Feeds

Bin Laden hackers denounce founder

In their own words

  • alert
  • submit to reddit

Seven Steps to Software Security

Leet German script k1dd13 and would-be investment guru Kim Schmitz aka Kimble, who recently promoted his YIHAT (Young Intelligent Hackers Against Terrorism) Ninja force with loose claims to have hacked a Sudanese bank with /bin/laden accounts, has been denounced by two people claiming to be members of his organization.

We denounced him too a while back. Now two reputed compatriots have rounded on him as well, drawing heavily on an article published by The Standard in January 2001.

In their own words:



YIHAT, the group who was to take the money away from terrorists, caused a big controversy in our world today. Kimble was their mysterious leader. Directly from the inside of the group, I, Splices along with Demannu, tell you the truth of Kimble.

Kim Schmitz is an owner of Kimvestor which is not even registered company yet. For this reason and involvement with Netherlands online dealer Letsbuyit.com, the federation of the capital investors and German state attorney are preparing charges against Kim Schmitz for investment fraud. He's not reach as he appears to be. He sold 80% of his company Data Protect which is Security Company and had until recently about 15 employees.

Most of his money he spend on expensive penthouse in Munich, cars, yacht and expensive trips to Monte Carlo, Caribbean sea and women. His other two companies, Monkeybank and Megacar are only paper tigers, loosing money. Secondly, his is not a hacker. He is banned from the German hacker scene, because he betrayed the hackers who worked with him on credit and calling card fraud. (The reason why he got only six months) Do you know his ten rules? One says: Don't talk too much, obviously not good enough for your Kimble; he's known as biggest mouth of Germany. Why do you think there's almost nothing about business on his website but over 300 pictures of him, not to mention silly flash movies.

Hacker? Yes of course. Bellow you can read what Boris Gröndahl (journalist working for Standard) found out: Kim Schmitz, doesn't make a secret of his past alias of "Kimble", the convicted computer hacker. On the contrary, he makes this one of his selling points. This may appear honest at first glance, but if you compare what stunts he lays claim to, and what his court verdict in 1998 found him guilty of, his past looks a bit less glamorous. However, Schmitz's claims follow a pattern. He takes bits of what he has been found guilty of, bits of other hackers' publicized doings, even tales of hacker movies, and mixes them together to form his "personae".

MYTH: Many papers reported that Schmitz lowered the credit rating of former German chancellor Helmut Kohl to zero.

TRUTH: Credit ratings on individuals in Germany are different from the US. There is no rating of a kind that you could "lower to zero". And the court verdict against Schmitz has nothing to say about this.

THE LINK: According to Schmitz's verdict, he had broken into the computers of the Deutscher Beamtenbund, a public officials' union, and among other documents, copied the union's correspondence with the chancellor. The Masters of Deception, a New York hacker group, lowered the credit rating of cyber-celebrity John Perry Barlow to zero during an online discussion in the early 1990s.

MYTH: Schmitz told the Sunday Telegraph he "got into Citibank's system and transferred $20 million by taking tiny amounts from the accounts of 4 million customers and giving it to Greenpeace".

TRUTH: Nothing like this is in the court records. In fact, there's no link to Citibank or Greenpeace at all. A Greenpeace spokeswoman told The Standard Europe the claim was "just not true", adding that $20 million would have been half the organization's annual budget in the mid-1990s.

THE LINK: In a widely publicized case in 1996, Citibank did indeed fall victim to a group of Russian hackers who caused $10 million in damages. The money didn't go to Greenpeace, though. However, the final scene in the hacker movie "Sneakers" (featuring Robert Redford, Dan Aykroyd and Sidney Poitier) is a TV news speaker announcing that the Republican Party had to declare insolvency while Greenpeace announces an enormous anonymous donation.

MYTH: Schmitz also told the Sunday Telegraph that "he developed the Blue Box, software that would override the phone charging system".

TRUTH: According to the court papers, Schmitz didn't use clever software to "override the phone charging system", but simply stolen calling card numbers he had bought from US hackers.

THE LINK: Blue Box is the name for a hardware device which cheated the phone charging system by simulating its signals. They were widely used in the US, years before Schmitz was born in 1974.

MYTH: In the prospectus of his company Kimvestor, Schmitz claims to have broken into NASA and the Pentagon.

TRUTH: Nothing like this in on the records. The spokesman of the German hacker organization Chaos Computer Club dismisses his claims as "made up".

THE LINK: The hacking into a wide array of computers including those of the NASA made the Chaos Computer Club world-known in 1988. Some of the hackers who had done this were hired by the Soviet intelligence service KGB and broke into computers of military research labs in the US, but not into the Pentagon.

MYTH: Schmitz told the Sunday Telegraph "when he came out of prison he was inundated with offers from companies... Within a week he was working for Lufthansa".

TRUTH: According to his verdict, Schmitz was breaking into systems and used what he found to offer those firms his advice in security matters through an accomplice's consultancy. The accomplice was a former Lufthansa employee and Lufthansa was among their victims. However, the court states that it wasn't Schmitz who broke into Lufthansa's network but another accomplice.

P.S., US Patent and Trademark Office does not have any records on Monkey nor Magacar technology as Kim Schmitz is claiming on his website nor any other patent registered under his name nor names of Kimvestor, Data Protect, Megacar or Monkey AG."

Kimble was a fraud and is a fraud. In fact, call him at +49-172.444.4444, and tell him how you feel. I and Demannu were very devoted to his cause and he lead us into nothing, and in light of everything the very spirited ones who were the brains behind everything have compiled something new to take YIHAT's place. Don't get us wrong -- we are totally different.

Meet ECHO. This is who we are: We are a research group made up of Security Parishioners, Programmers, Mathematicians, and Security Researchists that cover areas from software flaws to encryption and even ranging from viruses and Trojans - we haven't a limit. We will eventually form a security firm, and sell our own line of software that will be aimed toward security. I can't place a limit on our expansiveness - our entrepreneurial eye has released something BIG. Our goals lie to secure the internet in an entire new way not seen before. I am not at liberty at this time to release our ideas, but we will revolutionize the way security is handled among the internet - and prove it.

We are open to all criticism and expect it, but all criticism will be accepted as constructive criticism. We don't wear batman capes and we don't chase terrorists and have suckers in our mouth. We research security and will bring a new light to the Internet.

Related Story

Bin Laden hack-meister in defacement, financial debacles

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.