, including one operated by the nonprofit Drug Abuse Resistance Education program based in Inglewood, LAPD officials said.

Based on Internet postings attributed to him, Coolio also has been identified by some private security experts as a potential suspect in the more serious attacks on Yahoo, EBay and other high-profile sites last month.

Advertisement

But authorities indicated Thursday that it is not clear Coolio was involved in those so-called denial of service attacks, which crippled some of the Web’s most popular sites for hours under a barrage of phony data requests.

Sources familiar with the ongoing federal investigation of those crimes acknowledged that Coolio was recently questioned by the FBI and that some computer evidence was gathered from his New Hampshire residence.

But “there are no charges at this point contemplated against Coolio for any of the denial of service attacks,” one source said. “Right now, there is nothing strongly indicating this guy is responsible for these things.”

Advertisement

Instead, Coolio faces charges of vandalizing a number of Web sites, usually rerouting their traffic to graffiti-smeared facsimiles featuring his signature. In addition to the DARE site, which was first defaced Nov. 14, he is accused of vandalizing a Commerce Department site and another operated by RSA Security, a leading Internet security firm.

“I do believe we will end up charging him,” said Capt. Donald Floyd, head of the Los Angeles Police Department’s computer crimes unit. “We’re putting together a case to take to the district attorney’s office.”

Floyd said the investigation began with a complaint from DARE. Detectives traced that attack first to a computer in Arizona, and learned of Coolio’s true identity in January. That information was furnished to New Hampshire authorities and the FBI, Floyd said.

Advertisement

Last month, the FBI served a search warrant on Coolio’s home, LAPD officials said. At that point, Coolio admitted to hacking Dare.org, CWC.gov, RSA.com and as many as 100 other Web sites.

Authorities said they are still deciding which agencies will press charges against Coolio and in which jurisdictions. In California, he could be charged with computer vandalism as a juvenile and could face time in a juvenile detention facility. But in New Hampshire, Coolio could be charged as an adult and could face more serious penalties, officials said.

Coolio has been implicated in the denial of service attacks by experts at Stanford University and Securify.com, a Palo Alto company. They said that their study of Internet logs of chat groups taking place after the RSA incident suggested Coolio had insider knowledge of the attacks.

But other experts and many law enforcement officials are skeptical. John Vranesevich, founder of the security site AntiOnline.com, said it’s unlikely that Coolio would have launched the massive denial of service attacks, then days later launch a completely different kind of attack on the RSA site as an attention-getting effort.

“From a cultural aspect, it doesn’t make sense that one week he does an attack that gets huge attention, but doesn’t take credit, but the next week does something small to get attention,” Vranesevich said.

Advertisement