💾 Archived View for spam.works › mirrors › textfiles › hacking › sha.hac captured on 2023-06-14 at 16:56:42.

View Raw

More Information

-=-=-=-=-=-=-

 
               ___________     __       __     ___________
              /\  ________\   /\ \     /\ \   /\  _______ \
              \ \ \_______/   \ \ \    \ \ \  \ \ \_____/\ \
               \ \ \_________  \ \ \____\_\ \  \ \ \____\_\ \
                \ \_________ \  \ \  _______ \  \ \  _______ \
                 \/________/\ \  \ \ \_____/\ \  \ \ \_____/\ \
                    _______\_\ \  \ \ \    \ \ \  \ \ \    \ \ \
                   /\___________\  \ \_\    \ \_\  \ \_\    \ \_\
                   \/___________/   \/_/     \/_/   \/_/     \/_/
 
             S W E D I S H   H A C K E R S   A S S O C I A T I O N
 
                                   Presents
 
 <---------------------------------------------------------------------------->
  Released                                                      Editor:  Mr Big
                           Annual Year Protocol #4
  28-Feb-92                                                            (c) 1992
 <---------------------------------------------------------------------------->
 
 
 
                                   ---------
                                   - Index -
                                   ---------
 
         Introduction.............................................
         Voice of the Editor......................................
         Voice of the Members in S.H.A............................
         Inside story at court - S.H.A. member stands trial.......
         New S.H.A. board.........................................
         Royal Institute Of Technology............................
         S.H.A. Member busted.....................................
         Operation Sundevil, by Knight Lightning (guest writer)...
         Cray II Attacked by S.H.A................................
         Milnet and Goverment computers attacked by S.H.A.........
         Guidelines for System Operators..........................
         FSF/MIT Closing down the shop............................
         Short World Wide news....................................
         Blue Boxing..............................................
         Carding today............................................
         S.H.A's rules and advices for other hackers..............
         Demoralized Youth, by Tormentor (guest writer)...........
         S.H.A. Official Summer Party 1991........................
         Prof of S.H.A. Hacking Activities........................
         S.H.A. Body Guards.......................................
         Investigation of S.H.A...................................
         Back Chat................................................
         Messages to System Operators.............................
         The Future...............................................
         Releases 1992............................................
         How to contact S.H.A.....................................
         Editors final note.......................................
         Disclaimer...............................................
 
 
 
                                ----------------
                                - Introduction -
                                ----------------
 
  Welcome to another annual year report from the only true hacking group
  in Sweden today, The Swedish Hackers Association.
 
  In this public release we have not included any detailed information about
  any attacks made by members of S.H.A. since the Police and other goverment
  agencies will receive this file in one way or another. Sorry if this cause
  any trouble, but we have our reasons and we are not interested in busting
  invidual members in S.H.A. Thank YOU for your cooperation.
 
  All companys and goverment agencies are welcome to contact us for
  assistance and help with their computer security.
 
  The following persons have been involved in the creation of this 4th
  protocol, and to whom we are gratefull to. Thank you and keep up the
  good work.
 
           Mr Big                          - S.H.A.
           Lixom Bah                       - S.H.A.
           Phearless                       - S.H.A.
           The Chief                       - S.H.A.
           D.O.C.                          - S.H.A.
           Tormentor                       - Guest Writer, Demoralized Youth
           Knight Lightning                - Guest Writer
 
  Note: No handles of members in S.H.A. are public and only those who are
        writers and editors have their handles published in this file,
        since they are already known to the public and the Swedish Police.
 
 
 
                            -----------------------
                            - Voice of the Editor -
                            -----------------------
 
  Yet another year of interesting events has passed away. I can still remember
  how it was one year ago; chaos and disorder, could the 3rd protocol be
  released in time? and so on. Imagine, we have already released 4 annual year
  protocols. 4 years of full documented hacking activity in Sweden by the very
  best hackers ever existed in our country. Let it stay that way.
 
  Our protocols used to be released in January/February each year, but this
  time we have waited to release the material due to a trial against one of
  our members. (we don't want to support the prosecutor with more information,
  do we?). One of the main issues in this protocol will be the trial which was
  held the 8th of January 1992. That should be included in the 5th protocol,
  but we just couldn't wait ONE YEAR to publish it.
 
  Another thing that has happend during the year is the bust of a couple of
  SHA members. The "main" bust was at the 3rd of May 1991, when a small part
  of our group were visiting the Royal Institute of Technology.
  This resulted in some police searches at our houses one month later, and we
  were brought for interrogation.
 
  From a hacking point of view, 1991 has been a successful year of penetrated
  computers, long nights and a lot of new knowledge.
 
  The Swedish Police is currently investigating the organization S.H.A.
  (we have indications that points in that direction. More about this
  later) Because of that, we have to be very careful about what we write in
  this stupid file. We have even thought of cancel this release but has
  finally reached the decicion to continue, and take the consequences.
  We have written it so nothing can be held against anyone in SHA in court,
  (that's why you might find it a little bit odd.)
 
  This whole protocol wasn't written overnight at the end of 1991.
  We have been writing and re-writing it time after time during this year
  until we decided that THIS is what we want to release to the public.
 
  We will try to cover everything from real system hacking news to intervjues
  with some of the virus creators in Sweden.
 
  A major drawback for SHA was in the summer 1991 when the Swedish police
  raided one of our members place and confiscated his computer system which
  where hosting one of our bulletin boards we where running.
 
    Tragic but not a disaster.
 
 
  Atlast, I would like to say:
 
   - All events and people in this file are all fiction and creation of our
     fantasies and any matching with real people and events are only
     coinsident as any other story or fiction.
 
  But I'm sorry that I can't. All stuff are true and all events have taken
  place. Anyway, nothing in this file can be tied to any invidual members
  of S.H.A. and S.H.A. as an organization can not be blamed for actions taken
  by invidual members of S.H.A.
 
  This protocol are also distributed as a paper magazine in about 5000 copies.
  So if the goverment are trying to seize our equipment used for the
  production of this protocol, they are violating federal laws about press
  freedom and freedom of speech.
 
 
  So basically:
 
  - Goverment agencies, you are shit out of luck.
 
  We hope you will enjoy this protocol, and find it interesting.
 
  If you haven't read any of our previous protocols. (1989, 1990 and 1991)
  I suggest you try to get hold of some copies. The same goes for our other
  releases about Hacking, Phreaking and Carding.
 
 
 
 
                       ----------------------------------
                       - Voice of the members in S.H.A. -
                       ----------------------------------
 
  Here have the members in S.H.A. their "freedom of speech". They can write
  anonymously or by their handles, it is up to them. But I guess they will
  write anonymously. Who can blame them? <grin>
                                                        /Ed
 
 
  --> Written by a anonymous member who do not want to be busted
 
  Another year has passed with great hacking events. Many new computer systems
  and operating systems have been penetrated. One slight drawback has been the
  interest the police is giving S.H.A., but lucky as some people are,
  (read me), they are not near of knowing all the people in S.H.A. and has
  only those that are already known. Mouhaha, what suckers, they can't even
  put two and two together. Anyway, maybe the luck will change, but until then
  I will continue to make progress in the hacking field of experience.
  I have even discovered that VMS is a great OS and not as secured as Digital
  Equipment are trying to tell every one. And one neat feature with VMS is
  that many goverment and military computers are running under VMS since it
  is secured!!  Mouhaha... they should know better. Anyway, I hope that you
  hackers out there also have had a very good year. See ya on IRC.
 
 
 
  --> Written by a anonymous member who do not want to be busted
 
  I would just like to say this to the persons who are currently involved
  in monitoring us and documenting our lives.
 
    - Fuck with us and we will fuck with all the computers we can find, and
      we will create total chaos and disorder.
 
  This is not a threat, would I make threats? no, I just make promisses.
  Anyway, I hope that you hackers out there reading this protocol will have
  a great year without interference from goverment agencies. FUCK THEM!
 
 
 
  --> Written by a anonymous member who do not want to be busted
 
  I can still remember those warm days in May when I spent most of my time
  on IRC, day and nights. I can remember the days in August as if it was
  yesterday. Breaking into system after system, and roaming around on the
  internet.
 
  NASA was an easy target and some of their computers were successfully
  penetrated and NASA Security began to scream.
 
  Security? What a joke! It almost seems that no one out there have learned
  enough to secure their system. I adore SunOS since new holes are found
  every day, mouhahaha. Many system operators are stupid and don't know how
  to handle a system to secure it. They do almost every mistake a system
  operator can do, from having accounts without password to standard accounts.
  Are only hackers reading DDN bulletins and CERT bug reports?
  Sometimes I wonder. Gee, I've even found systems that have security holes
  that was exploited back in 1986. Jesus! What are they thinking? Well, if
  they are that stupied, they have to face the consequences. BTW, try they
  following for testing the security: "rm /* -rf" If they have configured
  the system incorrectly a catastophy would be the result. <grin>
 
 
 
  --> Written by a anonymous member who do not want to be busted
 
                 1991 - The year that passed without notice
 
      				A Personal View
 
  If you were to place 1991 in the scale of Hacking events, it must come last.
  Last year was one of the most dull years for me. I compare it with the year
  1990, and find that the first months of 1991 were pretty good, and then
  everything went down the drain. No news, no new hackers, nothing interesting
  happened. Then we had the internal divergent opinions that led to one thing
  or another which you might already know. But still nothing new in the
  hacking field.
 
  I'm not sure what I'm supposed to write in this, the 4th S.H.A. Protocol,
  but I'll try to make it somewhat filled with different opinions, views or
  whatever I can come up with. Because it hasn't been a very productive year
  for me in the hacking scene, I don't have very much to write about.
 
  I feel there's enough textfiles about hacking and phreaking today, and too
  many "new" groups who copy old material and release it as new. The old and
  known groups, like Phrack and NIA are good enough for me. Also, these "new"
  groups seem to be semi-eLiTe groups (recognized by the 'z's and the "k00l"
  and "warez" words mixed with the old "new" material.)
 
  No, let's support the old and  known groups, and tell these "new" ones to
  stick to their warezz trading unless they're NOT eLiTe d00dzz, if so,
  support them!  Well, that's about if from me.  Not very interesting, I know,
  but it's what I could come up with today. I know this 4th protocol will be
  great, and I greet everyone working with/for it.
 
 
 
  --> Written by a anonymous member who do not want to be busted
 
  As said in the introduction and by the editor, this year has been a
  successful one with new experience and new knowledge. Some tragic events
  took place in the summer of 1991 when some SHA members were busted in
  Stockholm, Sweden. The police is still investigating the organization
  S.H.A., and therefore we have decided to exclude details which might be
  held against us in court. After an eventually trial, all information will
  be released. We promise. We have kept detailed log-books, date by date, so
  there will be a hell of a release after an eventually trial. We have also
  thought of writing a book, but that's just one of our 1000 projects...
 
  New computer security systems has been a real challenge, and every system
  has its weaknesses. The only way of getting a secure system is to chop the
  Ethernet cable, but who wants to do that? They have to live with unsecure
  systems as long as the S.H.A. is alive on the nets..
 
  The newspapers have gone mad, and write everything except the truth about
  hacking (read SHA). What they need is a lesson of professional journalism.
  Just lucky they haven't recieved the police report yet. (where they state
  that we, SHA, have broken into NASA). If the newspapers starts to write
  about that, I bet they will missunderstand it and say that we were about to
  start the World War III with help of weather satellites and so on...
  (which isn't THAT far from the truth :-))
 
  I feel that I have to throw some dirt at the Swedish Police Department.
  Three of the most incompetent investigators when it's about computer fraud
  are currently investigating and interrogating innocent citizens (read SHA).
  A big fuck should go to S.K. who writes police reports from his fantasy.
  If you listen to the tape and write what we say at the interrogations, and
  stop writing fantasy stories in the reports, you wouldn't have a chance to
  convince the prosecutor that you 'needed' search warrants to raid our
  places. FUCK YOU.
 
  The last report from you that I read was a big nasty bestseller.
  When I crosschecked it with the interrogated person, it showed up to be
  50% fiction and creations from your mind. But I guess you are not alone
  to be so rotten in the Swedish Police Department.
 
  (I guess I will regret this at the next interrogation, but it's worth it.)
 
  Enough with bullshit from me, I'll leave the rest of this protocol to you.
 
 
 
  --> Written by a anonymous member who do not want to be busted
 
  Hello again folks. Another year has passed, and there's been happening a
  shit load of things I tell you. What we see now, officially, is computer
  systems are getting harder and harder to penetrate...  that's true, but is
  it impossible now??  Hahaha... I wouldn't think so if I were you.
  I would like to compare the new security routines like this; a burglar is
  loose in a town, but he only breaks in to yellow houses. And what does the
  police do to stop him? The smartest way? (i.e. try to catch the criminal)?
  no... they paint all the houses in the town in some other color than
  yellow... with known results, the burglar chooses houses with another color,
  and this goes on and on...
  I find it Quite funny to watch system managers "improve" their systems...
  and you're still on it... After the so-called improvements. Some system
  managers try so hard, that you almost feel pity for them when it really
  hasn't improved their security, after several attempts.
 
  Ok, let's stop it here and see what types of system managers there are out
  there on those nets...
 
 
  * "The Toughie"
    Hehe, this is a real baddie. He'll do anything to kick you off the system.
    It's been cases when he has kicked out the wrong users.. (how we laughed!)
    And other times when he kicks you off and off, but you always manage to
    come back. You can't "trust" this guy, he'll feed you to the lions as soon
    as he gets your ass booked. You'll probably face 3 extra years in jail if
    this person is the attorney in your trial.
 
  * "The Blind Man"
    This is the, without doubts, the most common system manager. You can use
    all the computers on his whole net without him noticing... and matching
    passwords in 20 background jobs? No problem, just execute them and logout!
    Login again, and have your 20 result files served to you on a silver
    plate. And the poor bastard will never know they even existed.
 
  * "The Smartass"
    He can easily be mistaken for "The Blind Man", but you can try to find it
    out by uploading some real scary-ass files about you're going to ruin
    their whole fucking network, and keep it in you own directory, only
    readable for your user. If you're kicked off the system short after that,
    it wasn't "The Blind Man", it was this guy. But don't fool yourself...
    even if you have a detailed file on how you're going to d-d-destroy their
    system, and you still don't get kicked out... He might take the chance of
    risking to restore the system, just to have your ass where he wants it.
    (In court...)
 
  * "Mr Panic"
    Hey, this guy is quite familiar too. He's the one who tells the media,
    the military, the local computer squad, the cops.. everything he can think
    of, just as soon as he detects you. He don't risk ANYTHING... He's
    possessed with the manic thought that HE let a 11 year old HACKER into HIS
    system!! (his safe, safe, hypersafe system!)
    Nooo.. it will never happen!! HAHA... Poor man...
      The "Mr Panic" reaction is also usual when the system authorities is a
    quite big group of people... they usually come to the conclusion that
    WE WANT A CLEAN SYSTEM! haha... well they can give it a try atleast.
    This "Mr  Panic" person seem to be quite rare in the other countries than
    Sweden, but There he/they are very common.
 
  Ok, now you should have a quite bright picture of what kind of system
  managers you might find out there... A very rare, almost diseased kind of
  system manager is though "Mr Nice Guy"... The only sysmgr you can trust
  really. What happens when he discovers you on his system is that he watches
  you for a while, and when he notice you're a "nice" kind hacker (well you
  are nice, aren't you?!! :) ). He'll either try to talk to you or just email
  you if that doesn't succeed. He will not try to get your ass in jail, just
  know what you were up to on his system. If you get him to "like" you (if
  now a sysmgr can like a hacker) you might even be given an account, to use
  for "friendly" activity (i.e. no matching jobs, only programming/storage for
  example...). But the chance that you will find a sysmgr like this is about
  1 to 2000 I'd guess...
 
  No goddamn it... read this fourth protocol from us in S.H.A. Special
  greetings to S. K.; you're a nice guy deep inside, we know it, just try to
  show it Once atleast.
 
  Signing off in early 1992,
 
                        Anonymous user
 
 
  --> Written by a anonymous member who do not want to be busted
 
  Yeah! Another year! Another hacking season! What can I say? It has been
  a great year for all of us (almost anyway). So, what have happend under
  1991? Well, alot of things that will be covered in this file, but for me
  personally, I just have had some problems with the Telecom who thinks that
  I ought to pay them $10.000 for phonecalls. Well, I think they can forgett
  that. Which (normal?) person would call for that amount under a period of
  three months? Well, I hope it get to court and then they will loose since
  they judge will see how impossible it is, I mean, I would have to be
  connected many hours every day to the States to reach that amount. Well, I
  don't complain since I havn't been busted yet, but who knows.  Ohh.. just
  one more thing.. Greetings to all hackers and specially those in S.H.A.
  Have fun and take it easy. It is a dangerous world we are living in.
 
 
 
                           ---------------------------
                           - Inside story from Court -
                           ---------------------------
 
  One of our members have stand trial in a carding case. This guy was BRUTALY
  busted in October 1990 when he was about to lay his hands on computer
  equipment worth over $50000. The police raided the place, cuffed him and
  threw him into a car and drove straight into the Police HQ in Stockholm,
  where he spent 46 hours in an isolated cell. He wasn't even allowed to make
  any phonecalls. That's brutal. (and probably against the law).
 
  While he was doing nothing in his cell, the police searched his house twice.
  Imagine his room before and after a search by the Federal Police. Right.
  Not a single thing was left. Everything was taken as 'evidence' in one way
  or another. After several interrogations with both the Federal Police and
  the Swedish Special Branch (Sweden's Secret Service) he was released.
 
  He was busted the 23rd of October 1990, and was released from federal
  custody the 25th of October 1990. Over a year has gone, without really
  knowing IF, or WHEN the trial would be held. Jail or not?
  It's trial of your mental health.
 
  It took the swedish police 1 year and 2 months to clear the mess up, and
  our member was fully cooperating with them. The magic date was set to the
  8th of January 1992. The trial. He was prosecuted for:
 
       Felony creditcard fraud, $100.000
       Forgery.
       Illegal possesion of guns.
 
  Sitting inside that courtroom with 2 attorneys, an idiot as prosecutor,
  and a couple of lawyers wasn't as fun as he thought it would be.
  What's worse then a non understanding prosecutor that just want to nail
  you as hard as he can, and can't realize the facts. But he was a straight
  businessman. The attorneys and he made a deal, and the SHA member got away
  with a 2 year conditional sentence, and a $600 fine.
 
  We in S.H.A. has released a detailed textfile about the bust. Get a copy
  if you want to read more about it. It's VERY detailed. It even includes what
  he had for breakfast in his cell..
 
 
 
                              --------------------
                              - New S.H.A. board -
                              --------------------
 
  A new S.H.A. board has opened in Sweden with the name Project Athena at
  number +46-8-LEGEND  (Sorry:  No phone numbers listed in public version.)
 
  Inquires about the new board can be addressed to us through our mail
  address listed later in this file under "How to contact S.H.A.". Be sure to
  include a return address and board number where we can reach you or your
  voice number.
 
  Government agencies are also welcome to request access to our boards
  worldwide, and will receive access after complete checking from our side.
 
 
           Our current Headsites and distribution sites are as follow:
 
       Project Athena       S.H.A. World Headsite        (+46)  ########
       Interpol II          S.H.A. World Headsite        (+46)  NEW-NUMBER
 
             (No phonenumbers are published in the public edition)
 
       Note: Interpol II has changed phonenumber due to much publicity
             from the police and the Special Branch.
 
 
 
                       ---------------------------------
                       - Royal Institute Of Technology -
                       ---------------------------------
 
  One quiet evening in early May 1991, some persons were sitting peacefully in
  a terminal-room at the Royal Institute of Technology. Suddenly the door was
  kicked in and 8 cops and 2 system operators rushed in. Charges for
  trespassing and illegal attempts/access to a computer system was pressed
  against them.
 
  The police is still investigating this case, and therefor we can't give
  you any nasty details about what happend and why they were charged.
  But a story that have circulated in some major newspapers in sweden is:
 
  "A night in May, 5 hackers were busted when they physically visited a
  terminal room at the Royal Institute of Technology (Numerical Analysis
  Department). The youngsters were not students of the University, but they
  used the terminals to enter other computer systems/networks all around
  the globe."
 
  That is the OFFICIAL story that circulates in the press, and does not
  neccecary mean that it is really what happend. All of the arrested persons
  denies that they did any illegal that evening in the room.
 
  A more detailed report about what happend will be released after an
  eventually trial.
 
 
 
                           -------------------------
                           - S.H.A. Member busted -
                           -------------------------
 
  I suddenly woke up one morning by the noise of my doorbell. Riing, Riing.
  Who the fuck can it be 09:00 AM? I didn't expect anyone. I tripped on my
  toes towards the door. Riiing, Riing. I looked out through the "door eye".
  Outside my door were three men standing. NO friends of mine. I don't think
  they wanted to sell a vacuum cleaner to me. Almost panic. What were THEY
  doing here? Where they cops? Had they traced my phonecall last night or
  WHAT? I didn't have the time to think about that now. Act fast, or they
  will probably kick my door in.
 
  I got dressed very quickly. Then I threw some clothes in a bag and grabbed
  my laptop computer on the way to the balcony. I closed the balcony door and
  tied it hard with a piece of rope to keep it closed, while I was away. Then
  I looked down. Jesus, would I still be alive if I jumped? Well, just one
  way to find out. I quickly threw the bag out and then I took the laptop on
  my back and jumped. I landed on my knees over my laptop. Any broken bones?
  No. Great! Got up and ran away.
 
  Later that evening I decided to go back home. First I had to hide the laptop
  if the police still would be there, so I had a friend to look after it. When
  I got home, I had prepaired myself to find my apartment upside down. Raided
  by some idiots from the police. I opened the door, and  what did I see?
  None had been inside it since I left it. Strange. (well, not really, we are
  dealing with the SWEDISH police..). Well, so far, so good. I fell asleep.
  It had been a hard and exciting day.
 
  08.00 AM, next morning:
 
  Riing. Riing. The doorbell. SHIT! Rushed up from the bed and looked out
  through the "door eye" just to find my three friends from yesterday standing
  there again. Well, I quickly got dressed. Should I escape, or should I let
  them examine the apartment? They would do it sooner or later anyway. I can't
  hide forever. This time I was prepared. After a couple of second I decided
  to open the door.
 
  The three men outside showed me their Police ID's and one of them asked me;
  "Do you mind if we come in and speak with you". What could I say?
  "Ok, let's sit down and talk in my living room. Can I take a shower first?".
   Sure they said. So I went into my bedroom and switched my computer off.
   Then I went into the bathroom to take a shower and clean myself up.
 
  When I got back, they where in my bedroom and had turned my computer on.
  Just to be greeted with;
 
  SECURITY SYSTEM
 
  Please login:
 
  HA! If they managed to hack THAT, I would recommend them for the Nobel Prize
  of password guessing. Ofcourse they asked me to login. "Sure, can you look
  away while I enter the password?", I said. "No", they said, so I stepped
  back and told them "Well, login yourself then...". They looked puzzled.
  "Why not tell us the password? You can easily change it later.". Did they
  think I was born yesterday? If I told them the password, what would keep
  them from taking my computer and have full access to it? So, I just
  repeated myself and told them to login. They got angry and switched off the
  system, and started to tear the equipment apart. SUCKERS! They didn't know
  how to handle this kind of stuff. "Carefully!!" I said (delicate equipment).
  They didn't listen. I even offered me to carry the stuff to the car. They
  just told me to stay away. They brought me for interrogation that morning.
 
  After I had spent some hours at the swedish police HQ, a guy come and asked;
  "Have you changed your mind? Would you like to login to the computer now?"
  "Nope. I won't. I think you were very rude some hours ago".
 
  Apparently they hadn't managed to force the security system. This was good
  news. I called an attorney which showed up and the whole thing was over
  after some minutes.
 
  I was 'released' at lunchtime. Time to make some important calls to avoid a
  dissaster. (Well, it was a kind of a disaster already, but the damage could
  be limited)
 
 
  Ed's note:
    Later on, we have found out that the University is a real chicken. One
    month after the five hackers were busted at the Royal Institute of
    Technology, they installed Kerberos (security package) on their Unix
    machines. The day after that, they let the police bust this person. I
    guess the university think they have secure machines at the moment, and
    we'll let 'em think so for a while, until we have decided what to do with
    their network. Wipe it or not. (S.H.A. opinium and not nessecary mine)
                                                    / Ed
 
 
  Conclusion:
    At this moment, we reccomend everyone to install atleast some kind of
    security system. S.H.A. is currently developing new software that will
    guaranteed keep the cops out of your computer system.
 
 
 
                    --------------------------------------------
                    - Operation Sun-Devil, by Knight Lightning -
                    --------------------------------------------
 
  On May 7-8, 1990, the United States Secret Service executed its response to
  an investigation that had been two years in the making.  It was Operation
  Sun-Devil and it was designed to take out computer hackers and
  telecommunications hobbyists across the United States, whether by raided
  them directly or scaring them by raiding others.  The Secret Service claimed
  that they were going after criminals, and perhaps they were.  Now almost two
  years later, there have been very few criminal indictments brought, despite
  the raids of 27 homes in 13 cities:
 
     Chicago, IL
     Cincinnati, OH
     Detroit, MI
     Los Angeles, CA
     Miami, FL
     Newark, NJ
     New York City, NY
     Phoenix, AZ
     Pittsburgh,.PA
     Plano, TX
     Richmond, VA
     San Diego, CA
     San Jose, CA
 
  There were a few prosecutions of Sun-Devil defendants made in the State of
  Arizona by state officials and there was a prosecution in Pittsburgh, also
  by state officials.  The first United States government conviction took
  place this past week in San Diego, CA.  The offense -- possession of 15 or
  more calling card numbers, a violation of United States Code, Title 18,
  Section 1029.
 
  A few months ago, a civil liberties group here in the United States called
  Computer Professionals for Social Responsibility (CPSR) filed a request with
  the government for information about Operation Sun-Devil under the Freedom
  of Information Act (FOIA).  The government's response has raised new
  questions about the scope and conduct of the Sun Devil investigation.
 
  The documents disclosed to CPSR reveal that the Secret Service monitored
  communications sent across the Internet. The materials released through the
  FOIA include copies of many electronic newsletters, digests, and Usenet
  groups including:
 
     comp.org.eff.talk
     comp.sys.att
     Computer Underground Digest (alt.society.cu-digest)
     Effector Online
     Legion of Doom Technical Journals
     Phrack Newsletter
     Telecom Digest (comp.dcom.telecom)
 
  Currently, there is no clear policy for the monitoring of network
  communications by law enforcement agents.  A 1982 memorandum prepared for
  the FBI by the Department of Justice indicated that the FBI would consider
  monitoring on a case by case basis.  That document was released as a result
  of a separate CPSR lawsuit against the FBI.
 
  Additionally, CPSR has found papers that show Bell Labs in New Jersey passed
  copies of Telecom Digest to the Secret Service.
 
  The material (approximately 2500 pages) also suggests that the Secret
  Service's seizure of computer bulletin boards and other systems during
  Operation Sun Devil may have violated the Electronic Communications Privacy
  Act of 1986 and the Privacy Protection Act of 1980.
 
  Two sets of logs from a computer bulletin board in Virginia show that the
  Secret Service obtained messages in the Spring of 1989 by use of the system
  administrator's account.  It is unclear how the Secret Service obtained
  system administrator access.  It is possible that the Secret Service
  accessed this system without authorization.  The more likely explanation is
  that the agency obtained the cooperation of the system administrator.
  Another possibility is that this may have been a bulletin board set up by
  the Secret Service for a sting operation.  Such a bulletin board was
  established for an undercover investigation involving pedophiles.
 
  The documents we received also include references to the video taping of
  SummerCon, a computer hackers conference that took place in St. Louis in
  1988.  The Secret Service employed an informant who posed as a hacker to
  attend the conference and placed hidden cameras to tape the participants.
  The documents also show that the Secret Service established a computer
  database to keep track of suspected computer hackers.  This database
  contains records of names, aliases, addresses, phone numbers, known
  associates, a list of activities, and various articles associated with each
  individual.
 
  CPSR is continuing its efforts to obtain government documentation concerning
  computer crime investigations conducted by the Secret Service.
  These efforts include the litigation of several FOIA lawsuits and attempts
  to locate individuals targeted by federal agencies in the course of such
  investigations.
 
 
 
 
                         ------------------------------
                         - Cray II Attacked by S.H.A. -
                         ------------------------------
 
  In February 1991 the S.H.A. gained access to a Cray II connected to a
  NASA network through a major security flaw.
 
  - Since we hacked a rather closed network, there were no problems to gain
    access to the supercomputers. We found some interesting info on the Crays,
    (well, rather it's front-ends) but we had most benefits of its processor
    speed. Some weeks later they discovered the hack, and closed down the
    shop. The supercomputer was re-hacked in Novermber/December 1991, and at
    this time we have installed backdoors for future use.
 
    Unfortunately as with all of this information, we can't give you any
    details. If we did that, it would be used against us in court. But if
    you thinks it's interesting, take contact with us at Project Athena, or
    at any other board. You can even find us at IRC. (which is monitored to
    the limit..)
 
 
 
             ------------------------------------------------------
             - Milnet and Government computers attacked by S.H.A. -
             ------------------------------------------------------
 
  Many computers on the DDN (milnet) have been visited by members from S.H.A.
 
  No details about the attacks made by members of S.H.A. are discussed in
  the public version of this 4th Annual Protocol.
 
  - Among the computers that where successfully penetrated, we can mention
    one computer belonging to US Navy in Italy. Since the lack of security
    we could easily gain root access to a Laboratory computer with
    research material and other US Military stuff. The computer where also
    trusted to other computers, so we could easily go further from there.
    Even since the system lacked some real security it where no "fire wall"
    as we first thought when we struck the computer.
 
 
  S.H.A. also gained access to an Aerospace research network with a dozen
  of trusted computers connected. Also connected to the research network was
  three supercomputers in the CRAY series.
 
  - We got almost 90% of all accounts on this network. It almost seemed to
    be public stuff, even if they did some research for US Air Force. It where
    no classified research, as far as we could tell.
 
 
  One of the worst security vulnerabilities I have ever seen in my whole
  hacker career was found at a US Navy Network. We could easily, without any
  trouble, gain access to several dozens of US Navy military computers
  stationed at places such as Norfolk, San Diego, Jacksonville, Washington,
  Pensacola, Cherry Point, Alameda, Pearl Harbor, Italy, Japan, Spain,
  Phillipines, Guam. Rather interesting information was found on these
  computers.
 
  A VAX/VMS network at the Argonne National Laboratory isn't more secure then
  my refridgerator. SYSTEM access could be hacked within seconds.
 
  The same goes for the Defence Logistic Agency in the US. Shame on you.
 
 
  Totaly eightyfour US Goverment computers on eleven networks where
  successfully penetrated by members of S.H.A. and root access where gained
  to a dozen of them in the year of 1991.
 
 
 
                      -----------------------------------
                      - Guidelines for System Operators -
                      -----------------------------------
 
  It was after I came in contact with a system operator at Uppsala University,
  that I got totaly hysteric. How stupid could one get?
 
  Let's take it from the beginning..
  We, a couple of hackers, used the university's machines. The operators
  didn't even notice us when we were active. One night we contacted the
  operator that was currently logged in, and told him what we were up to.
  He didn't like our existens, and tried to threw us out. Ofcourse he didn't
  manage that. (Even due to the fact that they deactivated nearly every damn
  account at the Computer Science Department). A week later, one of the places
  we routed our Internet traffic through was disconnected from the network.
  Tragic but not a disaster.
 
  Why do we tell you this bullshit? Well. First of all. WE DON'T like this
  system operator's attitude. Instead of asking us how we got into their net,
  (and will always do), he threw us out, as if we where some kind of morons
  that would destroy everything we touched.
 
  THIS is the problem out there. System Operators trying to throw out the
  hackers and starts sceaming after the FBI as soon they see any mysterious
  activity in the log files. He MUST have realised that we would be back after
  some minutes.. but why did he do that?
 
     You better ask him yourself:   bjorn@oslo.docs.uu.se
 
 
  Some guidelines for system operators:
 
  -   Do not scream after the police when you have discovered a hacker in
      your system. (unless you see him destroy information)
      Most hackers are friendly creatures which will move to another system
      when you have noticed them that YOU know what they are up to.
      If the hackers won't move from the system, threats don't lead anywhere.
      (most hackers are able to wipe your whole network if he whished to, and
      will do if you starts to threathen him with the FBI and so on.)
      Insted we suggest you make a deal with them. Offer them a legal account
      on the system. In return you want them to fix all security bugs etc.
      and leave a report to you.
 
      The FSF project at MIT is an excellent example. They had guest accounts
      on their machines, and was overloaded with hackers from all over the
      world. A lot of hackers, including S.H.A. had root access on their
      machines. Did they go down? Nope. why?
      If you can get root access on a machine, you often has experience, and
      realises that damaging the system won't do any good. It's just a waste
      of time. Almost everything will be re-installed with backups etc.
      MIT was aware of the high percent hackers on their machines, but didn't
      want to argue. Maybe they realise what the whole thing is about.
 
 
  -   Don't play the role as god. You will ALWAYS be an easy target.
 
 
 
                        ---------------------------------
                        - FSF/MIT Closing down the shop -
                        ---------------------------------
 
  One day in April 1991 the Massachusetts Institute of Technology got visited
  by some guys from the FBI. The guest accounts at the FSF machines had been
  used for over a year to break into computers worldwide, and especially
  systems linked to the MILNet (DDN). Another day in the same month, same
  year, the guest accounts at the FSF machines had been removed.  The official
  explanation was that the drives were the guest accounts were stored had
  crashed.
 
  The year before, in 1990, a letter was sent between the system operators:
 
  -----------------------------------------------------------------------------
  From: tower@ai.mit.edu (Leonard H. Tower Jr.)
  Date: Thu, 30 Aug 90 18:06:26 EDT
  To: rms, gjs, hal, bob
  Subject: MIT is getting concerned about crackers on the FSF machines
 
 
    (I'll leave it to one of you to decide what to tell our programmers
    and employees about all this. I see no reason to start a lot of
    not very productive discussion on fsf-hq.)
 
  Jeff Schiller (bob: Jeff works for MIT's Network group and is well
  connected) just called me to discuss the crackers on the FSF machines
  using the password-less guest account and the rms/rms account.
 
  He and Jim Bruce (bob: he's ~VP for computing at MIT) are having a
  meeting with the FBI at 6pm today. The FBI is involved because the
  crackers are `attacking' MILnet hosts.
 
  I told jis that that's really MILNET's problem, and they might
  consider finally turning the mailbridges on for real.
 
  I told jis that most of the guest users were using the FSF machines
  for useful activities and not cracking.
 
  I advised jis that FSF was monitoring the activity and reasoning with
  crackers as FSF found them. (Not having talked with rms or cutter
  lately, I don't know how successful that's been. But it appears there
  are still more crackers needing conversion.)
 
  He was sympathetic to rms' feeling about guest accounts and letting
  FSF use it machines as it wishes, but was also concerned about MIT
  position and response on this.
 
  He mentioned that disconnecting FSF from the Internet was not yet
  being considered. (Translation of jis-speak: `MIT' might have to
  disconnect FSF to solve this problem).
 
  He mentioned that the FBI wanted to monitor the incoming calls to
  terminus, but that wasn't feasible with the way that MIT connected
  with NE Telephone. He also mentioned that this interface could be
  changed to make such monitoring possible.
 
  I suggested he talk further with rms and gjs about it.
 
  I'm available for consultation or a board meeting. Call home ###-####
  and work ###-####, my schedule is weird.
 
  Providing access to randoms is peripheral to FSF's goals. I'm not
  sure how much time and effort we should expend on this. Perhaps we
  should provide a guest machine that doesn't allow outgoing network
  service with the exception of mail and ftp (not trivial to do).
 
  -len
  -----------------------------------------------------------------------------
 
 
  The FBI was already involved in this affair in August 1990, and the result
  was that MIT had to throw out all guests from the FSF machines and blamed
  the action on "the drives has crashed".
 
  Crashed? Hardly..  Some months later, in the fall 1991 we could read about
  some dutch hackers that had hacked several military installations including
  some Pentagon systems. I know there were alot of dutch hackers at the FSF-
  machines.  Take a look at this article:
 
 
  "(IDG NEWS) Dutch hackers broke into Pentagons computer system at atleast
  34 occations during April and May this year (1991). At some occations the
  dutch hackers changed and copied data, related to military operations in
  the Gulf War. This was confirmed by Jack Brock at the General Accounting
  Office (GAO) during a hering in the senate last week. (sometime in the fall
  1991). The dutch hackers managed to get access to some sensitive information
  concerning troop movements, technical data about certain weaponsystems,
  according to what the GAO chief stated under the hering. The hackers broke
  into Pentagons computer system via the international INTERNET network."
 
 
  Was it because FSFs machines had been used to hack Pentagon that FBI closed
  them down? MIT & FBI had alot of hackers under control on those machines.
  Closing down the guest machines resulted in that hackers routed their
  traffic thru other systems. And FBI lost control of them.
 
 
 
                           -------------------------
                           - Short World Wide news -
                           -------------------------
 
  Worldwide news. Where to start? We could mention the little bastard
  in Israel who claims he has hacked the Pentagon. True or not?
  Pentagon hasn't confirmed it, but we believe he has done it.
  The Israelian newspaper Yedhiot Ahronot told the world that this guy
  had hacked pentagon and some US Army hosts in the US. He had been able
  to read top secret information about the Patriot missile during the war,
  It's not sure if the 18 year old student will be prosecuted.
 
 
  Two israelian professors has released a Cryptanalysis of the Full 16-round
  DES. Very interesting reading.  Now NSA can flush themselves down the toilet.
  The document is referred as Technical Report #708 at Technion in Israel.
 
 
  Two dutch hackers has been busted. (THAT's something. The law in the
  Netherlands does not forbid hacking. You can only be prosecuted if you have
  destroyed anything in the system you have hacked.). These guys were
  prosecuted because they tried to cover their tracks by modify the
  systemlogs. If they hadn't messed up with the logs, they hadn't been busted.
  (That's from what I've heard)
 
 
  Some hackers in the United Kingdom (UK) has been busted. The english police
  had recorded all DATA and VOICE traffic from/to the hacker's residence. All
  material will be used as evidence in a trial. Tough luck..
  More info on this comming up during the year in releases from the S.H.A.
 
 
 
 
                                ---------------
                                - Blue Boxing -
                                ---------------
 
  Blue Boxing has finaly reached Sweden this summer. It all started with
  a Blue Boxing program for the Amiga where released, that gave every computer
  geek the oppertunity to Blue Box. There are even losers who dosen't have
  a modem, that are Blue Boxing to other countries through toll-free numbers
  and back to Sweden for free long distance calls. They don't even know how
  Blue Boxing works, or why?
 
  Hopefully, the Swedish Telecom will start to investigate these frauds,
  and it will result in a new dimension in computer busts... and the geeks
  will regret their stupidity when they get billed for all their calls and
  when the SWAT team kicks down their door.
 
  That is what we wish, but we thinks that the Swedish Telecom dosen't bother
  since they are not loosing money on this, since their customers have to
  pay for the calls. But if to many customers complain, maybe, the Swedish
  Telecom might get intrerested in busting these clowns. And all this might
  result in that the police dosen't have the time to investigate our little
  $100.000 credit card fraud and our so called illegal entering into computer
  systems world wide.
 
 
  Just a little note:
 
    Since Blue Boxing have been around in the States for about two decades,
    I suggest that you don't think that the Swedish Telco are geeks...
    Since they are in cooperation with AT&T and other phonecompanies
    worldwide, they should know to put two and two together about this shit.
 
    And we all know what the Swedish Telco feels about losing THEIR money,
    don't we?
 
 
 
                                -----------------
                                - Carding today -
                                -----------------
 
  Where is carding today? Is it still easy to card in Sweden? Well, let me
  say this;  When the first real carding case in Sweden, May 1990, where
  discovered and a group of young computer geeks where busted, the press
  started to write about the case and told every one how they could do it.
  The press even told every one how you could get creditcards, and a S.H.A.
  board was pointed out to be one of the main sources for illegal information.
  The computer geeks also said that they got their information from a S.H.A.
  board in the interrogation with the police. The press stated how bad
  security the creditcard companys had and how easy it was to order on
  someones elses creditcard. Both VISA and Mastercard went public to the press
  and hold a communication and said that they would have changed their
  routines within two years so it would be impossible to order on peoples
  creditcards. They would change their routines for how new creditcards where
  calculated and no carbon copies would be included in the billing notes.
  A year ago they hadn't changed their routines and one of our members got
  busted for carding for about $100.000.  Today, nothing have changed and
  computer clowns are still carding from USA and Europe. VISA and MasterCard
  are loosing big money on this. We have many possitive indications of how
  big the business for carding is here in Sweden and someone have mentioned
  that computer geeks are carding for about $100.000 to $1.000.000.
  And that the telecom companys are loosing something between $1.000.000 to
  $10.000.000 every year on computer geeks who are using calling cards or
  on phreaking. And this for Sweden only!
 
 
 
 
                ------------------------------------------------
                 - S.H.A's rules and advices for other hackers -
                ------------------------------------------------
 
  This is what we think you out there should follow when breaking every
  computer related law your country may or may not have...
 
    -  Never confirm or deny anything. It is up to others to prove that
       you've done something.
 
    -  Never destroy or change information on systems that you have access
       to. It gives you a bad reputation.
 
    -  Do not confirm names of members in your group nor the number of them,
       since you shouldn't help the police in any way at all.
 
    -  Do not spread accounts to people outside your own group, and keep
       such things within your group only.
 
    -  Do not install backdoors on systems you have secured, and don't abuse
       systems, like using them for illegal access to other computers.
 
  Now... back to reality. The S.H.A. does not have a policy really, concerning
  how we should be doing things, nor forbid our members to do anything they
  feel like. The group S.H.A. is really formed to keep up the information flow
  in a higher tempo than usual in our business, and of course, you feel safer
  when you got some people you can trust, ask, or supply with information.
  So, there are no rules for S.H.A., we do as we like. I.e. :
 
    - Never crash systems
      [Exception: Unless the operator running it threw the cops on you, if so,
       fuck it up as much as possible]
 
    - Never trade accounts
      [Exception: Unless you're getting more for your account than the other
       part is.
       [Exception2: There are always exceptions]]
 
    - Never go to the press
      [Exception: Unless you'll make loads of $$ on the deal]
 
    - Don't sell your "stolen" information
      [Exception: Unless you're payed well, and will stay alive after the
       next money/information exchange.
       [Exception2: No risk no fun]]
 
    - Obey given rules
      [Exception: If they suck, make your own rules]
 
  Call it computer anarchy, we call it computer freedom. The rules follow a
  single red line; If you get treated nice, be nice back. If they fuck you,
  put a bullet in their head.
 
 
 
 
                      -----------------------------------
                      - Demoralized Youth, by Tormentor -
                      -----------------------------------
 
  Tormentor, an young anarchist causing chaos and disorder with short program
  routines. One of his first viruses, called Tormentor -d, was one of the most
  debated ones in the fall 1991. I've got no idea how many computers his
  viruses has infected and crashed. I have no guess of how much the value of
  the crashed programs is. I just know one thing - he's a pain in the ass for
  most of the people, so therefor we have asked him to write for this 4th
  protocol. We have asked him to write about the current virus scenario in
  Sweden and about the future and about his projects.
                                                        /Ed
 
 
 
 
                        Demoralized Youth, by Tormentor
 
  This the story about the virus-spreading in Sweden.
  The virus spreading in Sweden have been very rare, not to say the virus
  writing! There where only ONE virus written in Sweden untill the end of 1991
  and that was a Boot-sector-virus which isn't too hard to make. But this has
  not kept some moral-chake-spreading people to call themselves
  'Virus-Researches' and building up a echo-net and start a company called
  Virus-Help-Center. This was rather strange to me since I've never heard
  about someone who had been 'attacked' by a virus. (NOW I have heard of a
  couple..) Before the end of 1991, no Swedish BBS had to be afraid of beeing
  infected by virus. Then in November, something happend..
 
  Now to the story...
 
  I can just tell the story from my point of view, and if someone out there in
  Sweden may think:'Well wasn't I a part in this?', contact me for appologize.
 
  Well it started in late August 1991. I was looking for virus on almost all
  boards (I even asked for it on Vir_NET). Then - WOAH!
  I had received mail from another guy on a Elite-board! And he had virus..
  It was the guy that would change his handle a number of times in the future,
  but now he calls himself HiTMAN, and here is what the letter was saying:
 
  	'Hey, Yez, I have a couple of virus... maybe wanna exchange?'
 
  My hands was sweating, I had meet a sympathizer! We made contact and
  exchanged virus (before that I just had the 1701-virus) and it was then all
  started. In the same week, I made contact with WiPER, also a Great
  sympathizer. And after some week of debugging and testing, he contact me
  again. Now he had found some 13-years old kid that was leeching virus from
  Bulgaria, And this kid was a real virus-collector! We got about a hundred
  virus from him and Puh!
  This was too much. After that, WiPER started a virus-area on his board, and
  the ball was rolling...
 
  Then, a couple of weeks later, I started to write virus. But since I was
  quite new on this, I didn't start from scratch. No, I modified an old virus
  called 'Murphy'. When I got the first version ready, I was starting to
  spread it like a maniac all over Gothenburgs PD-BBSes.
 
  Now afterwards, I regret some misstakes I did:
 
  * It was just Scan that didn't found it.
  * It was some bugs in it ( the dates where garbled )
  * AND IT DIDN'T CONTAIN ANY DESTRUCTIVE MECHANISM!!!!
 
  I fixed it and started to spread it again. Some weeks later, HiTMAN called
  me up and gave me some clips from fido_net. And the geeks where talking
  about my virus!! This was not expected, and when I read it, I thougt:
  'Gee, fun!' And we started to spread it like hell. And the following weeks
  was a fight: They posted a scan-strain, I changed the virus to avoid that
  strain and so on.
 
  But after they released their 5th killer for The Tormentor-virus (as they
  called it) I got tired (or in fact: There was to much scanstrains
  circulating!) So I let the virus retire with, according to Virus Help
  Center, 400 reported infections. (and X number of HD-Nukes?) Now I study
  other viruses, and tries to write own from scratch. But it's hard, specially
  when there are so much good techniques already used (Dark Avenger is one of
  the lead-inventors!)
 
  The virusboards.
 
  Yes, what's the scene in Sweden for the moment? Well, WiPERS virusboard is
  down, but a couple of other is started. WiPER was the first, but I have
  heard about a S.H.A site that had a virusarea before him. (but not public!)
  Then I think iNNER CiRCLE was next to start a board, and after that
  'The Smell of Fear' and 'The Home of The Pirates' started virus-conferances.
  But even if there is a couple of virusboards in Sweden, the activity is not
  so huge, or, we are just too few that working on it. So I hope that will
  change, it's a scary thought that we are so few destructive minds in Sweden.
  We also have contacts with several other VirBoards abroad in Bulgaria,
  Finland, England and USA to name a few. We also have contact with virus
  writers abroad (Like Charlie in Norway). And if you wanna join us, contact
  any virboard in Sweden.
 
  The Future.
 
  Well for the moment I have many projects on. I've working on an own virus
  that puts the virus-code in the middle of files (thanx DAv for the tip!) and
  I'm working very hard to make Self-mutating virus. And WiPER and HiTMAN is
  also working on own viruses (and who knows if there are other maniacs
  working on virus in Sweden?). Now we (at least I) thinks about starting a
  Virus-Network that connects all virus-writers and distributers.
  Think about it: Every time one releases a virus, the whole world will be
  attacked with it the same night. (That is the dream I'm dreaming every
  night!) Well, I also think we will have some problems in the future, like
  new laws against virus (probably only for spreading, and that will be hard
  to prove!), better security on public-bbs (like phone tracing etc.) and
  Hardwareprotection.
  I also thinks that the virus writing will increase and maybe be as big as
  the demo writing... (but that is just a wish from my sick mind!)
  Then I think the viruses will be a lot more destructive, for example:
 
  * Making small changes in data (like switching numbers)
  * Calling expensive numbers while no-activity.
  * Monitoring the system and saving the changes and keyboard-strokes.
  * Maybe even Call up the author and transfer Data from the victim!
 
  Also, in the future I think we are going to see the death of SCAN-programs,
  not just for the increasing Scan-time, but since the Self-mutating viruses
  has come to stay and they need algorithms to find them. The CRC-programs is
  always a good solution, but since you have to power the system down to use
  it, I don't think all will accept it.. But it's the only solution!
  Well I feel quite proud when I think that we are responsible for the all the
  time-wasting and uncomfortable procedures all lamers have to do, to avoid
  virus (and sometimes it's not enough!).
 
  So contact us, and join the Demoralized Youth!
 
  Remember: It's not illegal to make virus, and who the hell can prove that
  you knew that THAT file had virus?!?!?!?
 
  Epilogue.
  ---------
  Well, just after I finnished this text, we tried to reach Mikael Larsson on
  Swedish Virus Help Center for a comment, but unfortunatly he wasn't home,
  so I had to talk with his 'not-so-smart-in-fact-very-stupid' brother.
  Since he also works at the AntiVirus company I thought he had something to
  say about the future.. I was wrong!
  But he seemed quite interrested in buying unknown viruses, the only problem
  was that he rather bought them from Bulgaria since the people in Bulgaria
  were so poor... (damn humanist!)
  I feel really sorry for those AV-guys, they working full-time to stop the
  virus writing and spreading, but if they would succeed (just a thought!),
  they would lose their jobs! But we have two Anti-virus companys in Sweden,
  maybe the other company is more patriotic and will buy viruses from me...?
 
  Anyhow, now I must go on with my viruses. It has been requested a new
  mutation of Pogue that Scanv86 doesn't recognize. And maybe I work on the
  Trojan called Scanv87, just to be released in 2 weeks...
 
   So that's all from me for the moment, and remember:
 
  SCAN /D = DISASTER!
 
  /TORMENTOR
 
  Demoralized Youth, Sweden
 
 
 
                      -------------------------------------
                      - S.H.A. Official Summer Party 1991 -
                      -------------------------------------
 
  A summer day in July we had a S.H.A. Barbecue party for two days.
  Almost 80% of all members in S.H.A. where present. The party where held at a
  secret address. The place where choosen with care, since we didn't want any
  "non S.H.A." people to show up and cause any trouble.
 
 
  A point of view from a S.H.A. member:
 
  It was sunny and hot as hell, about 35 degrees Celsius. Not a bloody cloud
  in the sky. And as a precaution to not pass out during my trip I decided
  to put on my shorts, Levis' was out of the question.
 
  Great... first I had stand in line for fucking half an hour to get a
  train ticket, just because the ticket bitch was talking on the phone...
 
  I guess, I don't have to mention that the place was NOT air conditioned,
  nor doors or windows were open... Biggest sauna I've ever seen I tell you.
  Finally arriving to the Central Station some hours later, I got picked
  up in a private limousine. (Ehrm.. let's pretend it was a limousine)
  The truth is that some members came to pick me up...
 
  We drove to the secret place where the party where held, and a lot of other
  persons were waiting...
 
  Lots of Coke (Not the one you sniff), chips and food have been bought
  earlier and we started to fix some drinks with big icecubes. We had to
  wait for the sun to settle down, so we could step outside and fix the food.
  Meanwhile we eat chips so that we didn't starve.
 
  Later we sat down and hacked for some hour or two. Mostly we went through
  all our hacks we had done so far that year.
 
  In the middle of the night we wanted some heavy action, so we went out and
  lit a big bomb in the neighbourhood. We almost got blown into pieces...
  (Lixom' wanted to throw the bomb into a neighbour's livingroom. But we
  didn't want to ruin the great party, or wanted to spent the rest of the
  night in federal custody).
 
  Later in the night we watched some movies (yeah even porno) until 5 am in
  the morning then we started to hack again and document some of the party.
 
 
 
    THE S.H.A. BQ TIPS (or: Survive your own cooking)
 
    You'll need:
      * A BQ device
      * One piece of animal flesh per person
      * Lotsa BQ spices, and BQ oil
 
  First you must put some nice pieces of wooden coal into the BQ device,
  pour lightning-fluid all over it, wait some seconds, and then set
  fire to it (taking cover is optional). Soon you'll have the best glowing
  coal you've ever seen in your grill.
 
  Now, just take the steak, and flatten it with something. Perhaps with
  the back of a knife or just your fist.
 
  Then put on all spices, and the oil (lots of oil...) and you,
  remember; spice and oil _both_ sides of the steak.
 
  When the meat now is on the edge from brown, turning black, take a
  knife and cut through it, if it's bloody or too red, let it stay in
  the grill for some more minutes.
 
  Now, if the steak seems good enough to eat, eat it. Serve with
  cremated fries, "potatoe sallad" and not to forget, a Tomatoe.
 
  Now drink Coke with ice cubes swimming around in your glass.
  AND! most important; Eat outdoors!! Why? There's no mosquitos in the
  house.
 
 
 
                    -------------------------------------
                    - Prof of S.H.A. Hacking Activities -
                    -------------------------------------
 
 
  Maybe you think we are just making the whole thing up?
  We will give you some examples of our activities:
 
 
  This /etc/motd was found on a NASA computer we hacked in August 1991.
  Unfortunately they discovered our little breakin' and tightend security, but
  we re-hacked the computer and could read the following;
 
 
                    COMPUTER  SECURITY  WARNING  NOTICE
 WARNING                          WARNING                              WARNING
 *****************************************************************************
 THIS COMPUTER IS OPERATED BY/FOR THE U.S. GOVERNMENT.  UNAUTHORIZED ACCESS TO
 AND/OR USE OF THIS COMPUTER SYSTEM IS A VIOLATION OF LAW AND PUNISHABLE UNDER
 THE PROVISIONS OF 18 USC 1029, 18 USC 1030, AND OTHER APPLICABLE STATUTES.
 *****************************************************************************
 WARNING                          WARNING                              WARNING
 
 =============================================================================
 Security Reminder: DO NOT LEAVE A TERMINAL LOGGED INTO A COMPUTER UNATTENDED!
 =============================================================================
 
 =============================================================================
         Hacker Attack: NASA Security reported that a Swedish Hacker
         gained access to XXXXX on 8/2. We assume all TAB passwd files
         have been compromised and are taking appropriate steps.
 =============================================================================
         A number of hackers are still attempting to penetrate
         various LaRC computers. We are taking appropriate steps.
         Report any suspicious activity to sysop.
 =============================================================================
 
  So if you don't believe us. Call NASA Security and ask what happend at
  NASA Langley Research Center at the 2nd of August 1991.
  (By the way. Ask them what happend in March at the AMES/NAS supercomputer
  network.. one of their CRAYs had some mysterious jobs running, hehe)
 
  The Pentagon has also been successfully penetrated, but we have decided
  NOT to release any information about what we have done there yet. We are
  not finished with the system. Hopefully you can read more about it, in
  a release in June 1992. (If not Pentagon confirms it before, or the
  newspapers starts to write about it..)
 
 
 
 
                            ----------------------
                            - S.H.A. Body Guards -
                            ----------------------
 
  It was an ordinary summerday in July 1991. I was driving home from work as
  I always do. I parked my car just outside the stairway leading to my
  apartment at the 1st floor. I carried up some computer equipment to my flat,
  left it there, and went back to my car to park it propertly.
  When I reached the car, I suddenly saw two men comming out from MY stairway.
  THEY behaved strange. Well, I jumped into the car, and drove 30 metres along
  the street to my parking-lot. I turned right, parked it, and went out from
  the car. Now, the two men who was sitting in their car by this time, turned
  their heads and stared at me as if I was some kind of alien. huh. I didn't
  like this situation.
 
  They seemed to be surprised that I had parked my car and was walking towards
  my apartment again. I grabbed a pen and a piece of paper and took a note of
  their licence plate. Might become useful sometime. (which turned out to be
  right). I was totaly puzzled. 2 men comming out from MY stairway. I hadn't
  seen these guys before (age 35-40). I hadn't even heard them comming from
  the stairs above. No door slammed - NOTHING. Where they waiting for me
  there? Got even more puzzled.
 
  Some days later I had dinner with some other members of the S.H.A. at our
  usual restaurant in Stockholm. We discussed what had happend and we came to
  the conclusion that 'they' maybe wanted to catch up a tail when leaving the
  flat. But why? Why did they want to follow me? Or had they been inside by
  apartment when I arrived?
 
  The evening went on as usual, lots of beer and laughs. But at the end
  of that night, we decided to check the licence number with the public car
  register where all cars are registered. Said and done. We called;
 
  Ring. Ring.
 
  - Welcome to the car register, our business hours are.. bla .. bla..
 
  Damn. An answering machine. The police. Doesn't the police have some
  terminals connected to the car register 24h/day? Ofcourse. We called a local
  police station.
 
  Ring. Ring.
 
  - Solna Police Station, answered a male voice
  - Hello. I wonder if you could check a car licence number for me...
  - Sure. What's the number?
  - NWW 007
  - Hold on. He started to tap on his keyboard, and after a while he said:
    "A Ford Scorpio?"
  - Yeah. A red one. (I guess he was just checking some details..)
  - Why do you want to check this car?, he said.
 
  Uhh. Why does he ask that? They never ask such questions. Better make up a
  lie, fast!.
 
  - Uhm.. I can't move my car since the owner of that car has parked it
    infront of me. Did it sound believable?  Hardly..
 
  - Ok, he laughed. It's a civil car registrered to the Swedish Police Dept.
 
  OUCH! A police car outside my apartment. 2 police men in my stairway.
  Does not sound good at all. Jesus. We almost paniced that night.
  Standing inside that phoneboot that evening getting this information was
  horrible. They could bust us any second now.
 
  We rushed into the car and drove away. In a bag we had several printouts
  from some hacks, large passwordlist to NASA computers, a NOT-TO-BE-RELEASED
  version of this 4th protocol etc. None of us could bring this stuff back
  to our flats. Just one way to solve the problem;
 
  We drove up on the interstate, pulled down the windows and began to tear
  the papers into pieces and threw them out of the window. If the cops managed
  to get this puzzle together, then I would turn my self in and confess.
  I guess we were extremly paranoid that evening..
 
 
  At the 4th of January 1992 we had one of our regular SHA dinners at "our"
  restaurant in Stockholm. We discussed our latest hacks and so on.
 
  I guess we were under surveillance that evening..
  ...some strange things happend.
 
  After we had finished our little neat dinner we moved to the car, and
  drove into Stockholm City were we did nothing. What we didn't knew at
  that time was that a car was following us. We discovered it by pure luck.
  We took a note of the licence plate, and stopped at the nearest phonebooth.
 
  One of us jumped out, rushed to the phone and dialed a local police station.
 
  Ring, Ring.
 
  - Vallingby Police Station, a female voice answered.
  - Hello. I want to check a car licence number.
  - Ok. What's the number?
  - It's MSR 769
 
  She starts to tap on the keyboard, and suddenly she says:
 
  - A 87'?
  - Uhh. I don't really know. It's a blue Ford Sierra.
  - Ahh. Could you hold on for a second.
  - Sure.
 
  She put me on hold.. I waited 30 seconds. I waited one minute. I waited
  1 and 1/2 minute. I waited 2 minutes. Then I threw the phone and started
  running like hell towards the car.
 
  - SHIT! I shouted. Get out of this place. NOW!!
 
  It was like an action movie :-). Shit. Why did she put me on hold?
  She had all the information on her terminal when she asked me if it was
  a 87' model. Huh. Scary.
 
  We drove some blocks away and stopped at another phonebooth. I jumped out
  and dialed another police station..
 
  Ring. Ring.
 
  - Solna Police Station, a male voice answered
  - I want to check a car licence number, NOW! I shouted. I was excited.
  - Ok. Take it easy. What's number?
  - It's MSR 769.
 
  He tapped for some seconds on his keyboard.. and finally he asks:
 
  - A Ford Sierra?
  - Yepp. A blue one.
  - It's registered to the Swedish Police Department
  - Thanks..
 
  Hung up and rushed to the car. Hysteria among the other members..
 
  Huh. The first station I called didn't want to tell me it was a policecar.
  Why did she put me on hold? I guess they were tracing the call, and wanted
  to catch me standing in the phonebooth. But it isn't illegal to check a car
  licence plate... unless they have something to hide or fear.
 
 
 
  What's the conclusion of all this?
 
  a) We have a fanclub
  b) We have a couple of body guards protecting us 24h / day.
  c) The Swedish Police are really idiots following after us.
 
 
 
                         ---------------------------
                         - Investigation of S.H.A. -
                         ---------------------------
 
  The Police are currently investigating S.H.A. and our activities.
 
  We have very strong indications that some of us are under surveillance
  24 hours/day. They are also monitoring our calls, both voice and data.
 
  As a anonymous source said (well connected in the law enforcment);
 
    - The Swedish police computer crime division are currently fully engaged
      in tracking down a hacker group in Stockholm, Sweden.
 
  And we have notice strange behaviour around our houses, with suspicious
  cars and od behaviour of certain people.
 
  We have also strong indications that our houses have been searched when
  we have been away from home. And also some of our accounts on hacker boards
  have been used by other people without our knowledge.
 
  We might be paranoid, but all events taken together proves that we are not!
 
 
 
                               -------------
                               - Back Chat -
                               -------------
 
  Rumours. What's life without them?  A LOT BETTER!
 
  Anyway, here are some rumours we have picked up.
 
  Some months ago a rumor was floating around in the 'elite' world that some
  Swedish 'elite-d00dz' had been busted for BlueBoxing here in Sweden.
  As always with these kind of roumors, you should take 'em with a spoon of
  salt. Sad but true - nothing serious has happend. (These damn 'elite-d00dz'
  thinks they are phreakers. *sigh*) (Oct 1991)
 
  Some youngsters in Lulea, Sweden got busted for carding for about $10.000.
  These guys quited carding when the S.H.A. member got busted. 6 months later
  the police knocked at their doors and searched their houses. This resulted
  in a few prosecutions.
 
  A couple of students from Linkoping, Sweden got charged for using a X25
  NUI belonged to the Linkoping University Library. The university started an
  investigation when they received their phonebill, which where $10.000 higher
  than normaly. And the next one where even worse, $20.000 higher than normaly.
  After they had found that some students where using their X25 accounts they
  filed a complaint to the police.
 
  A swedish sucker at the Virus Help Center has started to scream for the
  police as soon he sees a new virus in Sweden. For example, he is trying to
  nail Tormentor, one of our guest writers which is the author of the
  Tormentor -d virus. Rumors says he has tracked down a swedish virus
  programmer/spreader and called the police. (Nov/Dec 1991)
 
  Rumors says a smaller disaster will occur when some members of S.H.A. goes
  to trial for charges concerning illegal accessing a computer system.
 
  Rumors says the FBI snatched the drives at FSF/MIT, and that they did NOT
  crash as the official explanation was. (April 1991)
 
  Rumors says Timewasters (hackergroup from Holland) penetrated a couple of
  pentagon computers and installed several backdoors. (Jack Brock at the GAO
  has confirmed that dutch hackers have broken into Pentagon computers.)
 
 
 
                        --------------------------------
                        - Messages to System Operators -
                        --------------------------------
 
  To mention some swedish hacking acitivity, here goes some messages to
  system operators of each system, which they will understand:
 
 
  "Now is the question, Who is Marc Lundgren?"      Gottcha SICS
  "I'll be back - be sure of that"                  Gottcha Bjorn Knutson, UU
  "What happend with ASEAs VAX machines? :-)"       Gottcha ASEA Brown Boweri
  "Please send us 'last | grep peace'"              Gottcha Dimension AB
  "Found our trojans?"                              Gottcha S-E-Bank
  "We don't know how far they have come"            Gottcha SMHI
  "Nice phonebill, eh?"                             Gottcha OPIAB
  "Afraid of calling the police?"                   Gottcha DATEMA
  "Got any complaints from the DDN (milnet)?"       Gottcha KTH/NADA
  "Don't say we didn't warn you."                   Gottcha FOA
 
 
 
 
                                --------------
                                - The Future -
                                --------------
 
  We hope that the Swedish police will realize that no one will gain in
  the investigation of S.H.A. and only a catastrophy will occur.
  They should use their resources for better cases, i.e. finding people
  who commits murder or are raping young girls.
 
  So to those guys involved in tracking us down, we would like to say:
 
   - Up yours! Prove that we done anything illegal or stay off our back!
 
  Anyway, we are not looking to far ahead in the future since we have too
  many variables that can change. We just plan for the next week, but we
  hope that 1992 will be a great year for all of you hackers out there in
  the whole wide world.
 
 
 
                               -----------------
                               - Releases 1992 -
                               -----------------
 
  We plan to release the following under 1992 and hopefully many more stuff,
  even if we can not guarantee that we do release all the stuff.
 
  - S.H.A. Annual Year Report '92.
 
  - A complete Internet hacker/scanner program.
 
  - A neat Unix program that will totaly hide you from system managers.
 
  - Sourcecode for several unix backdoors.
 
  - Security System for your personal computer.
 
  - Textfile "VMS to Internet Encyclopedia"
    (Follow up to the Unix to Internet Encyclopedia).
 
  - Textfile "How to card and get caught" by Lixom Bah
    Everything from how to card, to what happend me when I got busted, and
    the consequences for you, and your whole life.
 
 
 
                           -------------------------
                           - How to contact S.H.A. -
                           -------------------------
 
  This was all for this time. Hopefully the S.H.A. will still be alive in
  February 1993 so we can release our 5th protocol. But don't count on that,
  the Swedish Police is giving us a very hard time here..
 
  We are interested in join venture with other good H/P groups so that more
  proffessional articles and files can be released to a wider public.
 
  If you feel that you want to contribute to our protocols in one way or
  another, you can contact us at the following addresses and phonenumbers.
  If you feel that you want to give us critic, don't hesitate to contact us..
 
  If you want to be included in our mailing list, please state so and you will
  automaticly receive all our releases.
 
 
  Internet : sha@darkside.com
  FidoNet  : 2:201/610 username sha
  V.M.B.   : +46-8-730 24 02   Box #9999
 
 
  Note: Federal goverments are also welcome to contact us for assistance.
        We have nothing to hide from goverment agencies.
 
        The above addresses are untraceable, so don't even bother...
 
 
 
                            ----------------------
                            - Editors final note -
                            ----------------------
 
  Another year have passed and a new one is on it's way. I hope the new
  year will be another good year for all of the hackers out there.
 
        I will end this 4th protocol with some wellknown words;
 
             BE PARANOID - YOU ARE DOING SOMETHING ILLEGAL!
 
 
  I would like to thank all those people who have helped us creating this
  fourth protocol which I hope you have enjoyed, and special thanks goes to:
 
                    Tormentor for "Demoralized Youth"
                 Knight Lightning for "Operation Sundevil"
 
 
  I would also like to thank all those other guys in S.H.A. that has not
  been mentioned but have contributed to this file. Thanks!
 
    And to all you hackers out there... thank you for reading this file!
 
           I would also like to thank the Swedish Police for their
            interests in S.H.A. and for reading most of our files,
              We need more dedicated fans like them. Thank YOU!
 
 
 
                                --------------
                                - Disclaimer -
                                --------------
 
   The material in this document is NOT ment to encourage hacking, cracking
       or illegal entering to computer systems. The Swedish Hackers 
         Association can NOT be blamed for any abuse caused by it.
              The Swedish Hackers Association is formed only
               to inform the public what hackers and hacking
                   really mean, and to report all hacking
                      news and events to the readers. 
 
 <---------------------------------------------------------------------------->
        ALL MATERIAL IN THIS DOCUMENT ARE COPYRIGHTED (c) 1992 BY S.H.A.
     USE OF THIS DOCUMENT WITHOUT S.H.A. PERMISSION IS STRICTLY PROHIBITED
   UNDERGROUND BOARDS ACCEPTED BY S.H.A. ARE ALLOWED TO USE ALL S.H.A. FILES
 <---------------------------------------------------------------------------->
& 
.H.A. ARE ALLOWED TO USE ALL S.H.A. FILES
 <---------------------------------------------------------------------------
.










...
g