Xbox Underground. Young and careless
- Transfer
A gang of teenage hackers got the keys to the Microsoft video game empire. Then they went too far.
The trip to Delaware was planned for just a day. David Pokora, undergraduate, four-eyes from the University of Toronto with a scruffy blond hair to his shoulders, went to the south to choose a tuning his bumper for Volkswagen Golf R.
The American salesman refused to send the item to Canada, so Pokora agreed with his friend Justin Meem, who lived in Wilmington. Both guys are ardent gamers addicted to hacking Xbox. Although they chatted and collaborated for many years, they never met in person. Pokora planned an eight-hour trip on Friday to quietly dine with May and then bring the metal blue bumper home to Mississaugu, Ontario that night or early the next morning. The father offered help, so that they could take turns leading the family Jettou.
An hour after the start of the journey on March 28, 2014, the father and son crossed the Lewiston – Queenston Bridge and arrived at the border point on the eastern side of the Niagara Gorge. An American customs officer politely asked about the route, looking at their passports in his booth. He seemed ready to wave after the Jetta when something on the monitor caught his attention.
“What is ... Xenon?” Asked the agent, stumbling over an unfamiliar word.
David in the passenger seat struck the question. Xenon (Xenon) - one of his nicknames on the Internet, which he often used with Xenomega and DeToX - when playing Halo or discussing Xbox hacker projects with other programmers. Why did a nickname familiar only to a handful of gaming fans appear when checking a passport?
The confusion of Pokory lasted for a few moments before he remembered that he had named his sole proprietor Xenon Development Studios; the business handled payments for the Xbox service, which it managed, which gave monthly subscribers the opportunity to unlock achievements or skip levels in more than 100 different games. He mentioned the company to a customs agent, assuring that it is legally registered. Agent told the Pocoras to wait another minute.
When he and his father were waiting for permission to enter, David noticed a fleeting motion behind the Jetta. He turned and saw two men in dark form. They were approaching the car on both sides. “Something is wrong,” said the father, just before the figure appeared at the passenger window. A voice barked out of the car - and Pokora realized that he was trapped.
In the containment area of the neighboring US Customs and Border Guard building, in a sterile room with a lonely metal bench, Pocor reflected on all the stupid risky actions he did while being held captive by his Xbox obsession. When he started reversing console software ten years ago, it seemed like harmless entertainment — intellectual competition with the corporate engineers that he and his friends wanted to join. But over time, the Xbox hacker scene became filthy, its ethical standards eroded a passion for money, a thirst for thrill and status. Unnoticed, Pokora has become entangled in a series of schemes that he would never have used before: breaking into the developers' network, faking an Xbox prototype, even instigating burglary on the main Microsoft campus.
Pokora had long known that he had angered some influential people, and not only in the gaming industry: in the process of research work on the Xbox, he and his colleagues also penetrated into the American military networks. But in the first hours after his arrest, he had no idea how much legal anger he had on his head: for eight months he was held under a charge of conspiring to steal intellectual property for $ 1 billion, and federal prosecutors intended to make him the first foreign a hacker convicted of stealing American trade secrets. Some of his friends and colleagues ended up drawn into the whirlpool of trouble he helped create. One became an informant, one a fugitive, and one died.
Pokora saw the father sitting in the room on the other side of the thick glass. A federal agent bent down to inform Senior Pokor, a Polish construction emigrant, that his only son will not return to Canada for a very long time. His father dropped his callused hands.
Devastated by the fact that he caused such suffering to a usually steadfast man, David wanted to say some words of comfort. “Everything will be fine, Dad,” he said in a soft voice, drawing attention with gestures. - Everything will be OK". But the father behind the glass could not hear anything.
Long before learning to read and write, David Pokora mastered the subtleties of first-person shooters. There is an old video from 1995, where he plays Blake Stone: Aliens of Gold . The fingers of a three-year-old child are dancing promptly on the keyboard of the parent computer. He was fascinated in the game not by violence, but rather by the real magic of the controls. He wondered how a square beige machine turns his physical actions into motion on the screen. The guy was a born programmer.
Pokora indulged in coding throughout elementary school, creating simple programs like a primitive web browser. But this craft completely captured him during a family trip to Poland, when he was not yet ten years old. In a remote village, where relatives of their parents lived, the boy dragged a bulky laptop. There was little else to do. While the hens were roaming around the yard, the boy was learning the Visual Basic .NET programming language. In that house there was no access to the Network, so Pocora could not google why programs give errors. But the boy continued to bite into the code until it became flawless: this time-consuming process filled him with unexpected joy. Upon returning home, he was already on the hook. David got the buzz, subordinating cars to his will.
When Pocora began to dive into programming, parents bought the first Xbox. Thanks to the multi-user Xbox Live service and the familiar Windows architecture, this console has turned Super Nintendo into a relic. Every time, distracting himself from splashing aliens in Halo , Pokora was searching the Internet for technical information about his favorite toy. His wanderings led to the hacker community who hacked into the Xbox, extending its standard features.
To unravel the secrets of the console, hackers opened the case and listened to the data between the components of the motherboard: processor, RAM, flash memory chip. This led to the discovery of what cryptography expert Bruce Schneier called "kindergarten security." For example, Microsoft left the decryption key for the boot code of the machine in the available memory area. When a MIT graduate student named Bunny Juan discovered it in 2002, he gave his hacker brothers the opportunity to download self-made programs on the Xbox, which could transfer music, run Linux or emulate Sega and Nintendo. It was necessary only to reflash the console. This is done either by soldering the so-called modchip to the motherboard, or by downloading the hacked game save file from the USB drive.
As soon as Pocora hacked the family Xbox, he began to persevere with his beloved Halo . The boy sat on IRC channels and forums where the best Halo programmers were hanging out and studied textbooks on how to change the physics of the game. Soon he gained fame by writing utilities for Halo 2 , which allowed players to fill out any of the game landscapes with digitized water or change the blue sky to rain.
Happy days for hackers ended with the release of the second generation Xbox - Xbox 360 - in November 2005. To everyone's chagrin, she was deprived of all the glaring security flaws of her predecessor. The 13-year-old Pokora, like everyone else, could no longer run code that was not approved by Microsoft. There was one potential workaround, but this required rare equipment: an Xbox 360 development kit.
Devkits are machines on which Microsoft-approved developers create content for the Xbox. For the untrained eye, they look like regular consoles, but contain most of the necessary tools for game development, including line-by-line debugging tools. A hacker with a devkit can manipulate Xbox software in the same way as an authorized programmer.
Microsoft sends devkits only to strictly verified game development companies. In the mid-2000s, several bundles sometimes became available when a failing developer was in a hurry selling off assets, but for the most part the equipment was rarely seen in the public domain. But there was one hacker who was lucky enough to get into the holy abode of devikits for the Xbox 360, and whose desire to profit from his good fortune would help Poké to reach the top of the Xbox scene.
In 2006, the technology manager of Wells Fargo Bank in Walnut Creek, California, 38-year-old Rowdy Van Cleve learned that a nearby waste recycling plant was selling Xbox DVDs cheaply. When he went to check the goods, the factory owner said that they regularly receive surplus Microsoft equipment. Van Cleve, a member of the respected hacker group Team Avalaunch, volunteered to help - be in the processors' warehouse and point out any Xbox junk that may have resale value.
Sifting a mountain of garbage from the Xbox, Van Cleave persuaded the processors to bring five motherboards with him. When he inserted one of them into his Xbox 360 and downloaded it, the debug mode was activated on the screen. “Well your mother,” thought Van Cleave, “it's a damn board of girls!”
Knowing that he had stumbled upon the holy grail for all Xbox hackers, Van Cleve made a deal with a processor to purchase all Xbox equipment from the trash. He stored some of these treasures in his own large collection or distributed to friends. One day, he gave another member of the Team Avalaunch group a developer kit as a wedding gift. But Van Cleave was careful and always looked for customers he could trust.
The 16-year-old Pokora became one of these buyers in 2008, shortly after meeting Van Cleave through an online friend - and impressed with his technical prowess. In addition to buying sets for himself, Pocora acted as a seller for Van Cleve, selling hardware at a significant mark up to other Halo hackers.; he took about $ 1,000 per set, although some desperate souls paid up to $ 3000. (Van Cleve denies that Pokora was selling kits on his behalf). He made friends with several customers, including a guy named Justin May, who lived in Wilmington, Delaware.
Armed with a devkit, Pocor began to crack the fresh Halo 3 . He coded for days, reaching a state of trance, which he called “superconcentration,” until he fell from exhaustion at 3 or 4 in the morning. He was often late for school, but he waved his hand to reduce academic performance. The student was convinced that programming in devkite is the only education that matters.
Pokora laid out fragments of his work on Halo 3on forums like Halomods.com - and came to the attention of a hacker named Anthony Clark from Whittier, California.
Clark, 18, had the experience of reverse engineering Xbox games. He turned to Pokor and suggested joining forces in some projects.
Clark and Pokora got close, almost every day discussing programming, as well as music, cars and other teenage topics. Pokora sold Clark Devikit for a joint hack of Halo 3 . In turn, Clark gave Pokor his knowledge of the disassembler. Together they wrote a tool for Halo 3 , which allows them to endow the main character of Master Chef with special skills, such as the ability to jump into the clouds or shoot strange shells. And they spent countless hours playing on their cracked creations on PartnerNet, the Xbox Live sandbox, available only to devkit owners.
When Pocora and Clark released fragments of their software on the Internet, they received feedback from the engineers at Microsoft and Bungie, the developer of the Halo series . Professional programmers responded only enthusiastically, although it was clear to everyone that Pokora and Clark had illegally obtained devkits. “Cool, you did an awesome reverse engineering,” Pocor would say. Encouraging reviews have convinced the guy that he is on an unusual path to the career of a game developer - perhaps this is the only path available to the son of a Mississauga builder who did not study well at school.
But Pokora and Clark sometimes flirted with darker things. By 2009, the couple used PartnerNet not only for Halo 3 mods, but also to steal a software that has not yet been released, which has been tested. There was a screenshot among the fans, which Pokora inadvertently shared with friends - there was a card that was not yet released for the game. When Pokora and Clark later returned to play Halo 3 , they saw a message from the Bungie engineers on the main screen especially for them: “The winners do not break into PartnerNet”.
The two hackers laughed. They thought that everyone was amused by their mischief - they would have stolen the beta version, but only because of their great love for the Xbox, and not for the enrichment. They saw no reason to stop playing cat and mouse with Xbox professionals, whom they had ever hoped to be called colleagues.
The Xbox 360 remained virtually invulnerable until the end of 2009, when security researchers finally revealed a weakness: by attaching the modchip to a secret set of contacts on the motherboard used for quality control, they managed to negate the protection 360. The hack became known as JTAG, short for The Joint Test Action Group is an industry body that in the mid-1980s recommended adding such contacts to all printed circuit boards.
When news of the vulnerability spread, Xbox 360 owners rushed to modify their consoles for services that others do not. The market formed overnight. With 23 million Xbox Live subscribers, multiplayer games became much more competitive, and the crowd of gamers, whom Pocora dubbed “spoiled children with parental credit cards,” were ready to go to emergency measures to humiliate rivals.
For Pokory and Clark there was an opportunity to earn. They cracked the Call of Duty series of military shooters to create the so-called "mod lobby" - a place on Xbox Live, where Call of Duty playerscan join games with a changed reality. With tariffs up to $ 100 for half an hour, players with JTAG consoles participated in deathmatchs, possessing superpowers: they could fly, walk along the walls, run at lightning speed, or shoot bullets that never flew past the target.
For an extra $ 50-150, Pokor and Clark offered "infections" - abilities that remain with the characters even after joining unlocked games. Pokora initially did not want to sell the infection: he knew that customers with such a turbo will kill their unfortunate opponents. The situation turned her down as contrary to the spirit of the games. But then the money went: up to $ 8,000 on good days. There were so many customers that he and Clark had to hire employees to cope with this madness. Overcome by the excitement of entrepreneurial activity, Pokora forgot all about his commitment to justice. Another inconspicuous step down.
Microsoft tried to suppress cheats Call of Dutyby running an automated JTAG console detection system, followed by a ban. But Pocora reversed the Microsoft system and found a way to get around it: he wrote a program that intercepted Xbox Live security requests and forwarded to the console area, where they were filled with false data, presenting a hacked console as certified.
Pokora enjoyed the benefits of his success. He still lived with his parents, but he paid for his studies when he entered the University of Toronto in the fall of 2010. He and his girlfriend dined every evening at high-end restaurants and stayed in hotels for $ 400 a night while traveling through Canadian metal concerts. He drew the feeling of exultation and power not from money or the envy of his peers, but from the fact that the $ 60 million mega-popular blockbuster game behaves as he pleases.
Pokora knew that his business was not entirely legal, many copyrights were violated. But he interpreted the lack of meaningful raids from Microsoft or Activision, the developer of Call of Duty , as a sign that companies are willing to tolerate it, just as Bungie put up with his machinations in Halo 3 . Activision has indeed sent a series of threatening letters, but has never made them a reality.
“But these are just video games,” Pokora told himself every time, receiving an Activision letter. “We are not breaking into the server and stealing someone’s information.” However, it will happen soon enough.
Dylan Wheeler, a hacker from Perth, Australia, with the pseudonym SuperDaE, immediately realized the value of what fell on him. His American friend under the nickname Gamerfreak shared a list of passwords for public forums of Epic Games, a developer known for the Unreal and Gears of War game series . In 2010, Wheeler began rummaging through forum accounts and searching for Epic employees. In the end, he found an employee of the IT department, whose email and password were in the Gamerfreak list. Rummaging through his personal mail, Wheeler found the password for the internal account on EpicGames.com.
Having established themselves in the Epic network, Wheeler was looking for a talented partner to get deeper. "Who is big enough to be interested in such?", - he thought. And the first to come to mind was the name Xenomega - David Pokora - whom Wheeler had long admired and longed to make friends. Wheeler wrote to the Canadian and offered him a chance to get into the network of one of the most prominent game developers in the world. In order not to risk an agreement, just in case Wheeler did not mention that he was only 14 years old.
Australian teen Dylan Wheeler, who went astray as the FBI approached,
Wheeler offered something far more illegal than everything Pocor did: one thing was to pull down the Halo cardsfrom a half-open network of PartnerNet, and quite another - to crack a secure private network where the company stores its most sensitive data. But Pokor was overwhelmed with curiosity: which software could be excavated on Epic servers, and he was excited by the prospect of reversing a couple of top-secret games. And so he summed up the rationale and established the basic rules: for example, we do not take any credit card numbers and do not look at the personal information about Epic customers.
Pokora and Wheeler combed the company's internal network under the guise of an IT employee, whose credentials were found by Wheeler. They found a connected USB-drive, which kept all the passwords of the company, including the one that gave them root access to the entire network. Then we went to Epic cone computers, such as CliffyB CliffyB Blejinski. Slightly neighing, looking at the contents of the music folder for the Lamborghini director, full of songs Katy Perry and Miley Cyrus. (Blezhinski, who left Epic in 2012, confirmed the authenticity of his account and added that he “never hid his addiction to bubble ass”).
To filter the Epic data, Wheeler enlisted the help of Sanadodeha "Sonic" Nesheivat, a New Jersey gamer with a hacked cable modem who hid his real location. In June 2011, Neshuivat downloaded a preliminary copy of Gears of War 3 and hundreds of gigabytes of other software. He recorded the Epic source code on eight Blu-ray discs, which he sent to Pokor in a package as a wedding video. Pokora shared the game with several friends, including his distributor Justin May. Within a few days, a copy appeared on torrents.
Gears of War 3 leak initiated a federal investigation. Epic began working with the FBI to identify how the hacking occurred. Pokora and Wheeler found out about the investigation by reading Epic emails. They were frightened when one of these letters described a meeting between the company's best technical specialists and FBI agents. “I need your help — they will arrest me,” wrote Pokora in a panic to May in July. “I need to encrypt several hard drives.”
But email correspondence between Epic and the FBI quickly subsided and the company made no visible effort to block hacker access from the root. A clear sign that she could not accurately determine the method of entry. Having survived the first clash with the authorities, the hackers grew bolder - especially the impudent Wheeler. He continued to invade Epic's confidential subnets, not worrying too much about hiding his IP address when he was spying on high-level corporate meetings via webcams he managed. "He deliberately enters Epic, knowing that the feds are darting there," Nesheivat said about his Australian partner. “They corresponded by mail with the FBI, but he somehow manages to spit on it.”
Having hacked Epic, hackers gained access to many other organizations. Pokora and Wheeler stumbled upon the credentials for entering Scaleform, the so-called middleware company that provided technology for the engine in the heart of Epic games. As soon as they broke into Scaleform, they discovered that the company’s network was full of Silicon Valley titans, Hollywood entertainment conglomerates and Zombie Studios, developer of Spec Ops games . In the Zombie network, they discovered tunnels for remote access to customers, including branches of US military companies. Infiltrating these poorly protected tunnels did not become a big problem, although Pocor was afraid to leave too many traces. “If they notice something like that,” he told the group, “they will start looking for me.”
As the scale of the enterprise increased, hackers discussed what to do if the FBI knocked on them. Being overwhelmed by omnipotence from penetrating the most supposedly inaccessible networks, Pokora suggested putting all Epic's proprietary data in public as an act of revenge: “If we ever disappear, just know, upload it to the Internet and say" fuck you Epic "”.
The group also joked about what to say to their teammates. Everyone liked Wheeler’s suggestion that they could instill fear in the hearts of prisoners by calling themselves Xbox Underground.
Pokor was more and more fascinated by corporate forays, and his old friends from the Xbox stage feared for his future. Kevin Skittso, Team Avalaunch hacker, urged him to retreat from the edge of the abyss. “Dude, just stop this shit,” he begged Pokora. - Focus on your studies because it's shit. I understand - this is cool. But as technology advances, the feds are also starting to understand more; you cannot dodge this bullet for a long time. ”
But David was too absorbed by the thrill of access to the forbidden software to listen to the advice. In September 2011, he stole a preliminary copy of Call of Duty: Modern Warfare 3 . “Let us get arrested,” he told friends when he started downloading.
Despite the self-confidence of all these darts through the networks without consequences, Pocora was still proud of how little he cared about money. After capturing the database with a “fucking bunch of paperals,” Pocor himself praised friends for resisting the temptation to make a profit. “We could sell them for bitcoins that are not tracked with the right approach. There are fifty thousand lungs. ”
But with each day, Pokora became more self-serving. For example, in November 2011, he asked his friend May to make a deal with an Xboxdevguy player who expressed interest in purchasing pre-release games. Pokora was ready to sell Xboxdevguy any games for a few hundred dollars each.
Close relations Pokory with May complicated relations in the hacker group. Everyone knew that May was arrested at the Boston Gaming Convention in March 2010 for trying to download the source code for the Breach shooter. A spokesman for the game developer told Engadget technology blog that, after being caught after a short chase, May said that he “can give them more important people, and he is ready to give names.” But Pokora trusted May, because he saw how he was involved in many dark affairs. He could not imagine that someone would be allowed so much filth in collusion with law enforcement agencies.
By the spring of 2012, Pocor and Wheeler focused on looting the Zombie Studios network. They are now joined by two new characters: Austin "AAmonkey" Alcala, a high school student from Indiana, and Nathan "animefre4k" Leroux, the son of a Maryland mechanic for home schooling. In particular, Leroux turned out to be an exceptional talent: he co-authored a program for mining virtual coins in the Electronic Arts FIFA 2012 football simulator. Players receive these coins at the end of matches and use them to purchase in-game upgrades.
Studying the Zombie network, the group stumbled across a tunnel to the server of the US Army. There was a helicopter simulator AH-64D Apache, which Zombie developed under the contract of the Pentagon. Totally insane, Wheeler downloaded the software and told colleagues that they should "sell simulators to the Arabs."
Hackers also continued to torment Microsoft. They stole documents with specifications for an early version of Durango, the next-generation code name for the Xbox console, which will become known as the Xbox One. Instead of selling documents to a competitor to Microsoft, hackers chose a more sophisticated scheme: they themselves will begin to collect and sell copies of Durango using ready-made components. Leroux volunteered to do the assembly: he needed money to pay for online computer science classes at the University of Maryland.
Hackers made inquiries in the community and found a buyer in the Seychelles, who agreed to pay $ 5,000 for a fake console. May took the finished car from the house of Leroux and promised to send it to the islands in the Indian Ocean.
But Durango never arrived at its destination. When the buyer complained, the paranoia began: the FBI intercepted the cargo? Are they all under surveillance?
Wheeler was especially worried. After all, he thought that the group was untouchable after the Epic investigation seemed to stop. But now he felt they would be covered. “How to finish this game?” He asked himself. The answer he found was to descend into the glory and do something that would permanently secure him a place on the Olympus of the Xbox hacker scene.
Wheeler launched his campaign for fame by posting Durango on eBay, using photos of the prototype that Leroux built. Bidding for a non-existent console reached $ 20,100 before eBay canceled the auction, declaring it fraudulent. Furious with media attention to this story, Pokora broke off relations with Wheeler.
A few weeks later, Leroux disappeared from the scene. Rumor has it that the FBI took it. The Americans close to Pokor began to say that they were being watched by black cars with tinted windows. Hackers suspected that there was a mole among them.
The relationship between Pokora and Clark deteriorated when Pokora engaged in hacking game developers. In the end, they quarreled over staffing problems in their Call of Duty services business — for example, some Pocor employees were greedy, but Clark refused to fire them. Tired of quarrels, entrepreneurs dispersed. Pokora focused on Horizon, an Xbox cheat service that he created on the side with some friends. He liked that Horizon cheats could not be used on Xbox Live, which created less potential technical and legal issues. Meanwhile, Clark improved the technology for generating coins in FIFA and began selling virtual currency on the black market. Austin Alcala, who was involved in hacking Zombie Studios and faking Xbox One, worked at Clark's new venture.
Since now the forces of 20-year-old Pokora have shared between the Horizon administration and the visit to the university, Wheeler alone continued the path of the kamikaze. After his eBay trick, Microsoft sent a private detective named Miles Hawkes to Perth. Wheeler tweeted a meeting with “Mr. Microsoft Man,” who demanded information about accomplices at dinner at the Hyatt. According to Wheeler, Hawks said not to worry about the legal consequences, since Microsoft is interested in pursuing only "real assholes." (Microsoft denies that Hawks said this).
In December 2012, the FBI carried out a raid on the home of Santodeha Nesheivat in New Jersey. He posted an unedited search warrant online. Wheeler responded by doxing agents in public forums, encouraging people to stalk them. He also spoke openly about hiring a hitman to kill a federal judge who signed the warrant.
Wheeler’s strange impulsive attempts to escalate in any situation alarmed federal prosecutors, who had been carefully building a case against hackers since Gears of War leaked in June 2011. Edward McAndrew, the assistant US attorney who led the investigation, felt the need to speed up the pace of his team’s work before Wheeler reached real violence.
On the morning of February 19, 2013, Wheeler was working at his family’s house in Perth when he heard a noise in the courtyard under the window. A phalanx of men in light tactical gear, with “glocks” on the sides, approached the house. Wheeler went quickly to turn off all the computers so that the criminologists had to at least work on password cracking.
Over the next few hours, Australian police took away computer equipment for $ 20,000, according to Wheeler. The guy was stunned that no one bothered to put his precious hard drives in anti-static bags. He was not arrested that day, but a lot of evidence was found on the disks: Wheeler often took screenshots of his hacker exploits, including a chat in which he suggested running some crazy program on Zombie Studios servers to explode the interest of fans.
In July of that year, Pocor told Justin May that he was going to visit Defcon, the annual hacker gathering in Las Vegas - to make his first trip to the United States in recent years. On July 23, McAndrew and colleagues filed a closed indictment on 16 counts against Pokory, Neshivevat and Leroux, accusing them of crimes, including fraud using electronic means of communication, using other people's personal data with an identity fraud and conspiracy to steal commercial secrets. Wheeler and Gamerfreak, the original source of the Epic password list, are identified by accomplices (Alcala will be added four months later). The document showed that most of the case is based on evidence from an informant, called "person A." He is described as a resident of the state of Delaware,
Prosecutors also described the defendants as members of a certain Xbox Underground community. Wheeler's prison joke was no longer a joke.
Without knowing anything about the secret charge, Pocora refused to go to Defcon because of employment at the last minute. The FBI agents were worried that the arrest of American accomplices would push him to flee, so the agency decided to wait for his trip to the south before closing the rest of the hackers.
Two months later, Pokora went to Toronto Opera House for a concert of the Swedish metal band Katatonia. His phone buzzed in unison with the first howls from the stage — it was Alcala, now a high school student in Fishery, Indiana. He was overwhelmed with delight: he said that he knew a guy who could get both of the last Durango prototypes — real ones, not copies, like they did in the summer. His acquaintance is ready to enter the Microsoft campus building in Redmond to steal them. Instead, the cracker required credentials to enter the Microsoft game development network, plus several thousand dollars. The conquest was puzzled by the audacity of the novice robber. This guy is stupid, he thought. But after many years of the successful adventures of Pocor, he lost the habit of listening to common sense. He told Alcala to keep him informed.
The robber turned out to be an 18-year-old graduate of a school named Arman, known in circles as ArmanTheCyber (he agreed to share his story on the condition that his name would not be given). A year earlier, he had cloned a Microsoft employee badge that belonged to his mother's boyfriend. Since then, he has repeatedly used the RFID card to study the Redmond campus, passing as an employee and dressing from head to toe in Mayrosoft free stuff (Microsoft claims that the guy did not copy the badge, but rather stole it). Arman has already taken out one Durango for personal use. He was frightened to come back for others, but he also filled the recklessness of youth.
Around 9 pm late September night, Arman passed into the building where the Durango prototypes were stored. Several Microsoft engineers roamed the corridors. Armand dived into the cubicle and hid when he heard footsteps. In the end, he climbed the stairs to the fifth floor, where, according to his information, there was a secret warehouse Durango. When the teenager began to wade in the dusk to the right place, motion sensors responded to him - and the light came on. Frightened, Armand ran down.
Finally, he found what he was looking for in two cubicles on the third floor. At one Durango on the case lay a pair of shoes on the heels. Armand squeezed both consoles into a large backpack, and left unusual shoes on the carpet.
He sent the stolen consoles to Pokor and Alcala, and a week later he received amazing news: Microsoft vendor finally considered a job application sent in summer - and hired him with a quality tester. But the guy only lasted a couple of weeks at work before the investigators identified him; the camera on the stairs fixed Arman’s face as he left the building. To minimize legal consequences, he begged Pokor and Alcala to give back the stolen consoles. He also returned Durango, which he had taken for himself earlier, and very much in time: jealous hackers had already examined his house through a hacked surveillance system, planning a robbery.
Pokora spent the entire winter breaking Xbox 360 games for Horizon. In March 2014, Toronto began to thaw - and the guy decided that he could spend the weekend on a trip to Delaware behind the bumper for his Golf.
“You know, they can arrest me,” he told his father when they were going on the road. The father had no idea what he was talking about, but he smiled crookedly in response to what he considered to be an unsuccessful joke.
After appearing in federal court, Buffalo and a few days in the neighboring county prison, Pocoru was loaded into a van along with another federal prisoner, a gang member with powerlifter hands and without a noticeable neck. They were transported to a private prison in Ohio, where Pokora will be held until the court in Delaware starts a trial. According to him, the guards were throwing sandwiches on the floor of the van to prisoners, knowing that tightly fettered prisoners could not bend down and take them.
During the three-hour journey, a member of the gang, who served a sentence for beating a man with a hammer, advised Pokora to do everything to minimize time behind bars: “This life is not for you,” he said. “This life is for no one, really.”
Pokora took the words to heart when he was taken to Delaware in early April 2014. He quickly agreed to the proposed plea bargain and helped affected companies identify vulnerabilities that he used — for example, poorly protected tunnels through which they reached their networks. Listening to the professorial explanations of the conquests of their hacks, the chief prosecutor Macandrew now flatteringly spoke of the 22-year-old Canadian: “He is a very talented guy who has gone the bad way,” he said. - Often, when investigating such things, one cannot but admire a certain level of brilliance and creativity. But then you kind of back off and say: "And here it all went wrong."
Once, on the way from prison to court, Pokora was put in a marshal's car with someone who seemed familiar: a pale, thin, 20-year-old guy with teeth accustomed to sweets. It was Nathan Leroux, whom Pokora had never met personally, but he recognized it from a photo. He was arrested on March 31 in Madison, Wisconsin, where he moved after an FBI raid. That raid scared him enough to throw an Xbox scene and escape. In the new life, he flourished as a programmer at Human Head Studios, a small game studio when the feds appeared and took him into custody.
When he and Leroux went to court in shackles, Pokora tried to convey the advice of that gangster: “Look how much it has become aggravated because of this asshole DaE,” he said, reducing his nickname Wheeler SuperDaE. “You can spy on me or do anything, because you don't deserve such shit.” Let's just do what we have to, and get out of here. ”
Unlike Pokory, Leroux was released on bail and allowed to live with her parents during the trial. But raised in Maryland, he was convinced that with his diminutive growth and shyness, he was simply doomed to be raped or killed in prison. Fear so seized him that on June 16 the guy cut off a police bug on his ankle and ran away.
He paid a friend to take him to Canada 600 kilometers to the north. But the long trip ended in failure: Canadians called their car at the border. Instead of resigning himself to failure, Leroux pulled out a knife and tried to cross the bridge to Canadian land. When the officers surrounded him, he decided that he had only one option left - and several times he stabbed himself with a knife. Ontario hospital doctors managed to save a guy's life. As soon as he was released from intensive care and transported back to Buffalo, the authorities canceled the bail.
When the time came for the sentencing of Pokor, the lawyer asked for leniency on the grounds that his client had lost the ability to distinguish the game from the crime: “David in the real world is completely different from David online,” he wrote in a memorandum of sentencing. “But it was in this dark world of anonymity, vague rules, and private communications far from everyday life that David gradually got used to the online culture, where the line between a video game and a computer network hack became indistinguishable.”
After admitting their guilt, Pokor, Leroux, and Neshuivat eventually received similar sentences: 18 months in prison for Pokory and Neshivevat, 24 months for Leroux. Pokora spent most of his time at the Federal Content Center in Philadelphia, where he sat in the computer room, reading emails and listening to MP3s. One day, while waiting for the console to open, a mentally unbalanced convict hit him in the face - and Pocora gave the change, so as not to look like a weakling. The fight ended when the guard sprayed pepper spray. At the end of his imprisonment, Pocor waited a few more months for deportation to Canada in an immigration cell in Newark, New Jersey. There, too, were PCs in the library, and Pokor had to slightly apply hacking skills to launch the hidden Microsoft Solitaire, which was forbidden to be launched by default.
When he finally returned to Mississauga in October 2015, he wrote an old friend Anthony Clark, who now also faced with justice. Alcala told the authorities everything about Clarke's coin mining scam. The company was already on tax notice: one of the workers came under suspicion after withdrawing $ 30,000 from the bank account in Dallas per day. Alcala helped the feds combine puzzle pieces. He explained that the system uses Electronic Arts servers to generate thousands of coins per second: the program code automated and accelerated the game process in FIFA more than 11,500 times. Thanks to this information, it was possible to charge Clark with three accomplices in fraud using electronic means of communication. They allegedly earned $ 16 million by selling FIFA coinsmainly to a Chinese businessman, about which they knew only the name of Tao.
All three accomplices of Clark pleaded guilty, but he was going to defend himself in court. Hacker believed that he had done nothing wrong, as the terms of service of Electronic Arts claim that FIFA coins have no real value. In addition, if the heads of Electronic Arts are dissatisfied with its activities, why not turn to the discussion of this issue as adults? Perhaps Electronic Arts simply envied that he, and not they, had found a way to earn income from in-game currencies.
"Yes, I face from the eight," wrote Clark in the chat Pokor. - And if I admit guilt, then three and a half. In any case,% ui. They are still trying to make me admit guilt. ”
"They will otbolbyat you if you fail in court," warned Pocora. - I just want to say a little how it will be. Because it's a shitty bullshit. ” But Clark was not shaken - he was a man of principle.
On July 4, Pokora wrote again to Clark. He jokingly asked why Clark had not yet sent him the video he asked to do: Clark with local meksy are dancing to salsa music with pinnacle Donald Trump. “Where is salsa?” Asked Pocora.
The answer came: "On my chips" with a smiley face in sunglasses. This was the last thing Pocora heard from his fellow Halo 3 .
Clark's hearings at the Fort Worth Federal District Court did not go as he had hoped in November: he was convicted under article for conspiracy to commit fraud using electronic means of communication. The lawyers believed that he had excellent grounds for appeal, because the prosecution could not prove that the Electronic Arts business had suffered any actual damage.
But the legal team of Clark did not get a chance to start this business. February 26, 2017, about a month before the appointed conclusion, Clark died in his home. Relatives claim that death occurred accidentally as a result of the lethal interaction of alcohol and drugs. Clark just turned 27 and he left an estate worth more than $ 4 million.
Members of the Xbox Underground returned to a peaceful life with varying success. In exchange for cooperation, Alcala wasn’t imprisoned; he entered Ball State University and is studying with distinction. A 20-year-old boy came to the verdict hearing in April 2016 with a girl - “my first real girl” - and spoke about the information shared with the FBI on the protection of computer infrastructure. “The world is at your feet,” the judge concluded.
Colleagues Leroux in the studio Human Head sent recommendations to the court, praising his intellect and goodwill. “He has a very promising career as a game developer, and I don’t think that he will ever again dare to throw it away,” one of his colleagues wrote. After his release, Leroux returned to Madison to continue working for the company.
Neshuivat, who was 28 at the time of his arrest, was not as successful as his younger colleagues. He fought addiction and was arrested again in December 2017 for violating a probationary period, that is, for using cocaine and opiates. According to an inspector who monitors the behavior of conditionally convicted persons, he “admitted that he took up to 50 doses of heroin per day” before the last departure to a rehabilitation center.
Since Wheeler was a minor during the main part of the events, the United States left him to Australian authorities. Having been instructed to hand over the passport within 48 hours, Wheeler drove straight to the airport and flew to the Czech Republic, the mother’s homeland. Australians planted his mother for help in escaping, presumably to force him to return and face justice (she was already released). But Wheeler chose to stay on the run, traveling across Europe on an EU passport, before eventually settling down in the UK. During his travels, he tried to collect $ 500,000 in crowdfunding at Ferrari, explaining it with medical necessity: the doctor said that he needed a car to cope with anxiety caused by legal injuries. But the campaign was not successful.
Pokora, who is now 26 years old, was disoriented in the first months of his stay in Canada. He was afraid that the brain had rotted forever in prison, where there are no intellectual stimuli. But he reunited with the girl whom he begged to leave him behind bars, and again entered the University of Toronto. He was scrambling for training, performing freelance projects on the development of UI automation tools. In times of financial shortage, all that remained was to recall those days when he was swimming in money from Call of Duty .
Upon learning of the death of Clark, Pokora briefly felt a new anger towards Alcala, who played an important role in the case against his friend. But let the anger pass. There is nothing good in keeping anger on former comrades. He couldn’t even be particularly angry with Justin May, who according to many was the FBI informant identified as “person A” from Delaware in the indictment in the Xbox Underground case. (“Sorry, I can't comment on this," said May, when asked if he was the informant. He is currently being tried in the federal district of Eastern Pennsylvania for deceiving Cisco and Microsoft for millions of dollars worth of equipment.
Pokora is still trying to understand how the love of programming has become an obsession that has knocked down the moral compass. “By making conscious decisions, I never wanted things to go that far,” he says. - That is, I wanted to penetrate the network to read some source. I was curious, I wanted to see how far it could go — that's all. It was just an intellectual curiosity. I did not want money. If I wanted money, I would take all the money that was there. But I understand: what happened in the end is regrettable. ”
Pokora knows that she will remain forever persona non grata in the gaming industry, so since the end of the course in computer science in June last year, he was looking for a full-time job elsewhere. But he had a hard time assembling a portfolio: by order of the FBI, the Canadian authorities seized all the computers that he owned before his arrest, and most of the software he created was lost forever. The authorities left the 2013 Volkswagen Golf guy - a car that he adores so much that he was ready to drive to Delaware for the bumper. He is still parked in his parents' house in Mississauga, where he played his first game at the age of two and has been living since he was released from prison.
1. Bumper
The trip to Delaware was planned for just a day. David Pokora, undergraduate, four-eyes from the University of Toronto with a scruffy blond hair to his shoulders, went to the south to choose a tuning his bumper for Volkswagen Golf R.
The American salesman refused to send the item to Canada, so Pokora agreed with his friend Justin Meem, who lived in Wilmington. Both guys are ardent gamers addicted to hacking Xbox. Although they chatted and collaborated for many years, they never met in person. Pokora planned an eight-hour trip on Friday to quietly dine with May and then bring the metal blue bumper home to Mississaugu, Ontario that night or early the next morning. The father offered help, so that they could take turns leading the family Jettou.
An hour after the start of the journey on March 28, 2014, the father and son crossed the Lewiston – Queenston Bridge and arrived at the border point on the eastern side of the Niagara Gorge. An American customs officer politely asked about the route, looking at their passports in his booth. He seemed ready to wave after the Jetta when something on the monitor caught his attention.
“What is ... Xenon?” Asked the agent, stumbling over an unfamiliar word.
David in the passenger seat struck the question. Xenon (Xenon) - one of his nicknames on the Internet, which he often used with Xenomega and DeToX - when playing Halo or discussing Xbox hacker projects with other programmers. Why did a nickname familiar only to a handful of gaming fans appear when checking a passport?
The confusion of Pokory lasted for a few moments before he remembered that he had named his sole proprietor Xenon Development Studios; the business handled payments for the Xbox service, which it managed, which gave monthly subscribers the opportunity to unlock achievements or skip levels in more than 100 different games. He mentioned the company to a customs agent, assuring that it is legally registered. Agent told the Pocoras to wait another minute.
When he and his father were waiting for permission to enter, David noticed a fleeting motion behind the Jetta. He turned and saw two men in dark form. They were approaching the car on both sides. “Something is wrong,” said the father, just before the figure appeared at the passenger window. A voice barked out of the car - and Pokora realized that he was trapped.
In the containment area of the neighboring US Customs and Border Guard building, in a sterile room with a lonely metal bench, Pocor reflected on all the stupid risky actions he did while being held captive by his Xbox obsession. When he started reversing console software ten years ago, it seemed like harmless entertainment — intellectual competition with the corporate engineers that he and his friends wanted to join. But over time, the Xbox hacker scene became filthy, its ethical standards eroded a passion for money, a thirst for thrill and status. Unnoticed, Pokora has become entangled in a series of schemes that he would never have used before: breaking into the developers' network, faking an Xbox prototype, even instigating burglary on the main Microsoft campus.
Pokora had long known that he had angered some influential people, and not only in the gaming industry: in the process of research work on the Xbox, he and his colleagues also penetrated into the American military networks. But in the first hours after his arrest, he had no idea how much legal anger he had on his head: for eight months he was held under a charge of conspiring to steal intellectual property for $ 1 billion, and federal prosecutors intended to make him the first foreign a hacker convicted of stealing American trade secrets. Some of his friends and colleagues ended up drawn into the whirlpool of trouble he helped create. One became an informant, one a fugitive, and one died.
Pokora saw the father sitting in the room on the other side of the thick glass. A federal agent bent down to inform Senior Pokor, a Polish construction emigrant, that his only son will not return to Canada for a very long time. His father dropped his callused hands.
Devastated by the fact that he caused such suffering to a usually steadfast man, David wanted to say some words of comfort. “Everything will be fine, Dad,” he said in a soft voice, drawing attention with gestures. - Everything will be OK". But the father behind the glass could not hear anything.
Microsoft kindergarten security
Long before learning to read and write, David Pokora mastered the subtleties of first-person shooters. There is an old video from 1995, where he plays Blake Stone: Aliens of Gold . The fingers of a three-year-old child are dancing promptly on the keyboard of the parent computer. He was fascinated in the game not by violence, but rather by the real magic of the controls. He wondered how a square beige machine turns his physical actions into motion on the screen. The guy was a born programmer.
Pokora indulged in coding throughout elementary school, creating simple programs like a primitive web browser. But this craft completely captured him during a family trip to Poland, when he was not yet ten years old. In a remote village, where relatives of their parents lived, the boy dragged a bulky laptop. There was little else to do. While the hens were roaming around the yard, the boy was learning the Visual Basic .NET programming language. In that house there was no access to the Network, so Pocora could not google why programs give errors. But the boy continued to bite into the code until it became flawless: this time-consuming process filled him with unexpected joy. Upon returning home, he was already on the hook. David got the buzz, subordinating cars to his will.
When Pocora began to dive into programming, parents bought the first Xbox. Thanks to the multi-user Xbox Live service and the familiar Windows architecture, this console has turned Super Nintendo into a relic. Every time, distracting himself from splashing aliens in Halo , Pokora was searching the Internet for technical information about his favorite toy. His wanderings led to the hacker community who hacked into the Xbox, extending its standard features.
To unravel the secrets of the console, hackers opened the case and listened to the data between the components of the motherboard: processor, RAM, flash memory chip. This led to the discovery of what cryptography expert Bruce Schneier called "kindergarten security." For example, Microsoft left the decryption key for the boot code of the machine in the available memory area. When a MIT graduate student named Bunny Juan discovered it in 2002, he gave his hacker brothers the opportunity to download self-made programs on the Xbox, which could transfer music, run Linux or emulate Sega and Nintendo. It was necessary only to reflash the console. This is done either by soldering the so-called modchip to the motherboard, or by downloading the hacked game save file from the USB drive.
As soon as Pocora hacked the family Xbox, he began to persevere with his beloved Halo . The boy sat on IRC channels and forums where the best Halo programmers were hanging out and studied textbooks on how to change the physics of the game. Soon he gained fame by writing utilities for Halo 2 , which allowed players to fill out any of the game landscapes with digitized water or change the blue sky to rain.
Happy days for hackers ended with the release of the second generation Xbox - Xbox 360 - in November 2005. To everyone's chagrin, she was deprived of all the glaring security flaws of her predecessor. The 13-year-old Pokora, like everyone else, could no longer run code that was not approved by Microsoft. There was one potential workaround, but this required rare equipment: an Xbox 360 development kit.
Devkits are machines on which Microsoft-approved developers create content for the Xbox. For the untrained eye, they look like regular consoles, but contain most of the necessary tools for game development, including line-by-line debugging tools. A hacker with a devkit can manipulate Xbox software in the same way as an authorized programmer.
Microsoft sends devkits only to strictly verified game development companies. In the mid-2000s, several bundles sometimes became available when a failing developer was in a hurry selling off assets, but for the most part the equipment was rarely seen in the public domain. But there was one hacker who was lucky enough to get into the holy abode of devikits for the Xbox 360, and whose desire to profit from his good fortune would help Poké to reach the top of the Xbox scene.
The only important education
In 2006, the technology manager of Wells Fargo Bank in Walnut Creek, California, 38-year-old Rowdy Van Cleve learned that a nearby waste recycling plant was selling Xbox DVDs cheaply. When he went to check the goods, the factory owner said that they regularly receive surplus Microsoft equipment. Van Cleve, a member of the respected hacker group Team Avalaunch, volunteered to help - be in the processors' warehouse and point out any Xbox junk that may have resale value.
Sifting a mountain of garbage from the Xbox, Van Cleave persuaded the processors to bring five motherboards with him. When he inserted one of them into his Xbox 360 and downloaded it, the debug mode was activated on the screen. “Well your mother,” thought Van Cleave, “it's a damn board of girls!”
Knowing that he had stumbled upon the holy grail for all Xbox hackers, Van Cleve made a deal with a processor to purchase all Xbox equipment from the trash. He stored some of these treasures in his own large collection or distributed to friends. One day, he gave another member of the Team Avalaunch group a developer kit as a wedding gift. But Van Cleave was careful and always looked for customers he could trust.
The 16-year-old Pokora became one of these buyers in 2008, shortly after meeting Van Cleave through an online friend - and impressed with his technical prowess. In addition to buying sets for himself, Pocora acted as a seller for Van Cleve, selling hardware at a significant mark up to other Halo hackers.; he took about $ 1,000 per set, although some desperate souls paid up to $ 3000. (Van Cleve denies that Pokora was selling kits on his behalf). He made friends with several customers, including a guy named Justin May, who lived in Wilmington, Delaware.
Armed with a devkit, Pocor began to crack the fresh Halo 3 . He coded for days, reaching a state of trance, which he called “superconcentration,” until he fell from exhaustion at 3 or 4 in the morning. He was often late for school, but he waved his hand to reduce academic performance. The student was convinced that programming in devkite is the only education that matters.
Pokora laid out fragments of his work on Halo 3on forums like Halomods.com - and came to the attention of a hacker named Anthony Clark from Whittier, California.
Clark, 18, had the experience of reverse engineering Xbox games. He turned to Pokor and suggested joining forces in some projects.
Clark and Pokora got close, almost every day discussing programming, as well as music, cars and other teenage topics. Pokora sold Clark Devikit for a joint hack of Halo 3 . In turn, Clark gave Pokor his knowledge of the disassembler. Together they wrote a tool for Halo 3 , which allows them to endow the main character of Master Chef with special skills, such as the ability to jump into the clouds or shoot strange shells. And they spent countless hours playing on their cracked creations on PartnerNet, the Xbox Live sandbox, available only to devkit owners.
When Pocora and Clark released fragments of their software on the Internet, they received feedback from the engineers at Microsoft and Bungie, the developer of the Halo series . Professional programmers responded only enthusiastically, although it was clear to everyone that Pokora and Clark had illegally obtained devkits. “Cool, you did an awesome reverse engineering,” Pocor would say. Encouraging reviews have convinced the guy that he is on an unusual path to the career of a game developer - perhaps this is the only path available to the son of a Mississauga builder who did not study well at school.
But Pokora and Clark sometimes flirted with darker things. By 2009, the couple used PartnerNet not only for Halo 3 mods, but also to steal a software that has not yet been released, which has been tested. There was a screenshot among the fans, which Pokora inadvertently shared with friends - there was a card that was not yet released for the game. When Pokora and Clark later returned to play Halo 3 , they saw a message from the Bungie engineers on the main screen especially for them: “The winners do not break into PartnerNet”.
The two hackers laughed. They thought that everyone was amused by their mischief - they would have stolen the beta version, but only because of their great love for the Xbox, and not for the enrichment. They saw no reason to stop playing cat and mouse with Xbox professionals, whom they had ever hoped to be called colleagues.
But these are just video games.
The Xbox 360 remained virtually invulnerable until the end of 2009, when security researchers finally revealed a weakness: by attaching the modchip to a secret set of contacts on the motherboard used for quality control, they managed to negate the protection 360. The hack became known as JTAG, short for The Joint Test Action Group is an industry body that in the mid-1980s recommended adding such contacts to all printed circuit boards.
When news of the vulnerability spread, Xbox 360 owners rushed to modify their consoles for services that others do not. The market formed overnight. With 23 million Xbox Live subscribers, multiplayer games became much more competitive, and the crowd of gamers, whom Pocora dubbed “spoiled children with parental credit cards,” were ready to go to emergency measures to humiliate rivals.
For Pokory and Clark there was an opportunity to earn. They cracked the Call of Duty series of military shooters to create the so-called "mod lobby" - a place on Xbox Live, where Call of Duty playerscan join games with a changed reality. With tariffs up to $ 100 for half an hour, players with JTAG consoles participated in deathmatchs, possessing superpowers: they could fly, walk along the walls, run at lightning speed, or shoot bullets that never flew past the target.
For an extra $ 50-150, Pokor and Clark offered "infections" - abilities that remain with the characters even after joining unlocked games. Pokora initially did not want to sell the infection: he knew that customers with such a turbo will kill their unfortunate opponents. The situation turned her down as contrary to the spirit of the games. But then the money went: up to $ 8,000 on good days. There were so many customers that he and Clark had to hire employees to cope with this madness. Overcome by the excitement of entrepreneurial activity, Pokora forgot all about his commitment to justice. Another inconspicuous step down.
Microsoft tried to suppress cheats Call of Dutyby running an automated JTAG console detection system, followed by a ban. But Pocora reversed the Microsoft system and found a way to get around it: he wrote a program that intercepted Xbox Live security requests and forwarded to the console area, where they were filled with false data, presenting a hacked console as certified.
Pokora enjoyed the benefits of his success. He still lived with his parents, but he paid for his studies when he entered the University of Toronto in the fall of 2010. He and his girlfriend dined every evening at high-end restaurants and stayed in hotels for $ 400 a night while traveling through Canadian metal concerts. He drew the feeling of exultation and power not from money or the envy of his peers, but from the fact that the $ 60 million mega-popular blockbuster game behaves as he pleases.
Pokora knew that his business was not entirely legal, many copyrights were violated. But he interpreted the lack of meaningful raids from Microsoft or Activision, the developer of Call of Duty , as a sign that companies are willing to tolerate it, just as Bungie put up with his machinations in Halo 3 . Activision has indeed sent a series of threatening letters, but has never made them a reality.
“But these are just video games,” Pokora told himself every time, receiving an Activision letter. “We are not breaking into the server and stealing someone’s information.” However, it will happen soon enough.
The tunnels
Dylan Wheeler, a hacker from Perth, Australia, with the pseudonym SuperDaE, immediately realized the value of what fell on him. His American friend under the nickname Gamerfreak shared a list of passwords for public forums of Epic Games, a developer known for the Unreal and Gears of War game series . In 2010, Wheeler began rummaging through forum accounts and searching for Epic employees. In the end, he found an employee of the IT department, whose email and password were in the Gamerfreak list. Rummaging through his personal mail, Wheeler found the password for the internal account on EpicGames.com.
Having established themselves in the Epic network, Wheeler was looking for a talented partner to get deeper. "Who is big enough to be interested in such?", - he thought. And the first to come to mind was the name Xenomega - David Pokora - whom Wheeler had long admired and longed to make friends. Wheeler wrote to the Canadian and offered him a chance to get into the network of one of the most prominent game developers in the world. In order not to risk an agreement, just in case Wheeler did not mention that he was only 14 years old.
Australian teen Dylan Wheeler, who went astray as the FBI approached,
Wheeler offered something far more illegal than everything Pocor did: one thing was to pull down the Halo cardsfrom a half-open network of PartnerNet, and quite another - to crack a secure private network where the company stores its most sensitive data. But Pokor was overwhelmed with curiosity: which software could be excavated on Epic servers, and he was excited by the prospect of reversing a couple of top-secret games. And so he summed up the rationale and established the basic rules: for example, we do not take any credit card numbers and do not look at the personal information about Epic customers.
Pokora and Wheeler combed the company's internal network under the guise of an IT employee, whose credentials were found by Wheeler. They found a connected USB-drive, which kept all the passwords of the company, including the one that gave them root access to the entire network. Then we went to Epic cone computers, such as CliffyB CliffyB Blejinski. Slightly neighing, looking at the contents of the music folder for the Lamborghini director, full of songs Katy Perry and Miley Cyrus. (Blezhinski, who left Epic in 2012, confirmed the authenticity of his account and added that he “never hid his addiction to bubble ass”).
To filter the Epic data, Wheeler enlisted the help of Sanadodeha "Sonic" Nesheivat, a New Jersey gamer with a hacked cable modem who hid his real location. In June 2011, Neshuivat downloaded a preliminary copy of Gears of War 3 and hundreds of gigabytes of other software. He recorded the Epic source code on eight Blu-ray discs, which he sent to Pokor in a package as a wedding video. Pokora shared the game with several friends, including his distributor Justin May. Within a few days, a copy appeared on torrents.
Gears of War 3 leak initiated a federal investigation. Epic began working with the FBI to identify how the hacking occurred. Pokora and Wheeler found out about the investigation by reading Epic emails. They were frightened when one of these letters described a meeting between the company's best technical specialists and FBI agents. “I need your help — they will arrest me,” wrote Pokora in a panic to May in July. “I need to encrypt several hard drives.”
But email correspondence between Epic and the FBI quickly subsided and the company made no visible effort to block hacker access from the root. A clear sign that she could not accurately determine the method of entry. Having survived the first clash with the authorities, the hackers grew bolder - especially the impudent Wheeler. He continued to invade Epic's confidential subnets, not worrying too much about hiding his IP address when he was spying on high-level corporate meetings via webcams he managed. "He deliberately enters Epic, knowing that the feds are darting there," Nesheivat said about his Australian partner. “They corresponded by mail with the FBI, but he somehow manages to spit on it.”
Having hacked Epic, hackers gained access to many other organizations. Pokora and Wheeler stumbled upon the credentials for entering Scaleform, the so-called middleware company that provided technology for the engine in the heart of Epic games. As soon as they broke into Scaleform, they discovered that the company’s network was full of Silicon Valley titans, Hollywood entertainment conglomerates and Zombie Studios, developer of Spec Ops games . In the Zombie network, they discovered tunnels for remote access to customers, including branches of US military companies. Infiltrating these poorly protected tunnels did not become a big problem, although Pocor was afraid to leave too many traces. “If they notice something like that,” he told the group, “they will start looking for me.”
As the scale of the enterprise increased, hackers discussed what to do if the FBI knocked on them. Being overwhelmed by omnipotence from penetrating the most supposedly inaccessible networks, Pokora suggested putting all Epic's proprietary data in public as an act of revenge: “If we ever disappear, just know, upload it to the Internet and say" fuck you Epic "”.
The group also joked about what to say to their teammates. Everyone liked Wheeler’s suggestion that they could instill fear in the hearts of prisoners by calling themselves Xbox Underground.
6. How to finish it?
Pokor was more and more fascinated by corporate forays, and his old friends from the Xbox stage feared for his future. Kevin Skittso, Team Avalaunch hacker, urged him to retreat from the edge of the abyss. “Dude, just stop this shit,” he begged Pokora. - Focus on your studies because it's shit. I understand - this is cool. But as technology advances, the feds are also starting to understand more; you cannot dodge this bullet for a long time. ”
But David was too absorbed by the thrill of access to the forbidden software to listen to the advice. In September 2011, he stole a preliminary copy of Call of Duty: Modern Warfare 3 . “Let us get arrested,” he told friends when he started downloading.
Despite the self-confidence of all these darts through the networks without consequences, Pocora was still proud of how little he cared about money. After capturing the database with a “fucking bunch of paperals,” Pocor himself praised friends for resisting the temptation to make a profit. “We could sell them for bitcoins that are not tracked with the right approach. There are fifty thousand lungs. ”
But with each day, Pokora became more self-serving. For example, in November 2011, he asked his friend May to make a deal with an Xboxdevguy player who expressed interest in purchasing pre-release games. Pokora was ready to sell Xboxdevguy any games for a few hundred dollars each.
Close relations Pokory with May complicated relations in the hacker group. Everyone knew that May was arrested at the Boston Gaming Convention in March 2010 for trying to download the source code for the Breach shooter. A spokesman for the game developer told Engadget technology blog that, after being caught after a short chase, May said that he “can give them more important people, and he is ready to give names.” But Pokora trusted May, because he saw how he was involved in many dark affairs. He could not imagine that someone would be allowed so much filth in collusion with law enforcement agencies.
By the spring of 2012, Pocor and Wheeler focused on looting the Zombie Studios network. They are now joined by two new characters: Austin "AAmonkey" Alcala, a high school student from Indiana, and Nathan "animefre4k" Leroux, the son of a Maryland mechanic for home schooling. In particular, Leroux turned out to be an exceptional talent: he co-authored a program for mining virtual coins in the Electronic Arts FIFA 2012 football simulator. Players receive these coins at the end of matches and use them to purchase in-game upgrades.
Studying the Zombie network, the group stumbled across a tunnel to the server of the US Army. There was a helicopter simulator AH-64D Apache, which Zombie developed under the contract of the Pentagon. Totally insane, Wheeler downloaded the software and told colleagues that they should "sell simulators to the Arabs."
Hackers also continued to torment Microsoft. They stole documents with specifications for an early version of Durango, the next-generation code name for the Xbox console, which will become known as the Xbox One. Instead of selling documents to a competitor to Microsoft, hackers chose a more sophisticated scheme: they themselves will begin to collect and sell copies of Durango using ready-made components. Leroux volunteered to do the assembly: he needed money to pay for online computer science classes at the University of Maryland.
Hackers made inquiries in the community and found a buyer in the Seychelles, who agreed to pay $ 5,000 for a fake console. May took the finished car from the house of Leroux and promised to send it to the islands in the Indian Ocean.
But Durango never arrived at its destination. When the buyer complained, the paranoia began: the FBI intercepted the cargo? Are they all under surveillance?
Wheeler was especially worried. After all, he thought that the group was untouchable after the Epic investigation seemed to stop. But now he felt they would be covered. “How to finish this game?” He asked himself. The answer he found was to descend into the glory and do something that would permanently secure him a place on the Olympus of the Xbox hacker scene.
Wheeler launched his campaign for fame by posting Durango on eBay, using photos of the prototype that Leroux built. Bidding for a non-existent console reached $ 20,100 before eBay canceled the auction, declaring it fraudulent. Furious with media attention to this story, Pokora broke off relations with Wheeler.
A few weeks later, Leroux disappeared from the scene. Rumor has it that the FBI took it. The Americans close to Pokor began to say that they were being watched by black cars with tinted windows. Hackers suspected that there was a mole among them.
7. Man A
The relationship between Pokora and Clark deteriorated when Pokora engaged in hacking game developers. In the end, they quarreled over staffing problems in their Call of Duty services business — for example, some Pocor employees were greedy, but Clark refused to fire them. Tired of quarrels, entrepreneurs dispersed. Pokora focused on Horizon, an Xbox cheat service that he created on the side with some friends. He liked that Horizon cheats could not be used on Xbox Live, which created less potential technical and legal issues. Meanwhile, Clark improved the technology for generating coins in FIFA and began selling virtual currency on the black market. Austin Alcala, who was involved in hacking Zombie Studios and faking Xbox One, worked at Clark's new venture.
Since now the forces of 20-year-old Pokora have shared between the Horizon administration and the visit to the university, Wheeler alone continued the path of the kamikaze. After his eBay trick, Microsoft sent a private detective named Miles Hawkes to Perth. Wheeler tweeted a meeting with “Mr. Microsoft Man,” who demanded information about accomplices at dinner at the Hyatt. According to Wheeler, Hawks said not to worry about the legal consequences, since Microsoft is interested in pursuing only "real assholes." (Microsoft denies that Hawks said this).
In December 2012, the FBI carried out a raid on the home of Santodeha Nesheivat in New Jersey. He posted an unedited search warrant online. Wheeler responded by doxing agents in public forums, encouraging people to stalk them. He also spoke openly about hiring a hitman to kill a federal judge who signed the warrant.
Wheeler’s strange impulsive attempts to escalate in any situation alarmed federal prosecutors, who had been carefully building a case against hackers since Gears of War leaked in June 2011. Edward McAndrew, the assistant US attorney who led the investigation, felt the need to speed up the pace of his team’s work before Wheeler reached real violence.
On the morning of February 19, 2013, Wheeler was working at his family’s house in Perth when he heard a noise in the courtyard under the window. A phalanx of men in light tactical gear, with “glocks” on the sides, approached the house. Wheeler went quickly to turn off all the computers so that the criminologists had to at least work on password cracking.
Over the next few hours, Australian police took away computer equipment for $ 20,000, according to Wheeler. The guy was stunned that no one bothered to put his precious hard drives in anti-static bags. He was not arrested that day, but a lot of evidence was found on the disks: Wheeler often took screenshots of his hacker exploits, including a chat in which he suggested running some crazy program on Zombie Studios servers to explode the interest of fans.
In July of that year, Pocor told Justin May that he was going to visit Defcon, the annual hacker gathering in Las Vegas - to make his first trip to the United States in recent years. On July 23, McAndrew and colleagues filed a closed indictment on 16 counts against Pokory, Neshivevat and Leroux, accusing them of crimes, including fraud using electronic means of communication, using other people's personal data with an identity fraud and conspiracy to steal commercial secrets. Wheeler and Gamerfreak, the original source of the Epic password list, are identified by accomplices (Alcala will be added four months later). The document showed that most of the case is based on evidence from an informant, called "person A." He is described as a resident of the state of Delaware,
Prosecutors also described the defendants as members of a certain Xbox Underground community. Wheeler's prison joke was no longer a joke.
Without knowing anything about the secret charge, Pocora refused to go to Defcon because of employment at the last minute. The FBI agents were worried that the arrest of American accomplices would push him to flee, so the agency decided to wait for his trip to the south before closing the rest of the hackers.
Two months later, Pokora went to Toronto Opera House for a concert of the Swedish metal band Katatonia. His phone buzzed in unison with the first howls from the stage — it was Alcala, now a high school student in Fishery, Indiana. He was overwhelmed with delight: he said that he knew a guy who could get both of the last Durango prototypes — real ones, not copies, like they did in the summer. His acquaintance is ready to enter the Microsoft campus building in Redmond to steal them. Instead, the cracker required credentials to enter the Microsoft game development network, plus several thousand dollars. The conquest was puzzled by the audacity of the novice robber. This guy is stupid, he thought. But after many years of the successful adventures of Pocor, he lost the habit of listening to common sense. He told Alcala to keep him informed.
The robber turned out to be an 18-year-old graduate of a school named Arman, known in circles as ArmanTheCyber (he agreed to share his story on the condition that his name would not be given). A year earlier, he had cloned a Microsoft employee badge that belonged to his mother's boyfriend. Since then, he has repeatedly used the RFID card to study the Redmond campus, passing as an employee and dressing from head to toe in Mayrosoft free stuff (Microsoft claims that the guy did not copy the badge, but rather stole it). Arman has already taken out one Durango for personal use. He was frightened to come back for others, but he also filled the recklessness of youth.
Around 9 pm late September night, Arman passed into the building where the Durango prototypes were stored. Several Microsoft engineers roamed the corridors. Armand dived into the cubicle and hid when he heard footsteps. In the end, he climbed the stairs to the fifth floor, where, according to his information, there was a secret warehouse Durango. When the teenager began to wade in the dusk to the right place, motion sensors responded to him - and the light came on. Frightened, Armand ran down.
Finally, he found what he was looking for in two cubicles on the third floor. At one Durango on the case lay a pair of shoes on the heels. Armand squeezed both consoles into a large backpack, and left unusual shoes on the carpet.
He sent the stolen consoles to Pokor and Alcala, and a week later he received amazing news: Microsoft vendor finally considered a job application sent in summer - and hired him with a quality tester. But the guy only lasted a couple of weeks at work before the investigators identified him; the camera on the stairs fixed Arman’s face as he left the building. To minimize legal consequences, he begged Pokor and Alcala to give back the stolen consoles. He also returned Durango, which he had taken for himself earlier, and very much in time: jealous hackers had already examined his house through a hacked surveillance system, planning a robbery.
Pokora spent the entire winter breaking Xbox 360 games for Horizon. In March 2014, Toronto began to thaw - and the guy decided that he could spend the weekend on a trip to Delaware behind the bumper for his Golf.
“You know, they can arrest me,” he told his father when they were going on the road. The father had no idea what he was talking about, but he smiled crookedly in response to what he considered to be an unsuccessful joke.
8. "Such a life is not for you"
After appearing in federal court, Buffalo and a few days in the neighboring county prison, Pocoru was loaded into a van along with another federal prisoner, a gang member with powerlifter hands and without a noticeable neck. They were transported to a private prison in Ohio, where Pokora will be held until the court in Delaware starts a trial. According to him, the guards were throwing sandwiches on the floor of the van to prisoners, knowing that tightly fettered prisoners could not bend down and take them.
During the three-hour journey, a member of the gang, who served a sentence for beating a man with a hammer, advised Pokora to do everything to minimize time behind bars: “This life is not for you,” he said. “This life is for no one, really.”
Pokora took the words to heart when he was taken to Delaware in early April 2014. He quickly agreed to the proposed plea bargain and helped affected companies identify vulnerabilities that he used — for example, poorly protected tunnels through which they reached their networks. Listening to the professorial explanations of the conquests of their hacks, the chief prosecutor Macandrew now flatteringly spoke of the 22-year-old Canadian: “He is a very talented guy who has gone the bad way,” he said. - Often, when investigating such things, one cannot but admire a certain level of brilliance and creativity. But then you kind of back off and say: "And here it all went wrong."
Once, on the way from prison to court, Pokora was put in a marshal's car with someone who seemed familiar: a pale, thin, 20-year-old guy with teeth accustomed to sweets. It was Nathan Leroux, whom Pokora had never met personally, but he recognized it from a photo. He was arrested on March 31 in Madison, Wisconsin, where he moved after an FBI raid. That raid scared him enough to throw an Xbox scene and escape. In the new life, he flourished as a programmer at Human Head Studios, a small game studio when the feds appeared and took him into custody.
When he and Leroux went to court in shackles, Pokora tried to convey the advice of that gangster: “Look how much it has become aggravated because of this asshole DaE,” he said, reducing his nickname Wheeler SuperDaE. “You can spy on me or do anything, because you don't deserve such shit.” Let's just do what we have to, and get out of here. ”
Unlike Pokory, Leroux was released on bail and allowed to live with her parents during the trial. But raised in Maryland, he was convinced that with his diminutive growth and shyness, he was simply doomed to be raped or killed in prison. Fear so seized him that on June 16 the guy cut off a police bug on his ankle and ran away.
He paid a friend to take him to Canada 600 kilometers to the north. But the long trip ended in failure: Canadians called their car at the border. Instead of resigning himself to failure, Leroux pulled out a knife and tried to cross the bridge to Canadian land. When the officers surrounded him, he decided that he had only one option left - and several times he stabbed himself with a knife. Ontario hospital doctors managed to save a guy's life. As soon as he was released from intensive care and transported back to Buffalo, the authorities canceled the bail.
When the time came for the sentencing of Pokor, the lawyer asked for leniency on the grounds that his client had lost the ability to distinguish the game from the crime: “David in the real world is completely different from David online,” he wrote in a memorandum of sentencing. “But it was in this dark world of anonymity, vague rules, and private communications far from everyday life that David gradually got used to the online culture, where the line between a video game and a computer network hack became indistinguishable.”
After admitting their guilt, Pokor, Leroux, and Neshuivat eventually received similar sentences: 18 months in prison for Pokory and Neshivevat, 24 months for Leroux. Pokora spent most of his time at the Federal Content Center in Philadelphia, where he sat in the computer room, reading emails and listening to MP3s. One day, while waiting for the console to open, a mentally unbalanced convict hit him in the face - and Pocora gave the change, so as not to look like a weakling. The fight ended when the guard sprayed pepper spray. At the end of his imprisonment, Pocor waited a few more months for deportation to Canada in an immigration cell in Newark, New Jersey. There, too, were PCs in the library, and Pokor had to slightly apply hacking skills to launch the hidden Microsoft Solitaire, which was forbidden to be launched by default.
When he finally returned to Mississauga in October 2015, he wrote an old friend Anthony Clark, who now also faced with justice. Alcala told the authorities everything about Clarke's coin mining scam. The company was already on tax notice: one of the workers came under suspicion after withdrawing $ 30,000 from the bank account in Dallas per day. Alcala helped the feds combine puzzle pieces. He explained that the system uses Electronic Arts servers to generate thousands of coins per second: the program code automated and accelerated the game process in FIFA more than 11,500 times. Thanks to this information, it was possible to charge Clark with three accomplices in fraud using electronic means of communication. They allegedly earned $ 16 million by selling FIFA coinsmainly to a Chinese businessman, about which they knew only the name of Tao.
All three accomplices of Clark pleaded guilty, but he was going to defend himself in court. Hacker believed that he had done nothing wrong, as the terms of service of Electronic Arts claim that FIFA coins have no real value. In addition, if the heads of Electronic Arts are dissatisfied with its activities, why not turn to the discussion of this issue as adults? Perhaps Electronic Arts simply envied that he, and not they, had found a way to earn income from in-game currencies.
"Yes, I face from the eight," wrote Clark in the chat Pokor. - And if I admit guilt, then three and a half. In any case,% ui. They are still trying to make me admit guilt. ”
"They will otbolbyat you if you fail in court," warned Pocora. - I just want to say a little how it will be. Because it's a shitty bullshit. ” But Clark was not shaken - he was a man of principle.
On July 4, Pokora wrote again to Clark. He jokingly asked why Clark had not yet sent him the video he asked to do: Clark with local meksy are dancing to salsa music with pinnacle Donald Trump. “Where is salsa?” Asked Pocora.
The answer came: "On my chips" with a smiley face in sunglasses. This was the last thing Pocora heard from his fellow Halo 3 .
Clark's hearings at the Fort Worth Federal District Court did not go as he had hoped in November: he was convicted under article for conspiracy to commit fraud using electronic means of communication. The lawyers believed that he had excellent grounds for appeal, because the prosecution could not prove that the Electronic Arts business had suffered any actual damage.
But the legal team of Clark did not get a chance to start this business. February 26, 2017, about a month before the appointed conclusion, Clark died in his home. Relatives claim that death occurred accidentally as a result of the lethal interaction of alcohol and drugs. Clark just turned 27 and he left an estate worth more than $ 4 million.
9. “I wanted to see how far it goes.”
Members of the Xbox Underground returned to a peaceful life with varying success. In exchange for cooperation, Alcala wasn’t imprisoned; he entered Ball State University and is studying with distinction. A 20-year-old boy came to the verdict hearing in April 2016 with a girl - “my first real girl” - and spoke about the information shared with the FBI on the protection of computer infrastructure. “The world is at your feet,” the judge concluded.
Colleagues Leroux in the studio Human Head sent recommendations to the court, praising his intellect and goodwill. “He has a very promising career as a game developer, and I don’t think that he will ever again dare to throw it away,” one of his colleagues wrote. After his release, Leroux returned to Madison to continue working for the company.
Neshuivat, who was 28 at the time of his arrest, was not as successful as his younger colleagues. He fought addiction and was arrested again in December 2017 for violating a probationary period, that is, for using cocaine and opiates. According to an inspector who monitors the behavior of conditionally convicted persons, he “admitted that he took up to 50 doses of heroin per day” before the last departure to a rehabilitation center.
Since Wheeler was a minor during the main part of the events, the United States left him to Australian authorities. Having been instructed to hand over the passport within 48 hours, Wheeler drove straight to the airport and flew to the Czech Republic, the mother’s homeland. Australians planted his mother for help in escaping, presumably to force him to return and face justice (she was already released). But Wheeler chose to stay on the run, traveling across Europe on an EU passport, before eventually settling down in the UK. During his travels, he tried to collect $ 500,000 in crowdfunding at Ferrari, explaining it with medical necessity: the doctor said that he needed a car to cope with anxiety caused by legal injuries. But the campaign was not successful.
Pokora, who is now 26 years old, was disoriented in the first months of his stay in Canada. He was afraid that the brain had rotted forever in prison, where there are no intellectual stimuli. But he reunited with the girl whom he begged to leave him behind bars, and again entered the University of Toronto. He was scrambling for training, performing freelance projects on the development of UI automation tools. In times of financial shortage, all that remained was to recall those days when he was swimming in money from Call of Duty .
Upon learning of the death of Clark, Pokora briefly felt a new anger towards Alcala, who played an important role in the case against his friend. But let the anger pass. There is nothing good in keeping anger on former comrades. He couldn’t even be particularly angry with Justin May, who according to many was the FBI informant identified as “person A” from Delaware in the indictment in the Xbox Underground case. (“Sorry, I can't comment on this," said May, when asked if he was the informant. He is currently being tried in the federal district of Eastern Pennsylvania for deceiving Cisco and Microsoft for millions of dollars worth of equipment.
Pokora is still trying to understand how the love of programming has become an obsession that has knocked down the moral compass. “By making conscious decisions, I never wanted things to go that far,” he says. - That is, I wanted to penetrate the network to read some source. I was curious, I wanted to see how far it could go — that's all. It was just an intellectual curiosity. I did not want money. If I wanted money, I would take all the money that was there. But I understand: what happened in the end is regrettable. ”
Pokora knows that she will remain forever persona non grata in the gaming industry, so since the end of the course in computer science in June last year, he was looking for a full-time job elsewhere. But he had a hard time assembling a portfolio: by order of the FBI, the Canadian authorities seized all the computers that he owned before his arrest, and most of the software he created was lost forever. The authorities left the 2013 Volkswagen Golf guy - a car that he adores so much that he was ready to drive to Delaware for the bumper. He is still parked in his parents' house in Mississauga, where he played his first game at the age of two and has been living since he was released from prison.