12.13.11

Anonymous Hacker Arrested for Attack on Gene Simmons’s Website

A 24-year-old hacker was arrested Tuesday for a cyberattack on KISS star Gene Simmons’s website. Christine Pelisek reports on the escalating war between hackers and anti-piracy campaigns.

A member of the international hacker group Anonymous was arrested this morning after he conducted a sophisticated cyberattack on a website operated by KISS rocker and Family Jewels star Gene Simmons. Kevin George Poe, 24, was taken into custody by federal authorities at his home in Manchester, Conn. He is charged with two federal counts of conspiracy and unauthorized impairment of a protected computer. If convicted, Poe could face up to 15 years in federal prison.

“We evaluated servers and were able to discern an IP address that brought us to him,” said Thom Mrozek, a spokesman for the U.S. Attorney’s Office in Los Angeles. “There was a significant amount of forensic work involved. We are dealing with a group that is quite sophisticated and will take efforts to conceal their identity.”

Last week, a federal grand jury in Los Angeles returned an indictment that accused Poe, who used the screen name spydr101, of allegedly conducting an elaborate distributed denial of service (DDoS) against Simmons’s website, GeneSimmons.com. The cyberattack sent tens of thousands of electronic requests to Simmons’s website with the purpose of overloading the computer server and rendering the website useless. According to the indictment, Poe used a software tool that is widely used by Anonymous called Low Orbit Ion Cannon, which is a computer program that sends extremely large numbers of “packets” or requests over a network in an attempt to sabotage a computer.

The cyberattack occurred during a five-day period in October 2010 as part of Operation Payback, a long-running campaign by Anonymous to sabotage organizations that are involved in anti-piracy campaigns such as the Recording Industry Association of America and the Motion Picture Association of America.

Simmons was allegedly targeted after he told an October 2010 MIPCOM conference on building successful entertainment branding that the music industry needed to protect itself from pesky downloaders, who steal songs off the Web, by suing them.

“Make sure your brand is protected, be litigious, sue anybody—take their homes, their cars, don’t let anybody cross that line,” Simmons said at the conference. “The music industry was asleep at the wheel and didn’t have the balls to go and sue every fresh-faced, freckle-faced college kid who downloaded a clip, so now we’re left with hundreds of people without jobs.”

Simmons’s rant soon caught the attention of Anonymous, which began its DDoS attack on the rocker soon afterward. After the site was brought back online, Simmons issued a threat to the hacker group on his website.

“Our legal team and the FBI have been on the case, and we have found a few, shall we say ‘adventurous’ young people, who feel they are above the law. And, as stated in my MIPCOM speech, we will sue their pants off,” he wrote.

“First, they will be punished. Second, they might find their little butts in jail, right next to someone who’s been there for years and is looking for a new girlfriend…We will soon be printing their names and pictures. We will find you. You cannot hide. Stay tuned.”

Poe’s arrest is the latest in a series of high-profile arrests made by federal authorities to crack down on computer hacking. The problem continues to grow, authorities say. Currently, the U.S. attorney’s office in Los Angeles has 10 prosecutors assigned to its unit.

“We have prosecuted at least a half a dozen of these types of cases recently,” said Mrozek.

“The music industry was asleep at the wheel and didn’t have the balls to go and sue every fresh-faced, freckle-faced college kid who downloaded a clip,” said Simmons.

In October, federal authorities charged 35-year-old unemployed Florida man Christopher Chaney with hacking into the email accounts of songbird Christina Aguilera, TV actress Renee Olstead, and film star Scarlett Johansson. Chaney, who was not affiliated with a hacker group, said he was addicted to “seeing the behind-the-scenes of what’s going on with the people you see on the big screen.”

Last September, the Los Angeles office arrested 23-year-old Arizona college student Cody Kretsinger for breaching the computers at Sony Pictures Entertainment. Kretsinger was a member of Lulz Security, or LulzSec, a group that has been linked to hacking scandals involving government agencies and businesses. According to the indictment, Kretsinger, who went by the moniker “recursion,” grabbed the emails and passwords of people who entered contests promoted by Sony and then gave them to members of LulzSec who posted the material on its website.

In June, a 31-year-old paraplegic named Luis Mijangos was charged with federal extortion after he allegedly hacked into the computers of dozens of teenage girls and women looking for intimate photos and videos and then attempted to extort them, threatening to send the images to friends and family unless they made him new sexually explicit videos. Mijangos, who claimed he was a member of an underground gang of Mexican hackers, targeted at least 44 girls and 186 women, mostly in Southern California.

In January 2010, Brian Mettenbrink, an Iowa State University student, pleaded guilty to the charge of unauthorized access of a protected computer for his involvement in the Web attack against the Church of Scientology, which was spearheaded by Anonymous. Mettenbrink, then 20, told authorities that he downloaded software from an Anonymous Internet message board that he used to knock down the Scientology websites and make them inaccessible to visitors.

The case against Poe was investigated by the Los Angeles office of the FBI. Poe was arrested by special agents at the FBI’s New Haven field office, and was booked and released in lieu of $10,000 bond. A U.S. District Court judge ordered him to appear in L.A. federal court on a yet-to-be-determined date.