'Swatters' Trick AT&T, Make Fake 911 Calls

R. A. Hettinga rah at shipwright.com
Thu Nov 22 18:59:47 PST 2007 

<http://www.pcworld.com/printable/article/id,139804/printable.html#>

PCWorld
'Swatters' Trick AT&T, Make Fake 911 Calls

Criminals have been using social engineering skills to gain access to  
AT&T networks and mimic emergency calls.

Robert McMillan, IDG News Service
Wednesday, November 21, 2007 05:00 AM PST
A Cleveland, Ohio man has pled guilty to participating in a scheme  
that involved using AT&T employee passwords and identities to place  
false 911 calls to emergency dispatch centers.

Stuart Rosoff is facing as much as five years in prison and a US 
$250,000 fine after pleading guilty to charges of harassing people by  
tricking 911 operators into dispatching police SWAT (Special Weapons  
And Tactics) teams to the homes of their unsuspecting victims. Rosoff  
was part of a group of about 15 to 20 people who met in chat rooms  
and telephone party lines to exchange information on how to conduct  
their attacks, according to court documents.

Rosoff is considered the lead defendant in a federal case against  
members of the group. Two other members have pled guilty, and two  
others, Jason Trowbridge and Chad Ward are still facing trial.

Virtually unknown until recently, swatting gained national attention  
last month when 19-year-old Randall Ellis was arrested after  
allegedly dispatching a SWAT team to the home of an unsuspecting  
couple in Orange County, California. That incident cost county  
officials nearly $20,000. On Friday, Ellis plead not guilty to  
charges stemming from the March 29 incident. He is not believed to be  
connected with Rosoff or his group.

The Rosoff group has been connected to about 60 incidents, including  
one in January 2007, according to Detective Larry Cole with the  
Snohomish County Sherriff's Office in Washington State. In that case,  
a Rosoff's co-conspirator named Guadalupe Santana Martinez ended up  
dispatching 35 county employees, including the SWAT team to a  
Snohomish County home in the middle of the night. "He built enough  
information and called 911 and faked that he was committing a serious  
crime at the time," he said. "When our patrols responded, nobody  
answered the door, so it ended up being an activation of our SWAT team."

In a June 12, 2006 incident, Martinez is alleged to have called 911,  
saying that he was high on hallucinogenic drugs, had shot and killed  
family members and was holding hostages.

Martinez used a spoof card to conceal his identity in this case,  
according to court filings, but in the Snohomish County incident he  
used an even simpler technique: he blocked his caller ID and simply  
gave 911 operators his victim's number, according to Cole. "Even with  
our 911 system if you use some blocked numbers for privacy reasons  
it's hard for our 911 system to read them," he said.

Martinez, and another group member, Angela Roberson have since  
pleaded guilty to swatting charges.

Court documents state that he and other group members used social  
engineering techniques against telephone companies such as AT&T.

For example, Martinez would call an internal AT&T number claiming to  
be a service representative working in the field in order to get  
information on victims and sometimes even terminate their phone  
service, Cole said. "He would fake that he was an AT&T employee, call  
the internal phone number... and they would give him that information."

According to an affidavit by FBI Special Agent Allyn Lynd, "AT&T  
employees were being victimized by the swatting group by the  
misappropriation of the AT&T employees' identities and passwords in  
order to make the swatting group's illegal access appear more  
legitimate."

One of the group's members, Matthew Weigman had registered telephone  
service for himself under the name of an AT&T representative, the  
affidavit states.

Members of the group were able to spoof their phone numbers using  
commercially available "spoofing cards," as well as special hardware  
that could be used to spoof the ANI (Automatic Number Identification)  
caller identification system used by some telephone systems.

They accessed systems at AT&T subsidiary CTS Telecommunications, in  
Grand Prairie, Texas, the Verizon Provisioning Center in Irving  
Texas, and the Frontier Telecommunications center in Rochester, New  
York, according to court fillings.

AT&T did not return calls for comment.

Cole said that the group swatted people for two reasons: for kicks,  
and to get even. "They had very limited social skills so they were  
kind of immature," he said.

Martinez who is described as the one generally responsible for making  
the telephone calls, was nicknamed the "Wicked Wizard." He would  
often swat victims as a way of getting even for some chatroom slight,  
Cole said. "I think it was a power trip for him. It was his way of  
being the big man."

More information about the cypherpunks-legacy mailing list