Saturday, December 03, 2011

New York - About 200,000 Citibank credit card customers in North America have had their names, account numbers and email addresses stolen by hackers who broke into Citi ‘s online account site.

Citigroup Inc. said it discovered that account information for about 1 percent of its credit card customers had been viewed by hackers. Citi has more than 21 million credit card customers in North America, according to its 2010 annual report. The New York-based bank, which discovered the problem during routine monitoring, didn’t say exactly how many accounts were breached. Citi said it was contacting those customers.

The bank said hackers weren’t able to gain access to social security numbers, birth dates, card expiration dates or card security codes. That kind of information often leads to identity theft, where cyber criminals empty out bank accounts and apply for multiple credit cards. That can debilitate the finances and credit of victims. Citi customers could still be vulnerable other problems. Details about their bank accounts and financial information linked to them could be acquired using the email information and account numbers hackers stole.

Federal regulators have taken notice and are asking banks to improve security.

“Both banks and regulators must remain vigilant,” said Sheila Bair, chair of the Federal Deposit Insurance Corporation. She said federal agencies, including the FDIC, are developing new rules to push banks to enhance online account access.


The Citi data breach was the latest in a series of recent high-profile data attacks against a number of major firms.

—On June 1, Google Inc. said that the personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, had been breached.

—On May 30, broadcaster PBS confirmed that hackers cracked the network’s website and posted a phony story claiming dead rapper Tupac Shakur was alive in New Zealand.

—On May 28, defense contractor Lockheed Martin Corp. said it had detected a “significant and tenacious attack” against its computer networks. The company said it took swift and deliberate actions to protect the network and the systems remain secure.

—In April, media and electronics company Sony Corp.‘s PlayStation Network was shut down in April after a massive security breach that affected more than 100 million online accounts.

—Also in April, hackers penetrated a network operated by a data marketing firm Epsilon. The company handles email communications for companies like Best Buy Co. and Target Corp.

The number of data breaches in the last two months sets a “high water mark,” said John Ottman, CEO of Application Security Inc., a New York-based firm that specializes in securing databases, the big repositories companies use to organize account information and other data.

“Attackers have realized that most organizations have not properly protected databases,” Ottman said.

Cyber attackers have a variety of less-dangerous motivations, from mischief to online activism. For example, a group identifying itself as LulzSec claimed credit for the fake PBS article calling it retaliation for a documentary about WikiLeaks, the website that publishes classified documents.

But often such data breaches are an attempt to steal personal data, which is likely the case with Citi. Hackers also will pose as legitimate companies in a tactic known as “phishing,” where they try to get users to supply additional information like social security numbers and email or bank passwords to get access to their financial information.

The fact that the Citi hackers only got a few pieces of personal data on customers may limit what crooks can do with the information, said Susan Grant, director of consumer protection at Consumer Federation of America, a consumer advocacy group.

“But any ID theft is worrisome for consumers,” Grant said. She believes companies are responsible for protecting their customers’ information from internal and external abuse.

In an emailed statement, Sean Kevelighan, a spokesman for Citi said the bank is contacting affected customers and enhancing procedures to prevent a similar security breach from happening again.

“For the security of these customers, we are not disclosing further details,” he said.

Hackers breached two computer stations owned by Vacationland Vendors of Wisconsin Dells, placing about 40,000 credit or debit card users at risk of theft.

The computers were at the Wilderness Resorts in Lake Delton and Sevierville, Tenn, where Vacationland Vendors operates the arcades. The company owns and operates 11 arcades and has been in operation 30 years. Vacationland Vendors is one of the Gussel family's businesses, which also include Holiday Wholesale as well as convenience stores and Dunkin Donut franchises.

A notice on the Vacationland Vendors web site says, "Based upon its investigation to date, Vacationland Vendors reasonably believes that a computer hacker improperly acquired credit card and debit information. This incident did not involve an internal security issue within the Wilderness Resort. Vacationland Vendors has learned that other businesses just like its own have been affected by this computer hacker."

Evan N. Zeppos, of the public relations firm, Zeppos & Associates, which is handling publicity about the breach, said the company was alerted to the breach by calls from one or two customers. The breach occurred on March 22.

No other computer systems in the Vacationland Vendors system with credit card information have been breached by hackers, Zeppos said.

Zeppos said when Vacationland learned of the breach, it called in forensic experts to look at the rdata in the system.

"Once we became aware of the breach, we immediately shut down the credit card system and took it offline April 1," Zeppos said.

Since then, the company has upgraded its security on the computer system. "We . . . believe we now have the highest level of security."

Although 40,000 credit or debit card users data was stored, Zeppos said it is believed that fewer than 20 individuals were impacted.

He suggested that anyone who used who used credit or debit cards at one of the affected arcades from Dec. 12, 2008 to May 25, 2011 should check their credit card statements for any unusual activity. Paying close attention to credit and debit card statements is a good thing to do. Saying he does not want to make excuses for the company, he encouraged customers to be diligent and vigilant for illegal use of their cards.

Heidi Fendos, of Fendos Public Relations, which handles public relations for the Wilderness resorts, said customers who used credit or debit cards at the resorts are being asked to carefully check their credit card statements.

"When they made our resort aware of the breach to one of their credit card stations in our Wild West Mega Arcade, we had them immediately cease all credit card activity in their leased area," Fendos said.

"Our resort wants to make it clear that the Wilderness Resort's credit card system was never compromised at any time during this situation with Vacationland Vendors' credit card station," Fendos said.

Vacationland Vendors continues to lease and operate the arcades at Wilderness, but the area is cash-only now. Credit cards are no longer accepted.

Zeppos said Vacationland is trying for broad dissemination of the information about the threat and has information on its web site, about what to do. The site says to do the following:

■ Watch for any unusual activity on your bank statements, credit card account or suspicious items on your bills.

■ Contact any of your credit card issuers, banks or credit unions, and inform them of this incident.

■ Place a fraud alert on your consumer credit file. A fraud alert instructs creditor to watch for unusual or suspicious activity in your accounts, and provides creditors with notice to contact you separately before approving an extension of credit. To place a fraud alert, free of charge, contact one of the three national credit reporting agencies listed below. You do not need to contact all three; rather, the agency that you contact will forward the fraud alert to the other two agencies on your behalf

The remaining individual is known only by an alias and authorities do not know where that person is.

Under the indictments, three Miami, Florida, men -- Albert "Segvec" Gonzalez, Christopher Scott and Damon Patrick Toey -- are accused of hacking into the wireless computer networks of retailers including TJX Companies, whose stores include Marshall's and T.J. Maxx, BJ's Wholesale Club, OfficeMax, Barnes and Noble and Sports Authority, among others.

The three men installed "sniffer" programs designed to capture credit card numbers, passwords and account information as they moved through the retailers' card processing networks, said Michael Sullivan, the U.S. attorney in Boston.

"This has other personal numbers that could give them access to credit or debit cards that have already been issued and are active," Sullivan told CNN. Have you been a victim of identity theft?

The probe began in late 2006, Sullivan said. In addition to the Justice Department, the Secret Service has been conducting an undercover investigation for more than three years through the U.S. attorney's office in San Diego, he said.

The three then concealed the data in encrypted computer servers they controlled in the United States and eastern Europe, the Justice Department said.

Some credit and debit card numbers were sold on the Internet, and were "cashed out" by encoding the numbers on the magnetic strips of blank cards. "The defendants then used these cards to withdraw tens of thousands of dollars at a time from ATMs," authorities said.

Gonzalez and the others used anonymous Internet-based currencies to conceal and launder their proceeds, as well as channeling funds through bank accounts in Eastern Europe, the department said.

"There are ties between all three districts and ties internationally that go all the way to the Ukraine and Latvia," Sullivan said. "The 41 million credit and debit numbers were used internationally."

Thursday, December 10, 2009

This is cool !

The U.S. Securities and Exchange Commission has filed civil charges against a young Pennsylvania man for computer hacking and identity theft in a scheme last July to dump worthless options for Cisco Systems stock.

The case against Van T. Dinh, 19, of Phoenixville, Pennsylvania, is the first time computer hacking and identity theft have both played a part in a fraud prosecution by the commission, the SEC said Thursday.

Dinh was arrested Thursday morning on the campus of Drexel University, where he claimed to be studying business, according to John Reed Stark, chief of the SEC Office of Internet Enforcement.
Stock Options

Dinh was motivated to commit the crime after being stuck with 7200 worthless options contracts for Cisco stock. Exercising the options would have resulted in a loss of approximately $37,000, the SEC said, citing court documents filed in July.

In June the Pennsylvania teenager paid $91,200 to buy more than 9000 put options on Cisco stock, which gave him the right to sell the shares at or below $15 per share before July 19, 2003, according to a statement released by the U.S Attorney's Office for the District of Massachusetts, which is also pursuing Dinh.

In the weeks following his purchase, however, Cisco stock hovered around $19 per share, making Dinh's put options worthless, Stark said.
Elaborate Scheme

Instead, Dinh allegedly set up an elaborate scheme to unload the shares in a bogus transaction. First, the teenager allegedly lured participants in an online stock-discussion group to download a key-logging program that he claimed was a stock-charting tool, the SEC said.

After using the program to monitor the information typed on victims' machines, Dinh allegedly obtained the log-in and password information for a TD Waterhouse Investor Services online brokerage account owned by a Westborough, Massachusetts, man.

With the victim's account information in hand, Dinh used his own online brokerage account to create orders to sell the worthless options, then hacked into the victim's online account and created corresponding buy orders for the options, the SEC said.

The transactions depleted around $46,986 from the victim's brokerage account, according to the U.S. Attorney's Office.

The SEC learned of the crime after being contacted directly by the victim, and launched an investigation that grew to include the Federal Bureau of Investigation and the U.S. Attorney's Office, Stark said.

Stark would not comment on how the 19-year-old obtained the money to buy the put options, but said that the SEC's investigation into him was ongoing.

Dinh was also charged by the U.S. Attorney's Office in Massachusetts with securities fraud, mail fraud, and wire fraud resulting from the illegal sale, the SEC said.
Under Investigation

The SEC used the case to trumpet its online investigative technique, noting that the commission identified Dinh as the alleged culprit within days of the crime, despite his attempts to cover his tracks online through the use of multiple e-mail accounts and Web sites that enable Internet users to shield their identity.

A trail of both money and digital communications led from the victim's computer back to Dinh, he said.

Unlike other kinds of transactions, those involving securities leave a detailed paper trail that is easy for investigators to track, Stark said.

In addition, key-logging software that Dinh installed sent out a steady stream of e-mail messages that could be traced back to accounts under Dinh's control. Ultimately, investigators were also able to trace the origin of both the sale and purchase of the options back to an IP address at the Phoenixville home of Dinh's parents, Stark said.

If found guilty, Dinh could face a maximum term of 30 years in jail and a $1 million fine for the securities, mail, and wire fraud charges, according to the U.S. Attorney's Office.

The agency also said that the case should serve as a warning to investors who use online brokerage services. Users should be suspicious of programs they are asked to download and install, and should use antivirus and firewall software to shield their computers from intrusions, the SEC said.

Mechanix my opinion:
I told you not to get caught!! They throw the book at you when you are smarter then they are!!!!!
An expert on cable modem hacking has been arrested by federal authorities on computer intrusion charges.

According to the U.S. Department of Justice (DOJ), Ryan Harris, 26, ran a San Diego company called TCNISO that sold customizable cable modems and software that could be used to get free Internet service or a speed boost for paying subscribers.

Harris, also known as DerEngel, was charged on Aug. 16, but the grand jury indictment was not unsealed until Monday, several days after his Oct. 23 arrest. He faces a maximum sentence of 20 years in prison and a US$250,000 fine, the DOJ said. The six-count indictment charges him with conspiracy, computer intrusion and wire fraud.
Hackers have known for years that certain models of cable modem, such as the Motorola Surfboard 5100, can be hacked to run faster on a network, a process known as uncapping. However, the question of whether uncapping a modem is illegal is "not clear," according to Bill Pollock, founder of No Starch Press, which published Harris's 2006 how-to book Hacking the Cable Modem.

Cable modems can also be configured to use a paying customer's MAC (Media Access Control) address to steal service. According to the indictment, Harris helped develop tools that could be used to sniff MAC addresses in order to get on the network free.

Harris isn't the first person to be charged with this type of activity. In January, Thomas Swingler was charged with selling cable modems that could be customized to get free Internet service.

See what happens when ya' get caught being smart :{ bummer So DON"T GET CAUGHT!!

Long ago I had situation where I was sailing internet Wireless I had bought A large router from the phone company and got dedicated line T1 and I would broad cast across my neighborhood. Went door to door like newspaper salesman and had twenty accounts . I would issue them all Email accounts. But I think this should be legal but I found out that It's not . I also planned to use sat dishes pointed from my house to A distant mountain top cabin where I had a larger one . I wanted to supply the entire valley but that's where I realized the Situation I was creating ...I finally quit after a while. Got scared when I started reading about shit like this going down.
What I finally did was instead of sailing it I would just give it away for free.
You can purchase A larger router and get all the bandwidth you need just call and be ready to get your credit card handy! What do you think!

Monday, December 07, 2009

Hackers attack antivirus firm’s tech-support site

February 16, 2009 (Computerworld) A Kaspersky Lab technical support site was hacked late last month, exposing private customer information for 11 days, the Moscow-based security company admitted last week. The company learned of and closed the breach on Feb. 7 after it was notified by the Romanian hackers.

“This is not good for any company, especially for a company dealing with security,” acknowledged Roel Schouwenberg, a senior antivirus researcher at Kaspersky, in a conference call last week. “This should not have happened.”

The company had revamped the U.S. support site and relaunched it on Jan. 28. From that point until Feb. 7, the support database was open to attack, Schouwenberg said. The revamped site has now been replaced by the old version.

In a blog post, the hackers claimed that they were able to access a customer database that held e-mail addresses and software-activation codes by launching a SQL injection attack.

Schouwenberg confirmed that the database was hacked via SQL injection, but he contended that only the database’s table labels were accessed, not the customer data. However, the e-mail addresses of about 2,500 customers and some 25,000 activation codes were at risk, he noted.

Schouwenberg said the hack was made possible by a combination of vulnerable code crafted by an unnamed third-party vendor and poor code review by Kaspersky.

Kaspersky hired Next Generation Security Software Ltd.’s David Litchfield, an expert on SQL injection attacks, to audit the systems. His report, delivered Feb. 12, confirmed Kaspersky’s findings.

HA HA HA HA you can stop one of us but you can't stop us all ! This is the funniest shit I have read all day. Good job Anon hacker

The websites of two major providers of security products have been hit by hackers.

A new Valentine’s Day spam email has been detected by Websense as containing a Waledac variant. Websense Security Labs has reported to have seen several fake Valentine’s Day sites serving up malware recently, with an increase in adult dating and ‘healthcare’ related email spam released to mark the occasion. Carl Leonard, Websense threat research manager, claimed that it works by the user opening the URL in the spammed message and being redirected to a site with two puppies and a love heart to give a Valentine’s theme. The user is then enticed to download a Valentine’s kit to prepare a present for a loved one, which is a new Waledac variant.

Leonard said: The usual suspects have emerged as expected, with Valentine spam emails and Trojans. The public are becoming more aware of these and it is getting harder to trick people this way. Cyber criminals are also taking their efforts to social networks, given its rising popularity and potential to manipulate the user through ‘friend’ messages.

A €œOrganized criminal units have a long history of timing their attacks to coincide with popular occasions in order to achieve maximum success. Valentine’s Day 2009 is a day that is similarly marked on the criminals’ calendar for targeted attacks.”

Websense has warned of three key signs of fake sites: ‘Broken Hearts’ sites show colourful images such as puppy dogs or a picture of 12 pretty hearts and ask ‘Guess, which one is for you?’. The web page however is one big image and a single click from a tricked user commences the download of Trojans named “onlyyou.exe” or “youandme.exe”, which can connect to remote websites to receive commands and send information about the compromised system.

€˜I am your friend’ uses social networking tricks to get users to visit fake sites, with Websense claiming that a popular technique at the moment is spam email pretending to originate from social networking sites – complete with love hearts and cartoon characters. Clicking through to the link would download a Trojan designed to steal log in credentials for banking sites.

Seventy per cent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites. Specially created malicious sites are in decline as cybercriminals switch to compromising ‘trusted’ websites. Websense claimed that as there is increased confidence in shopping and researching online - a lot of which happens whilst in the office – people are turning to the internet to order flowers, chocolates and other gifts and cybercriminals are compromising these sites and stealing data.

Leonard said: The underground economy is positively flourishing as companies fail to keep up with security technology. Criminals are taking advantage of the growing number of Web 2.0 properties, which allows user generated content. More than ever we’re seeing websites injected with links to direct users to malicious and compromised sites.

€œSince many email security systems lack web intelligence, spammers have also stepped up email campaigns which contain links to malicious web pages. It’s clear that businesses need security with real-time protection, but until this becomes the norm – cybercriminals will continue stealing data and breaking hearts.


It has been 4 ever sense I wrote in this blog . I thought they ( GOOGLE ) had deleted it by now but they must have better things to do. NE way I thought I would continue on with the rambling I had always done . Oh if there are people that do read my blog Please forgive the absence. I will start posting new stuff and some old useless stuff if you are new here thrn you have to go to my previous postings .

Sunday, April 19, 2009

TiVo UI control via internet . No hacking required!!!

As many of you may have already heard, TiVo added support for Crestron systems back in software version 9.1 but there isn't a whole lot of information available about from TiVo or from Crestron.

After thinking about it for a small while, my curiosity was piqued, and I decided to try and figure out the protocol Crestron was using to talk to an unhacked TiVo, and how we non-Crestron users could somehow harness it.

As it turns out both the TiVo HD and Series3 units now listen on port 31339 for connections from a Crestron device. What is really interesting about this discovery is that this service is enabled and accessible by default on a stock Series3 running software 9.1 and up. There is NO HACKING REQUIRED to use this interface.

The protocol and its commands aren't published, but some heavy digging on Crestron and debugging the tivoapp binary resulted in some interested finds.

If you telnet into your TiVo on port 31339, you will be presented with the following:

This prompt reflects the current status of the TiVo and will tell you the current channel being watched, and if it's being recorded.

Once the telnet session is started, the following commands are available:

KEYBOARD - The current purpose and syntax of this command is unknown.

TELEPORT - I'm not sure why this command exists, because I believe anything that TELEPORT does can also be accomplished via IRCODE. That said, the four currently known places you can "teleport" to are TIVO, LIVETV, GUIDE, and NOWPLAYING.

SETCH - This command will change the channel on the current tuner being watched to the channel number defined. If the current tuner is recording a program, it will change the other tuner. If both tuners are recording, the channel will not change and the TiVo will respond with "CH_FAILED RECORDING "Show Title". Using this command when a recording is being played back will result in "CH_FAILED NO_LIVE".

FORCECH - This command will force the current tuner to the tune the desired channel regardless of what it's doing. If a recording is being recorded it will cancel the recording and change the channel without confirmation.

IRCODE - IRCODE seems to mimic the old "sendkey" command in almost every way. While it can't handle multiple commands on one line, almost all of the commands listed in sendkey.tcl are valid and working.

The following is a list of IRCODE commands that I have verified as working:

If take too long to type a command, it will result in COMMAND_TIMEOUT since the interface was designed to receive whole and complete commands, and was not designed to be used manually via telnet.

That's all I've found for now, but I'll be sure to post updates as they come along.


Sunday, September 24, 2006

19 year old Belgium female technology student known as 'Gigabyte' was arrested and charged with computer data sabotage for creating viruses. She says she never spread the viruses, she also created a virus in C#, her site has been taken offline and her computers were confiscated.

Links of Interest:
Gigabytes Guestbook: View or Sign
Google Cache of

"When people make guns, can you blame them when somebody else kills with them?" - "I only write them. I don't release them." She said.

Gigabyte in '02 did a interview with TechTV defending her work saying she never releases her viruses into the wild. If convicted she faces up to 3 years in prison and fines up to 250,000.

Monday, March 27, 2006

Cell phone Hacking !!!

The cellular/mobile phone system is one that is perfectly set up to be exploited by phreaks with the proper knowledge and equipment. Thanks to deregulation, the regional BOC's (Bell Operating Companies) are scattered and do not communicate much with each other. Phreaks can take advantage of this by pretending to be mobile phone customers whose "home base" is a city served by a different BOC, known as a "roamer". Since it is impractical for each BOC to keep track of the customers of all the other BOC's, they will usually allow the customer to make the calls he wishes, often with a surcharge of some sort.

The bill is then forwarded to the roamer's home BOC for collection. However, it is fairly simple (with the correct tools) to create a bogus ID number for your mobile phone, and pretend to be a roamer from some other city and state, that's "just visiting". When your BOC tries to collect for the calls from your alleged "home BOC", they will discover you are not a real customer; but by then, you can create an entirely new electronic identity, and use that instead.

How does the cellular system know who is calling, and where they are? When a mobile phone enters a cell's area of transmission, it transmits its phone number and its 8 digit ID number to that cell, who will keep track of it until it gets far enough away that the sound quality is sufficiently diminished, and then the phone is "handed off" to the cell that the customer has walked or driven into. This process continues as long as the phone has power and is turned on. If the phone is turned off (or the car is), someone attempting to call the mobile phone will receive a recording along the lines of "The mobile phone customer you have dialed has left the vehicle or driven out of the service area." When a call is made to a mobile phone, the switching equipment will check to see if the mobile phone being called is "logged in", so to speak, or present in one of the cells. If it is, the call will then act (to the speaking parties) just like a normal call - the caller may hear a busy tone, the phone may just ring, or the call may be answered.

How does the switching equipment know whether or not a particular phone is authorized to use the network? Many times, it doesn't. When a dealer installs a mobile phone, he gives the phone's ID number (an 8 digit hexadecimal number) to the local BOC, as well as the phone number the BOC assigned to the customer. Thereafter, whenever a phone is present in one of the cells, the two numbers are checked - they should be registered to the same person. If they don't match, the telco knows that an attempted fraud is taking place (or at best, some transmission error) and will not allow calls to be placed or received at that phone. However, it is impractical (especially given the present state of deregulation) for the telco to have records of every cellular customer of every BOC. Therefore, if you're going to create a fake ID/phone number combination, it will need to be "based" in an area that has a cellular system (obviously), has a different BOC than your local area does, and has some sort of a "roamer"
agreement with your local BOC.

How can one "phreak" a cellular phone? There are three general areas when phreaking cellular phones; using one you found in an unlocked car (or an unattended walk-about model), modifying your own chip set to look like a different phone, or recording the phone number/ID number combinations sent by other local cellular phones, and using those as your own. Most cellular phones include a crude "password" system to keep unauthorized users from using the phone - however, dealers often set the password (usually a 3 to 5 digit code) to the last four digits of the customer's mobile phone number. If you can find that somewhere on the phone, you're in luck. If not, it shouldn't be TOO hard to hack, since most people aren't smart enough to use something besides "1111", "1234", or whatever. If you want to modify the chip set in a cellular phone you bought (or stole), there are two chips (of course, this depends on the model and
manufacturer, yours may be different) that will need to be changed - one installed at the manufacturer (often epoxied in) with the phone's ID number, and one installed by the dealer with the phone number, and possible the security code. To do this, you'll obviously need an EPROM burner as well as the same sort of chips used in the phone (or a friendly and unscrupulous dealer!). As to recording the numbers of other mobile phone customers and using them; as far as I know, this is just theory... but it seems quite possible, if you've got the equipment to record and decode it. The cellular system would probably freak out if two phones (with valid ID/phone number combinations) were both present in the network at once, but it remains to be seen what will happen.
Extracting the HD password from an XBox hard drive

Extracting the HD password from an XBox hard driveThe XBox harddrive uses a fairly old but relatively unused set of security commands to prevent easy access to it's built in drive. However, since the password system does not specify any form of challenge/reply system the password is transmitted in "clear" form. Thus with the right equipment and a little bit of patience you can easilly read the values.The ATA spec provides a command labeled SECURITY UNLOCK (command code 0xF2) which provides a means for passing a 32 byte password to an IDE drive in order to unlock it. There are two passwords, a master and a user password. The xbox uses the user passord.To get to the password you need at least 22 (preferrably 23) probes.DD(15:0) -- data pinsCS(1:0)- -- Chip SelectDA(2:0) -- Device AddressDIOW- -- Device I/O WriteDIOR- -- Device I/O Read (optional)When dealing with hardware you need to realise that there is a difference in the voltage level of a line and the line's meaning. For the "standard" wire the low voltage condition (usually 0V) corresponds to binary 0 and the high voltage condition (2.7V, 3.3V, 5V, 12V, or whatever) is binary 1. There are signals that are "negative logic" in which case the oposite is true: 0V == binary 1, +xV == binary 0. The ata spec uses the symbol 'A' (for asserted) to indicate the high voltage condition, and the symbol 'N' (for negated) for the low voltage condition.The CS0-1, DIOW, and DIOR lines are negative logic, which is indicated by the '-' mark after their names (above and in the spec).There are several registers in the ATA spec, they are addressed by the combination of the CS and DA lines. Several of these registers have different meanings depending on whether they are read or written, the write meaning is shown first. The values for these registers are:cs1- CS0- DA2 DA1 DA bits Name0(A) 1(N) 1(A) 1(A) 0(N) 8 Device Control Reg./Alt. Status Reg.1(N) 1(N) X X X 16 Data Port1(N) 0(A) 1(A) 1(A) 1(A) 8 Command Reg./Status Reg.1(N) 0(A) 1(A) 1(A) 0(N) 8 Device Reg.1(N) 0(A) 1(A) 0(N) 1(A) 8 LBA High Reg.1(N) 0(A) 1(A) 0(N) 0(N) 8 LBA Mid Reg.1(N) 0(A) 0(N) 1(A) 1(A) 8 LBA Low Reg.1(N) 0(A) 0(N) 1(A) 0(N) 8 Sector Count Reg.1(N) 0(A) 0(N) 0(N) 1(A) 8 Feature Reg./Error Reg.1(N) 0(A) 0(N) 0(N) 0(N) 16 Data Reg.The value to be placed in the register is passed on the DD lines (the data lines). When setting an 8 bit register the low bits in the data lines (0-7) are used.The XBox appears to use a standard method for sending ata commands to it's drives. The SECURITY UNLOCK command doesn't require the use of the sector count, LBA low/mid/high, or features registers, but they get cleared anyway. The only register that we are really interested in, to begin with, is the command register. What we need to do it setup our logic analyzer to trigger (start capturing) when the command register is written to with a value of 0xF2. The method for doing this is dependant on your analyzer, RTFM. So, trigger when:CS1 == 1CS0 == 0DA2 == 1DA1 == 1DA0 == 1DIOW == 1DD(7:0) == 0xF2At this point the XBox has written the command 0xF2 (SECURITY UNLOCK) to the drive, which is now expecting the recieve the password over the data lines in subsequent writes. The mode used to transfer the data is called "PIO data-out" and transfers 512 bytes of data (that's 256 16 bit writes) over the data lines, controlled by bits in the Status register. There is a good diagram in the ATA spec showing the transfer process, and you are encouraged to have it on hand when going through this the first time (the latest ATA specs can be found at data to be transferred is:word #0: bit 0 == 1->Master password, 0->User passwordbits 15-1 == reserved (these were 0 in my case)so the whole data word was 0x0000word #1: first two bytes of passwordword #2: second two bytes of password...word #16: last two bytes of passwordwords #17-255: reserved (these were all zero in my case)The transfer does not begin immediately. The device (the ide drive in the xbox) must first signal that it is read to recieve the data. In the PIO modes this flow control is done through the Status Register. The bits in the 8 bit status register are:bit 7: BSY Busy (the device is busy)bit 6: DRDY Device Ready (the device is accepting commands)bit 5: DF Device Fault (device is unable to complete the command)bit 4: # (Command Specific)bit 3: DRQ Data Request (device is ready to transfer data)bit 2: --- Unused (Obsolete)bit 1: --- Unused (Obsolete)bit 0: ERR Error (an error ocurred while processing a command)The transfer of data to the drive cannot occur until BSY == 0. You will see (if you are watching the DIOR line) that the xbox is polling that register waiting for the bit to clear. When it does the xbox will begin transferring the data bytes to the drive.It is worth while for me to note that on high speed analyzers you will see the logic lines drift from their previous value to the new value. This is *normal* and is due to the capacitance of the data bus. You need to be looking at the stable signal, not at the (possibly multiple) transient values which occur during the change. This is the reason for the DIOW- line, to tell the device when the data lines are stable. Slower measurement devices will (probably) not see these transient results. If you are unfamiliar with such highspeed devices this can be confusing :)Options for those without a logic analyzerI have had a bunch of questions centered mainly on how to do this without the analyzer or some other specialized equipment. Generally my answer is: you probably can't. I *seriously* doubt that any generic input device on a PC can be read at anywhere near the speed required.If someone really wants to try, my suggestion is to start with the parallel port. I do not know that much about the parallel port, but you may be able to program it to read the data at a sufficiently fast rate. It appears to have at least 9 input lines, (though some are inverted) which can be used to read the pins on the ide cable. You would have to dedicate 6 of these pins to the control signals (CS(1:0)-, DA(2:0), and DIOW-), and could use the other 3 to gather data from the DD pins. This would, of course, require multiple runs to gather all of the 16 bits for each word in the password.The two primary questions I can't answer are the capacitance of the input pins on the parallel port, and the speed with which they can be polled. If the capacitance is too high you will be ruining the ide signals, and the xbox will almost certainly not be able to communicate with the drive at all. If that is the case it may never get to the stage of trying to transfer the password to the drive (worst case is it could overheat the IDE controller chipset). If the read speed is too low then you will not be able to get all of the state changes, and will probably not be able to read anything of use. My *guess* as to the lowest possible read rate is somewhere around 25MHz. At this rate you will probably miss some of the DIOW line changes, but should be able to see all of the actual data bus changes.If you decide to try this, verify it works on some other drive before using your xbox drive, as I have no idea what kinds of problems might come up if it fails.Good luck, and happy hacking.-SpeedBump
Imaging Your Xbox HD using dd (in QNX OS)
by xbill
A method for imaging your Xbox hd to a file, or set of files, including a procedure for imaging directly from one disk to another (cloning) using dd in the QNX OS.
This is one method for imaging/cloning your Xbox hd. It is by no means the only method.


* A Disassembled Xbox
* A fairly recent PC system with an available standard IDE interface.
* A bootable QNX ( OS.
I used QNX because it installs quickly from CD ROM, and has a tiny footprint, but this should be possible with Linux as well. Free OSes rule!
* A spare IDE/ATA hd of equal or greater capacity than the Xbox hd, and/or equivalent free space on an existing file system.

* Networking components (NIC, drivers, cables, hubs, switches, etc.)
* LAN with server(s) featuring disks with file sytems such as NTFS that support large file sizes, and networking drivers, protocols installed necessary to share files on the LAN.
* SMB network file system manager/client (CIFS.) This is included with QNX.

Running the Xbox with the cover off, and the power supply exposed presents a safety hazard. Be extremely careful when working around the open Xbox with the power on.
A serious or fatal electrical shock could ruin your day.
Swapping cables, and working near live circuits can also potentially cause damage to the electronics if not handled carefully. If a metal part or a tool falls onto live circuits, you could roast something.
Watch out for static electricity. Prior to handling components, or swapping cables, touch the chassis of your PC with the back of your hand to discharge any built-up static charge on your body.
I, and the publisher, SiliconIce, assume no responsibility for any damage to you or your stuff. This is provided for informational purposes only.
Just watch yerself, OK?

Since the Xbox hd has the ATA Security feature enabled, you'll need to unlock it before you attempt to image it.
This is the cable swap method.
Setup your Xbox and your PC right next to each other, such that the PCs available IDE drive cable, and power connector can reach the Xbox HD.
Connect an available power connector from the PCs power supply to the Xbox hd.
Connect the IDE cable from Xbox to the the Xbox hd.
Power up the PC and hit the "Pause" key before it autotypes the drives.
Power up the Xbox to the idle Dashboard.
*During the Xbox startup, the Xbox transmits the password via the ATA Unlock Command, and the drive is unlocked.
Now, carefully disconnect the Xbox IDE cable from the Xbox hd.
Plug the PC IDE cable into the Xbox hd.
Hit any key on the PC keyboard to let it continue to boot.
Now the drive is unlocked and reconnected to the PC, ready for read(/write?) operations.

As with many Unix/Linux OSes, there is a 2GB file size limit with QNX due to it’s use of the minix filsystem, which kinda sucks. This means breaking the image in to smaller chunks. However, I decided that during analysis, smaller files would be easier to handle than one huge file. So, breaking the image into eight 1GB files makes some sense. I have the 8GB Western Digital hd.
For Linux, it probably depends on the distribution, the file system, and the processor. However, I think tweaking, and relinking the kernel in Linux for larger file support (LFS) is probably easier than it is in QNX.
Be aware that there may be a file size limit on some file systems.
If your OS can handle large file sizes, then you can adjust your dd options to read/write larger images.

To make images of the Xbox hd, you can use the standard dd util in a shell script.
When using dd, you must use the raw block device.
With QNX, the first IDE hd is /dev/hd0. If you connected the Xbox hd to the secondary IDE then it’s /dev/hd1.
Use df to display the total blocks on the disks.
This display is for the Western Digital 8GB, yours may look different.
# df -P
Filesystem 512-blocks Used Available Capacity Mounted on
/dev/fd0 0 0 0 100%
/dev/hd1 15633073 15633073 0 100%
/dev/hd0t79 156344517 16213159 140131358 11% /
/dev/hd0 156355585 156355585 0 100%

/dev/hd1 shows 15633073 blocks (512 byte sectors.)
15633073 is not evenly divisible, but 15633072 is.
15633072 / 8 = 1954134
Just include the odd sector in the last file. So, the first seven files will be 1954134 blocks each, and the last will be 1954135.
dd can take bytes or blocks, I just kept it as blocks.
The "skip" parameter is for skipping past the previously imaged sectors.
I created eight image files of roughly 1 GB each.
Create the script using the vi editor:
# vi getxboxhd
Type the letter "i", for insert mode, and type, or cut & paste these lines in:
# Western Digital 8GB
dd if=/dev/hd1 of=/xbx/xfile1 ibs=512 obs=512 count=1954134
dd if=/dev/hd1 of=/xbx/xfile2 ibs=512 obs=512 skip=1954134 count=1954134
dd if=/dev/hd1 of=/xbx/xfile3 ibs=512 obs=512 skip=3908268 count=1954134
dd if=/dev/hd1 of=/xbx/xfile4 ibs=512 obs=512 skip=5862402 count=1954134
dd if=/dev/hd1 of=/xbx/xfile5 ibs=512 obs=512 skip=7816536 count=1954134
dd if=/dev/hd1 of=/xbx/xfile6 ibs=512 obs=512 skip=9770670 count=1954134
dd if=/dev/hd1 of=/xbx/xfile7 ibs=512 obs=512 skip=11724804 count=1954134
dd if=/dev/hd1 of=/xbx/xfile8 ibs=512 obs=512 skip=13678938 count=1954135

Press the key to exit insert mode.
Press to save and exit the vi editor.
Chmod it for executable:
# chmod 744 getxboxhd
Run it:
# getxboxhd
Go find something else to do, this will take a long time to run.
I’m sure there is a cleaner way to do this, like a speedy C program, but the script here requires no compliation/linking.
While the script is running, after each dd line is done you’ll see the Records in/Records Out telling you that it copied the sectors to a file.
When it is finished, you’ll be back at the command prompt.
Type ls to see the files:
# ls -al /xbx
total 15633084
drwxrwxr-x 2 root root 2048 Jan 08 17:48 .
drwxrwxr-x 13 root root 4096 Jan 08 17:48 ..
-r--r--r-- 1 root root 1000516608 Dec 15 17:23 xfile1
-r--r--r-- 1 root root 1000516608 Dec 15 22:56 xfile2
-r--r--r-- 1 root root 1000516608 Dec 15 23:28 xfile3
-r--r--r-- 1 root root 1000516608 Dec 16 00:10 xfile4
-r--r--r-- 1 root root 1000516608 Dec 16 01:00 xfile5
-r--r--r-- 1 root root 1000516608 Dec 16 02:00 xfile6
-r--r--r-- 1 root root 1000516608 Dec 16 03:09 xfile7
-r--r--r-- 1 root root 1000517120 Dec 16 04:28 xfile8
Now you can use spatch to browse the files.
# spatch –b /xbx/xfile3
You should be able to use one of the file dumper utils that are out there to extract the actual xbox disk files from the images.

Also, you can modify the script and add the date and time to the filename so if you image additional files, they will be unique:
filedate=`date "+%m%d%y.%H%M"`
dd if=/dev/hd1 of=/xbx/xfile1.$filedate ibs=512 obs=512 …… ……
dd if=/dev/hd1 of=/xbx/xfile2.$filedate ibs=512 obs=512 …… ……

Now that you have the image files, you may want to copy/move them to other systems for analysis.
If you have an NT or Win2K system with large NTFS disks, you can copy the files there and use your favorite Windows tools.
I used QNX’s fs-cifs SMB manager/client. This allows the QNX system to communicate with and use SMB network shares.
First, I created a share on my Win2k system called XBSHARE.
Then, on the QNX system, I launched fs-cifs to mount that share:
# fs-cifs –a //win2kbox: /xshare username password
I’m not sure why, but fs-cifs requires both Netbios name and IP.
The –a option spoofs POSIX calls to get rid of error messages that occur when apps attempt to chmod/chown the files on the share. This option is not required.
The /XBSHARE is the share I created on the win2k system.
The /xshare is the local QNX mountpoint for the share.
Username and password must be any valid user account on the win2k system that has permissions to read & write the shared directory.
Now copy the files to /xshare:
# cp /xbx/xfile? /xshare
This will take a long time, too.
You could dd the files directly to the share, but this is really really slow.

Another option is to dd the files to another local disk that is formatted FAT16.
When dd script is complete, shutdown, and move the FAT16 drive to another system.

I have not cloned the Xbox hd to another hd, yet. However, I believe the cloning procedure should be much the same as imaging to a file, or files using dd.
You can dd from one disk to another, but I suggest that the disks be on different IDE channels. Put the Xbox hd on as a secondary IDE master, and the spare disk on as primary IDE slave.

Make sure you know which drives are which before doing the dd.
The primary master should be /dev/hd0.
The primary slave should be /dev/hd1.
The secondary master (Xbox hd) should be /dev/hd2
Again, with file size limits, the blocks/sectors may need to be copied in chunks.
You could dd something like this:
dd if=/dev/hd2 of=/dev/hd1 ibs=512 obs=512 count=n
dd if=/dev/hd2 of=/dev/hd1 ibs=512 obs=512 skip=n count=n
dd if=/dev/hd2 of=/dev/hd1 ibs=512 obs=512 skip=n*2 count=n
dd if=/dev/hd2 of=/dev/hd1 ibs=512 obs=512 skip=n*3 count=n
: :
: :
Replace n for the count and skip options with the correct block numbers similar to the image script.

Once you have cloned the drive you could use spatch, or your favorite sector editor.

I hope this guide is useful to you.
Happy hacking.


Dumping your Xbox HD under Win32
By Adam Branom (aka RustyBall)
FATX Explorer by opcode

WinHex (all you need is demo but, you can buy it if you want) Get it here
FATX Explorer (ported to Win32 by opcode from Andy + Luke’s Xbox HD dumper)
Available at XboxHacker Downloads
Note: This process will not work on a fat32 drive because of its file size limit.
First issue is the Xbox HD password lock. There are two ways of bypassing this. Either spend a lot of money and get a logic analyzer or have access to one, or, the much easier route of the "cable switch" method. To do the cable switch, plug a power plug from your pc into your xbox hd and fire up your computer. Right when it starts booting up, start pressing the Pause Break key and do not let it detect your drives. Then, make sure the IDE cable is going from the xbox to the HD and turn on the xbox. After it gets to the dashboard, unplug the ribbon cable that is going from the Xbox to the hd and replace it with one that is connected to your computer. Now, press a key to allow your computer to continue booting.
Once into windows, run WinHex. Go to tools > disk editor. Find the xbox hard disk in the list and hit ok. Then, hit ctrl+a and go to Edit > Copy Block > Into new file. Save the file somewhere and leave your comp alone for a while.
Once it is done, the next process begins. Working with the image file you just made.
To dump a file, load the image file and select the partition you want to see. Next select a directory from the left pane, any files in that directory will be shown in the list on the right. To dump one or more files, select the files in the list, then right-click and select "Dump Files..." this will show a Save dialog for each file you selected with the XFAT filename put in as the default name. To save the file simply press save and it will be saved to the directory/name you selected.

Xbox Video Connector Pinout Information
Signal Name
The output of this pin provides a current-limited DC power supply for active AV Pack circuitry.
This pin outputs line-level Right channel linear audio.
This pin outputs line-level Left channel linear audio.
This ground is provided for connection to the Right channel audio cable shield.
This ground is provided for connection to the Left channel audio cable shield.
This pin is the SP-DIF logic-level output.
HSYNC (???)
Horizontal Sync Signal used for VGA output mode
VSYNC (???)
Vertical Sync Signal used for VGA output mode
Video output mode select pin 1
This pin provides a convenient grounding point for the MODE1 input if needed.
Video output mode select pin 2
This pin provides a convenient grounding point for the MODE2 inputs if needed.
Video output mode select pin 3
This pin provides a convenient grounding point for the MODE3 inputs if needed.
SCART Status Pin
Ground connection for pin 18 (Pb)
Ground connection for pin 19 (C/Pr)
This pin outputs the Pb component signal in HDTV mode, and the BLUE component signal in RGB SCART mode.
This pin outputs the Chroma signal in SDTV mode, and the Pr component signal in HDTV mode, and the RED component signal in RGB SCART mode.
Ground connection for pin 22 (Y)
Ground connection for pin 23 (CVBS)
This pin outputs the Luma signal in both SDTV and HDTV modes, and the GREEN component signal in RGB SCART mode.
This pin is dedicated to the Composite Video Out (CVBS) in SDTV mode. In HDTV mode, this pin is not used.
This pin is specifically designated to carry the DC return current.
AVIP connector pin out: _______________________ 24 22 20 18 16 14 12 10 8 6 4 2_ 23 21 19 17 15 13 11 9 7 5 3 1
The AVIP supports several output configurations. The MODE inputs to the AVIP are provided to identify the type of signals expected by the AV Pack. The output mode is identified by jumper wires between the mode select pins (MODE1, MODE2, and MODE3) and GND pins on the AVIP connector as shown in the table below. The state of these inputs is continuously monitored by the system management controller, and communicated to the Xbox OS. Changes in the state trigger notification to the OS that the AV mode has changed. The state of these pins does not directly control the video or audio mode; the OS configures the CRT controller of the GPU and the TV Encoder through software. It is possible to configure these independently of the MODE state pins, as may be required for test purposes.
AVIP Mode Input (Pin)
Video Mode
AVIP Video Output (Pin)

M[0] (9)
M[1] (11)
M[2] (13)

No AV Pack Present
525/60 RFU Mode (NTSC, mono audio)
625/50 RFU Mode (PAL/SECAM, with mono audio)
HDTV Mode (Y/Pr/Pb)
525/60 SDTV Mode (NTSC)
VGA (note by kgasper: This VGA mode is misleading. I have verified that the GRB signals really are still YPrPb signals but with a 31kHz H-sync which allows the VGA monitors to sync to it. But the reason it is so green is because it is YPrPb.)
625/50 SDTV Mode (PAL-I)
625/50 SDTV Mode(PAL-I) SCART

Xbox Video Connector to RGB SCART
Below is the scheme to connect the Xbox-Pins to the Scart-Pins.
Xbox A/V-Plug:(Looking from the front of the connector not the wire side) 1 1 1 1 2 3 4 5 6 7 8 9 0 1 2 ------------------------_ + + + + + + + + + + + +_ + + + + + + + + + + + + ---------------------------- 1 1 1 1 1 1 1 2 2 2 2 2 3 4 5 6 7 8 9 0 1 2 3 4RGB Pinout:1 - Right Audio Signal2 - Right Audio Ground3 - SP-DIF Signal4 - RGB Switching Signal5 - Jumper to 17 (all 3 Jumpers6 - Jumper to 18 need to be7 - Jumper to 19 set for RGB)8 - Blue Ground9 - Blue Signal10 - Green Ground11 - Green Signal12 - SP-DIF Ground13 - SP_DIF +514 - Left Audio Signal15 - Left Audio Ground16 - ???17 - Jumper to 518 - Jumper to 619 - Jumper to 720 - AV Select Signal21 - Red Ground22 - Red Signal23 - Composite Ground24 - Composite Signal (Sync for RGB)Xbox Pin-> Scart Pin1 -> 22 -> 43 -> -4 -> 165 -> -6 -> -7 -> -8 -> 59 -> 710 -> 911 -> 1112 -> -13 -> -14 -> 615 -> 416 -> -17 -> -18 -> -19 -> -20 -> 821 -> 1322 -> 1523 -> 1724 -> 20Scart Pin 21 (Shield) & Xbox-Plug Shield should be connected to all the Ground-Pins (like in the XBOX-Plug).If you want SP-DIF you need to extract a seperate cable.-------zer0neg-------
Expensive VGA for Xbox By: LiQiCE
Here's the information on the X-Box VGA Box that I "made":
I purchased:
1. X-Box HD-TV Pack $20.00
2. Audio Authority 9A62 - $189.00 MSRP
The Audio Authority 9A62 box is a converter from Component Video (Y Pb Pr) to HD15 VGA. If you set your X-Box to display in 480p (essentially 640x480 @ 60hz) the 9A62 box will convert the 480p signal to VGA for you!
All you need to do is plug the Component video outputs from the X-Box HD-TV Pack into the input for the 9A62 and then plug your VGA monitor into the RGB output of the 9A62! Its as simple as that.
There is one big problem though, you can't see the Dashboard! The X-Box dashboard for some reason does not work properly with this setup. To get games to play you need to use the dashboard to set the X-Box to 480p though! Here's how you do it:
Using audio queues (assuming you have speakers plugged into the audio output from the HD-TV Pack), you can "listen" to where you are in the menu. After you turn on your X-Box without any disc inside, here is how you set it to 480p.
1. Press down once (you will hear a noise confirming you pressed down) (This is to goto Settings)
2. Press A (another confirmation noise)
3. Press Down 3 times (you will hear a click for each time you press down) (This is to goto Video Settings)
4. Press A (another confirmation noise)
5. Press up until you stop hearing the confirmation noises so you know you are at the top of the list, and press down once (this is presumably to switch from 480i to 480p, I don't know because I can't actually see!)
6. Press A
7. Press Left once (this is presumably to select Normal 4:3 mode, instead of widescreen)
8. Press A
9. Keep pressing B until you stop hearing the audio confirmation noises
10. Turn off your X-Box, turn it back on, pop in a game, and enjoy!
The games I have tested the VGA setup with so far is: Dead or Alive 3, Halo, and NHL 2002
All work perfectly.

How to copy an xbox game to your hard drive from a DVD using boxplorer launched from evolutionx

First you need to make sure that the game does not automatically load up from your evolutionx menu. (You cant copy a game while you play it)** :
1. Turn on your xbox WITHOUT a DVD in the drive.2. Highlight “system utilities” and press “a”(the green button)3. Highlight “settings” and press “a” 4. Scroll down the option until you find “auto launch games” and press “a” 5. Select “no” and press “a”6. Scroll down to “save and exit” and press “a”7. Reset your xbox WITHOUT a DVD in the drive (turn it off and then on again).
You should now be looking at the main evolutionx menu again; you should not notice anything different, now we can prepare a space to put the game in :
1. Put the game in the DVD drive and wait for the green light on the front of the xbox to stop flashing (you may also notice some writing on the screen change to “game” to acknowledge that there is indeed a game in the drive)2. Highlight “launch menu” and press “a”3. Highlight “apps” and press “a”4. Highlight “boxplorer” and press “a”5. Press Right trigger on control pad (you will notice the “A” change to “B” in the top right corner)6. Press the white button on the controller (this brings up the menu options)7. Highlight “select drive” and press “a”8. Highlight “e:\device\harddisk0\partition1” and press “a”9. Highlight “games” and press “a”10. Press the white button (menu options)11. Highlight “new folder” and press “a”12. Follow the onscreen instructions and “new folder” to whatever your game is called (this is only for reference and does not have to be exact)
You should now be looking at a screen with yellow writing: “new folder” (in) e:\games :
1. Follow the onscreen instructions to accept the new folder2. Press “a”3. Highlight your new folder and press “a” (the writing a the top of the screen should read “e:\games\nameofyourgame\”4. Press the left trigger (you will notice the letter in the top right hand corner turn from “B” to “A”)5. Press the white button6. Highlight “select drive” and press “a”7. Select “d:\device\cdrom0” and press “a”8. Press the white button9. Highlight “mark all” and press “a”10. Press the white button11. Highlight “Copy” and press “a”12. Follow the onscreen instructions
Your xbox will now be busy for the next 15-40 min or so depending on your drive speed and the size of the game, so don’t switch it off until its finished, it WILL tell you its finished within the hour.Congratulations you’re done! You can now reset your xbox and launch the game from the evolution x dashboard without the DVD in the drive!*Deleting a game and switching on auto load is an exact reversal of these instructions (remember if you delete the wrong thing you will bugger up your xbox and someone will have to fix it for you**Some evolutionx menu settings may vary, so use your judgment.***Use these instructions at your own risk

Sunday, March 26, 2006

Four indicted in Nigerian e-mail scam

MARCH 23, 2006 (IDG NEWS SERVICE) - Four people have been indicted and could face 30 years in prison for a variation on a popular scam in which e-mail senders claim they're trying to transfer money out of Nigeria, the U.S. Department of Justice announced today.
A grand jury in New York yesterday returned a 10-count indictment against three of the defendants and an 11-count indictment against the fourth. Alleged victims of the four individuals lost more than $1.2 million, the DOJ said.
Three of the defendants were arrested in Amsterdam by Dutch authorities on Feb. 21, based on a U.S. criminal complaint. They are being held in the Netherlands pending extradition to the U.S., the DOJ said. The fourth defendant, a Nigerian citizen, is a fugitive.
The four are Nnamdi Chizuba Anisiobi, also known as Yellowman, Abdul Rahman, Helmut Schkinger, Nancy White and other aliases; Anthony Friday Ehis, also known as John J. Smith, Toni N. Amokwu and Mr. T; Kesandu Egwuonwu, also known as KeKe, Joey Martin Maxwell and David Mark; and an unnamed defendant known as Eric Williams, Lee, Chucks and Nago.
They are charged with one count of conspiracy, eight counts of wire fraud and one count of mail fraud. Anisiobi is also charged with one count of bank fraud.
The maximum penalty for mail and wire fraud is 20 years in prison, and the maximum sentence for bank fraud is 30 years in prison. The conspiracy charge carries a maximum penalty of five years in prison.
The defendants allegedly sent spam e-mail messages to thousands of potential victims, and they falsely claimed to have control of millions of dollars located in a foreign country that belong to an individual with a terminal illness, DOJ said.
These aren't the first charges in the e-mail advance-fee scam, popular with Nigerian criminals. In January 2004, Dutch police arrested 52 people allegedly involved in Nigerian e-mail and related scams, and in May 2002, South African police arrested six people on related charges. U.S. authorities have also brought charges against other Nigerian scammers.
The defendants allegedly solicited the help of the potential victims to collect and distribute the funds to charity. In exchange for the victims' help, the defendants promised the victims a share of the large inheritance, but told victims they must pay advance fees for legal representation, taxes or bogus documentation.
After the victims wire transferred funds to pay the "required fees," the defendants did not deliver the funds as promised, DOJ said.
"Global fraudsters need to know that we are determined to find and prosecute them," U.S. Attorney Roslynn Mauskopf of the Eastern District of New York said in a statement. "Potential victims need to know that any e-mail offering millions of dollars that requires that they send money to receive this windfall is a scheme. Delete it."