MostHateD to Plead Guilty Wednesday

MostHateD to Plead Guilty Wednesday
Kevin Poulsen, SecurityFocus 2000-03-29

Agreement means the young globalHell leader faces at least 33 months in prison, unless he helps bust his compatriots.

One of the two leaders of the legendary cybergang globalHell caused between $1.5 and $2.5 million in losses by cracking web sites and making fraudulent use of a community college's teleconferencing system, according to stipulations in an plea agreement 19 year-old Patrick Gregory reached with federal prosecutors in Dallas. The plea, originally scheduled for today, has been postponed until April 5th. Wednesday night, the Houston Chronicle reported that the canceled appearance was a result of Gregory's arrest on unrelated charges of burglary and unauthorized use of a vehicle the night before.

The substantial loss figure means that under federal sentencing guidelines the cyberpunk, known in the underground as MostHateD, faces a minimum of 33 months in prison for a single count of conspiring to traffic in access codes and to damage Internet systems. But a clause in the plea agreement normally reserved for government informants permits his sentencing judge to give him less time if Gregory provides "substantial assistance to the government in connection with its continued investigation" of the cybergang he once headed.

globalHell was an international collection of cyberpunks who communicated over hijacked teleconferencing systems and cracked over 100 web sites in 1998 and 1999, including a famous hack of the White House web site in May of last year. As part of his plea agreement, Gregory stipulated to the accuracy of the entire globalHell portion of the Attrition defacement mirror, and admitted to cracking three of the web sites personally: Blue Byte, Networks Online, and 1688.com.

"He didn't do most of the hacking, but he had gang organizational abilities," said former Assistant U.S. Attorney Matt Yarbrough, who investigated and prosecuted the case, and signed off on the plea agreement before recently joining the Dallas law firm Vinson & Elkins.

Yarborough contrasted globalHell with the high-profile "Phone Masters" hacking case, which he also prosecuted. "What makes a cybergang like this so dangerous is they are bulls in the china shop," said Yarbrough. "They get into a system, and once they're in there they aren't as clever as the Phone Masters about how to tamper with the log files and scrub their fingerprints, so they crash the system... It's the old criminal theory: I've left fingerprints everywhere, so I'll just burn it down."

Investigations Ongoing
Earlier this month, Chad Davis, 20, of Ashwaubenon, Wisconsin was sentenced to six months in prison for defacing the U.S. Army's Web site. According to Yarbrough, Davis was the co-leader of globalHell, and may face more charges. "He plead to a teeny little hack on an Army web site, and there's a lot out there," said Yarbrough. "So we'll see what happens."

Another globalHell member, Eric Burns, received a 15 month sentence for defacing the U.S. Information Agency web site.

Gregory's 33 month minimum prison exposure - his maximum is five years - would be the longest sentence yet for a member of the group.

Yarbrough wouldn't specifically comment on the agreement's "5K1" clause -- shorthand for the section of the U.S. Sentencing Guidelines that allows judges to depart below minimum sentences for government informants. "I'm not in the office anymore," said Yarbrough. "There are other investigations ongoing, and it'll be interesting to see how they play out."

Carlton McLarty, the Assistant Federal Public Defender representing Gregory, said his client wasn't speaking with the press. McLarty declined to say whether Gregory will help authorities round up the rest of his former cybergang. "I can't really comment on the specifics of it. I'm sure you know what a 5K1 is, though."

story updated 3/30 at 7:30 a.m. PST to reflect the Houston Chronicle report