Advertisement
Promo

Online business Toolkit

Al-Jazeera hacker awaits sentence

Published: 13 Jun 2003 09:18 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A Californian man pleaded guilty on Thursday to two charges stemming from an attack on the Web site of the Arab news service Al-Jazeera during the early days of the Iraq conflict.

In a plea agreement with the US Attorney's office for the Central District of California, John William Racine II, a 24-year-old Web designer, admitted to tricking VeriSign subsidiary Network Solutions into giving him ownership of the aljazeera.net domain. Racine said he then redirected visitors to that Internet address to another site, where they were greeted by a US flag and the phrase "Let freedom ring." The man turned himself in to FBI agents on 26 March, according to the plea agreement.

"Racine gained control of the aljazeera.net domain name by defrauding Network Solutions, where Al-Jazeera maintained an account for its domain name and email services," the US Attorney's office said in a statement.

Racine, also known as "John Boffo," used a false photo identification card and forged signature to impersonate an Al-Jazeera systems administrator and get control of Al-Jazeera's account, according to the plea agreement. In doing so, he gained control of where any data sent to aljazeera.net -- including Web page requests and email -- ultimately ended up.

The actual defacement appeared on a free Web site service provided by NetWorld Connections. Technically known as a "redirect", the hack caused Web browsers that attempted to go to www.aljazeera.net -- as well as the English-language site, english.aljazeera.net -- to be surreptitiously redirected to the content hosted on NetWorld's servers and see the US flag instead.

For an entire week in late March, Al-Jazeera had to contend with technical problems and hackers that caused the site to be unavailable as often as not.

The Arabic and English news service, based in Doha, Qatar, found itself the focus of controversy during the war in Iraq for its coverage of the conflict. Opponents charged the Arab news group with bias, but many others have tuned into the young network's TV broadcasts and Web site for an alternative view of the issues surrounding the war and America's occupation of the Middle Eastern country.

The plea agreement states that on 24 March, after the initial verbal salvos between US government officials and Al-Jazeera, Racine searched the Internet and found that Muhammed Jasim AlAli was listed as the administrative contact for the Arab news service's Internet domain, aljazeera.net. He then created an account on Microsoft's Hotmail and impersonated AlAli in telephone messages and email to VeriSign, claiming that he needed to have the account password changed. Unable to answer a challenge question by a VeriSign employee, he said he would call back later.

Racine then created a false photo identification card with the name "Mohammed Jasim AlAli" and forged an authorisation form that requested VeriSign change the password. He sent the documents to VeriSign subsidiary Network Solutions and followed up with a telephone call. Based on that documentation and the phone call, VeriSign changed the password on 25 March, the plea agreement stated.

On March 27, after the defacement gained media attention, VeriSign suspended the Al-Jazeera account. By then, Racine had already contacted the FBI and provided the agency with evidence of what he had done, the plea agreement stated.

Racine "admitted that he knew his conduct was unlawful and voluntarily provided the documents and information to the FBI to assist in its criminal investigation," the agreement said.

Racine could have faced up to 25 years in prison and a fine of $500,000 (about £300,000). However, the US Attorney's office has agreed to request a much lighter sentence: three years of probation and 1,000 hours of community service. The ultimate decision on the sentence, however, resides with the judge.

Racine signed the plea agreement on Thursday, said the US Attorney's office. He will be arraigned in court Monday.

VeriSign couldn't immediately comment on the case.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
50 out of 95 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business


Company/Topic Alerts

Create a new alert from the list below:















Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment

Video icon

Video

Google Chrome

Roundup: Full coverage of Google Chrome

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters