Mat Honan having his entire digital life comprised by an “epic hack” was bad. But at least he didn’t have illegal drugs sent to his home and the cops called on him.
This is exactly what Brian Krebs, the notable security writer, had happen to him. But, come on, he’s a cybersecurity guru — of course he was one step ahead of these hackers.
“Earlier this month, the administrator of an exclusive cybercrime forum hatched and executed a plan to purchase heroin, have it mailed to my home, and then spoof a phone call from one of my neighbors alerting the local police,” Krebs wrote for his blog Krebs on Security. “Thankfully, I had already established a presence on his forum and was able to monitor the scam in real time and alert my local police well in advance of the delivery.”
The attempted “smear campaign” was launched by “Flycracker” in a discussion on the forum dated July 14 and titled “Krebs Fund.”
First, Flycracker established a bitcoin account to accept donations that would ultimately be used on the so call “Silk Road” where heroin would be purchased. Only 2 bitcoins were raised, but that’s technically close to $200 U.S. dollars.
The drug was purchased for about 1.65 bitcoins by the account “briankrebs7” to be delivered to Krebs’ home in northern Virginia.
“12 sacks of heroin [the seller gives 2 free sacks for a 10-sacks order] are on the road, can anyone make a call [to the police] from neighbors, with a record? Seller said the package will be delivered after 3 days, on Tuesday. If anyone calls then please say that drugs are hidden well,” Flycracker wrote, according to Krebs.
Here’s what Krebs was doing though behind the scenes: He contacted the FBI and the local police station to alert them to what might be happening and then he tried to confirm it was in fact Flycracker behind the scheme.
Working with University of California-San Diego graduate student Sara Meiklejohn, who has been researching bitcoin and just how anonymous the Silk Road really is. The researchers were able to confirm that the wallet Flycracker used to raise the two bitcoins deposited them into a bitcoin wallet that was “controlled by those who maintain the Silk Road marketplace, but we can’t say for certain whether he used that credit to make a purchase.”
On Monday, the package arrived at Krebs home.
“I wasn’t planning even to touch the individual packages, but curiosity got the best of me. Before calling the cop who took my initial report and letting him that know he could come and retrieve the parcel, I had a look inside one of the packets. But not before donning a particulate face mask and a pair of disposable gloves,” Krebs wrote.
A test of the substance by law enforcement had not yet been conducted at the time Krebs wrote his post Tuesday.
Check out Krebs’ post for more details. He also says to stay tuned on his blog for more on the person behind this cybercrime.