Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground [Paperback]

Kevin Poulsen (Author)

Book Description

Release date: February 7, 2012 | ISBN-10: 0307588696 | ISBN-13: 978-0307588692 | Edition: Reprint

Former hacker Kevin Poulsen has, over the past decade, built a reputation as one of the top investigative reporters on the cybercrime beat. In Kingpin, he pours his unmatched access and expertise into book form for the first time, delivering a gripping cat-and-mouse narrative—and an unprecedented view into the twenty-first century’s signature form of organized crime.
 
The word spread through the hacking underground like some unstoppable new virus: Someone—some brilliant, audacious crook—had just staged a hostile takeover of an online criminal network that siphoned billions of dollars from the US economy.
 
The FBI rushed to launch an ambitious undercover operation aimed at tracking down this new kingpin; other agencies around the world deployed dozens of moles and double agents. Together, the cybercops lured numerous unsuspecting hackers into their clutches. . . . Yet at every turn, their main quarry displayed an uncanny ability to sniff out their snitches and see through their plots.
 
The culprit they sought was the most unlikely of criminals: a brilliant programmer with a hippie ethic and a supervillain’s double identity. As prominent “white-hat” hacker Max “Vision” Butler, he was a celebrity throughout the programming world, even serving as a consultant to the FBI. But as the black-hat “Iceman,” he found in the world of data theft an irresistible opportunity to test his outsized abilities. He infiltrated thousands of computers around the country, sucking down millions of credit card numbers at will. He effortlessly hacked his fellow hackers, stealing their ill-gotten gains from under their noses. Together with a smooth-talking con artist, he ran a massive real-world crime ring.
 
And for years, he did it all with seeming impunity, even as countless rivals ran afoul of police.
 
Yet as he watched the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, he began to see in their dysfunction the ultimate challenge: He would stage his coup and fix what was broken, run things as they should be run—even if it meant painting a bull’s-eye on his forehead.
 
Through the story of this criminal’s remarkable rise, and of law enforcement’s quest to track him down, Kingpin lays bare the workings of a silent crime wave still affecting millions of Americans. In these pages, we are ushered into vast online-fraud supermarkets stocked with credit card numbers, counterfeit checks, hacked bank accounts, dead drops, and fake passports. We learn the workings of the numerous hacks—browser exploits, phishing attacks, Trojan horses, and much more—these fraudsters use to ply their trade, and trace the complex routes by which they turn stolen data into millions of dollars. And thanks to Poulsen’s remarkable access to both cops and criminals, we step inside the quiet, desperate arms race that law enforcement continues to fight with these scammers today. 
 
Ultimately, Kingpin is a journey into an underworld of startling scope and power, one in which ordinary American teenagers work hand in hand with murderous Russian mobsters and where a simple Wi-Fi connection can unleash a torrent of gold worth millions.


From the Hardcover edition.

Editorial Reviews

From Publishers Weekly

In a previous life, Poulsen served five years in prison for hacking. So the Wired senior editor and "Threat Level" blogger knows intimately the terrain he explores in this page-turning tale of the criminal exploits of a hacker of breathtaking ambition, Max Butler, who stole access to 1.8 million credit card accounts. Poulsen understands both the hows of hacking, which he explains clearly, as well as the whys, which include, but also can transcend, mere profit. Accordingly, his understanding of the hacking culture, and his extensive interviews with Butler, translates into a fascinating depiction of a cybercriminal underworld frightening in its complexity and its potential for harm, and a society shockingly vulnerable to cybercrime. The personalities, feuds, double dealing, and scams of the hackers are just one half of this lively story. The other half, told with equal verve, is law enforcement's efforts to find and convict Butler and his accomplices. (Butler is now serving a 13-year sentence and owes .5 million in restitution.) Poulsen renders the hacker world with such virtual reality that readers will have difficulty logging off until the very end. (Feb.)
(c) Copyright PWxyz, LLC. All rights reserved. --This text refers to an out of print or unavailable edition of this title.

Review

"[A] brisk and entertaining tale."--The New York Times

"Even though he has done jail time for his cyber crimes and credit card hacking, it’s hard not to like Max "Max Vision" Butler.... The capers of this misfit genius, and the FBI’s attempts to infiltrate credit card hacking rings, combine to make this a fast, fun read."--Newark Star-Ledger

“Hello, Hollywood, Kevin Poulsen has a tale for you. Deftly told.”—San Francisco Chronicle

"What will make this book endure is Poulsen's elegant elucidation of how the hacking world evolved from its pimply, ideological beginnings into a global criminal enterprise"--Atlantic.com

“Poulsen renders the hacker world with such virtual reality that readers will have difficulty logging off until the very end.”—Publishers Weekly
 
“The lead figures of KINGPIN are brilliant, crooked geeks and the sleazy women who love to help them steal. Their mortal enemies are a cyber-savvy swarm of undercover cops.  Kevin Poulsen gets so close to these paranoid, shadowy people that you can smell the sweat on the keyboards and hear the handcuffs clack shut. No other book can match this intimate, expert portrait of a truly modern criminal underworld.”--Bruce Sterling, Hugo Award-winning novelist and futurist
 
“An exciting crime thriller, a compelling psychological study, and one of the most accurate stories of hacker culture that I’ve ever read…Poulsen deftly explains the technology behind these ultramodern computer crimes and shows how they’re committed.”--Annalee Newitz, Editor in Chief of io9.com
 
“With the tense drama and future shock of a William Gibson novel, Kevin Poulsen spins a scary-true tale of the dark-side hacker underground and its most adept sorcerer.”--Steven Levy, author of Hackers and Crypto
 
"The most thorough portrait to date of a top modern U.S. cyber criminal and an engaging tale of cops against robbers against other robbers. No one writes with more authority than Kevin Poulsen about how hackers actually go about their business."--Joseph Menn, author of All the Rave and Fatal System Error
 
“Building on the best of the police procedural tradition, Kevin Poulsen lays out in clear language the technologies and methods employed by the criminals and crime fighters alike, all the while crafting a sympathetic character study of the conflicted gray hat, Max Vision, at the heart of it all.”--Jonathan Zittrain, Harvard professor and author of The Future of the Internet and How to Stop It
 
“A superb, insider tour of the dark Internet that lies below "the whitewashed, commercialized" world of the Web. Kevin Poulsen is one of the very few people who understands the territory: the scammers, the scammers of the scammers, and the law enforcement officers trying to catch them. KINGPIN describes a parallel business world, including "the underground's first hostile takeover," where characters who call themselves names like DarkCyd and Matrix and Ghost23 battle for control of digital scams. It is a fascinating, scary ride.”--Ellen Ullman, author of Close to the Machine and The Bug
 


From the Hardcover edition.

See all Editorial Reviews

Product Details

• Paperback: 288 pages
• Publisher: Broadway; Reprint edition (February 7, 2012)
• Language: English
• ISBN-10: 0307588696
• ISBN-13: 978-0307588692
• Product Dimensions: 5.2 x 0.6 x 8 inches
• Shipping Weight: 7.2 ounces (View shipping rates and policies)
• Average Customer Review: 4.6 out of 5 stars  See all reviews (103 customer reviews)
• Amazon Best Sellers Rank: #70,446 in Books (See Top 100 in Books)
  • #46 in Books > Computers & Technology > Internet & Web Culture > Hacking
  • #46 in Books > Computers & Technology > Business & Management > History
  • #71 in Books > Computers & Technology > Business & Management > Culture

More About the Author

An award-winning investigative journalist, Kevin Poulsen oversees news and feature reporting at the technology news site Wired.com. Poulsen joined Wired.com in 2005, and for five years served as editor of the Threat Level blog, which under his tenure won the 2008 Knight-Batten Award for Innovation in Journalism, the 2010 MIN award for best blog and both Webby and People's Voice awards in 2011. In 2006, Poulsen conducted a computer-assisted investigation into the presence of registered sex offenders on MySpace, which spawned federal legislation. In June 2010, Poulsen and a co-writer broke the news that the government had secretly arrested a young Army intelligence analyst on suspicion of leaking hundreds of thousands of classified documents to WikiLeaks. He is the author of Kingpin -- How One Hacker Took Over the Billion Dollar Cyber Crime Underground (Crown, 2011).

Most Helpful Customer Reviews

49 of 51 people found the following review helpful

5.0 out of 5 stars Terrific Narrative, Well Written February 23, 2011

By TenthBear

Format:Kindle Edition|Amazon Verified Purchase

I bought this book yesterday after reading a synopsis about it on Wired; it was absolutely fantastic. The author takes the most important technological and cultural revolution of the last fifty years and pulls away the veneer to reveal a deep criminal underworld. With the colored perspective that only a former hacker could offer, the author delivers both a survey course in the rise and fall of phreaking and hacking communities, as well as a compassionate narrative regarding its willing victims. Although I work in the tech field, I immediately realized that it was in no way a pre-requisite for enjoying this piece. By focusing on characters and setting the author has done a terrific job of communicating the story without entangling the reader in unnecessary technical detail.
Every part disturbing as I hoped it would be, this book showcases how fragile the internet revolution has made sensitive data. I felt like I was reading Le Carre, the double agents, the betrayal, it was everything to remind myself that this is a true story. I have already recommended this to friends.

51 of 56 people found the following review helpful

4.0 out of 5 stars Excellent book on the contemporary face of computer crime March 25, 2011

By Richard Bejtlich

Format:Hardcover

I've read and reviewed almost all of the non-fiction computer crime and espionage books written since the 1980s. Kingpin by Kevin Poulsen is one of my favorites. I will recommend this book to fellow digital security professionals and those who would like insights into our world. Kingpin's coverage of Max Ray Butler's (MRB) constant entanglement with the dark side is a lesson for anyone contemplating using their skills for evil.

One of the reasons I enjoyed reading Kingpin is that I've been familiar with the case since 1998. Poulsen described how MRB exploited vulnerable BIND instances on Air Force and other DNS servers that year. I happened to be a captain in the Air Force CERT and worked with the analyst who discovered MRB's exploitation of Air Force name servers.

Because of my familiarity with this case (limited though it may be), I identified more than one instance where Poulsen seemed to take what I consider to be an unnecessarily "sympathetic" or "understanding" approach to MRB's actions. For example, if MRB acted in the best interest of the Air Force by exploiting and then patching DNS servers, he didn't need to leave a rootkit behind. Worse, he didn't need to return to the compromised systems via his rootkit and backdoor once his "work" was done. Poulsen didn't question MRB's stated motives by presenting a more reasonable explanation for this activity: MRB was a black hat and acted like one.

I noted more "sympathy" for MRB when Poulsen described the incident where MRB choked his girlfriend. Instead of saying MRB "choked his girlfriend," Poulsen wrote on p 11 that "Max began trembling. Then his hands were around her throat and he was pushing her down onto the mattress." This sort of language is disturbing beyond the event itself, because it seems to reveal too much bias.

Once readers recognize this aspect of the book, however, I believe they will still like reading it. Poulsen has a real knack for covering technology and security news and events. I only noticed one odd observation on p 6: Poulsen wrote about the year 1990 and said "the Internet was seven years old then." I think he meant that TCP/IP was seven years old in 1990, having been invented in 1983. Otherwise, I found Poulsen's descriptions of MRB's various exploits to be accurate and intriguing.

If you're interested in a great true story on modern cybercrime, take a look at Kingpin. I finished the book in about two sittings and read every word! I hope Poulsen decides to tackle other aspects of the digital underground in future books.

22 of 23 people found the following review helpful

5.0 out of 5 stars Can't Put It Down February 25, 2011

By W. Hartman

Format:Kindle Edition|Amazon Verified Purchase

Like the first reviewer, I read the excerpts on Wired.com and was instantly intrigued. The book offers a glimpse into the personalities of the digital underground and you quickly understand the compartmentalization that these characters had to construct to justify themselves in their acts.

There were times where I had to stop myself and readjust my frame of reference because it reads almost like fiction. There is incredible detail in the book that often painted a cloud of disbelief in my skeptical mind. It would be quite interesting to pour over the author's notes and sources, seeing where he may have injected a bit more creative license than the source material lent itself to, but I see that more as a compliment than criticism. The truth, as the saying goes, can be stranger than fiction.

The writing is very well done and would be a good read, even if you're not technically proficient in the world of digital security. To those that may mind, the book is uncensored from the over-the-top banter that is exchanged between these online personas. It can be gritty at times, but the unrestrained approach is very telling of the hubris in which the underground trades.

This is an excellent book and very educational on the security problems that we all face in the digital age. Get it. Read it. Gorge on it.