Cyber criminals have existed since the dawn of the personal computer way back in the 1970s. What most saw as a new venue for advancing knowledge and human connectivity, criminals saw as a new venue for partaking in theft, robbery, and other forms of delinquency.
Since then, it seems as if there’s no stopping the seemingly endless flow of malicious computer hackers. While most are small fish, launching your run-of-the-mill spyware and Trojan attacks, there are a select few who’ve pulled off heists so incredible that it’s landed them a spot on the FBI’s most wanted list—and sometimes even a spot in the slammer.
You can find out all about these high-profile digital heists and their perpetrators in this comprehensive list of the most notorious cyber criminals from BestVPN.
Famous Cyber Criminals
John Draper (codenamed Captain Crunch, Crunch, and Crunchman) is frequently cited as being one of the world’s first known hackers—and the first literal whistle blower.
Way back in the early 1970s, Draper discovered that a toy whistle found in Cap’n Crunch cereal produced the exact tone necessary—2600 hertz—to indicate to AT&T long lines that a line was ready and available to route a new call, when in fact it wasn’t. As such, it allowed Draper’s calls to continue even after the exchange thought that they were over.
Draper’s discovery got him involved with a group of other telecom system hackers in his area, whose practices were known as ‘phreaking.’ Members ranged from a blind man with perfect pitch to future Apple co-founder Steve Wozniak.
Both Draper and the other ‘phreaks’ were eventually found out when his phone company took note of his highly irregular billing patterns, and Draper was arrested on toll fraud charges in 1972 and sentenced to five years’ probation. Today, he works in software development and is a veritable legend in the computer programming community.
While bank robbery has been around as long as there have been banks, it was Vladimir Levin who brought the practice into the digital age.
The first known Internet bank robber, Levin was a biochemistry graduate at St. Petersburg’s Tekhnologichesky University when he pulled off his high-profile heist in 1994. Via a laptop in London, Levin accessed the Citibank network, obtained a list of customer codes and passwords, and then logged in 18 times over a three-week period, transferring approximately $10.7 million through wire transfers into his accounts in the United States, the Netherlands, Finland, Germany, and Israel.
When Citibank noticed the illicit transfers, they immediately contacted the authorities, who eventually tracked Levin down and arrested him at London Stansted Airport in March 1995 while en route to Moscow. He had a trial in the United States after being transferred there on extradition charges, where was convicted and sentenced to three years in jail on charges of conspiracy to fraud and stealing millions of dollars. He was also ordered to make a restitution of $240,015 to Citibank.
Kevin Mitnick is frequently cited as the world’s most famous hacker and for good reason.
After dabbling in computer breaches in the late 1970s, he was charged and convicted in 1988 for breaking into and copying the software of the Digital Equipment Corporation’s computer network. He fled and became a fugitive for two and a half years, during which he hacked dozens of computer networks, copied valuable propriety software of some of America’s largest computer and cellular telephone companies, intercepted and stole computer passwords, altered networks, and broke into and read private emails.
The FBI led a highly-publicized pursuit of Mitnick, which culminated in a 1995 arrest in North Carolina on charges of wire fraud, possession of unauthorized access devices, interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer. For his crimes, he served five years in prison (which included eight months of solitary confinement).
Mitnick has since cleaned up his act, becoming a paid security consultant, public speaker, and author.
You may know Kevin Poulsen as an editor over at WIRED, but he got his start as one of the most well-known hackers to ever inhabit cyberspace.
Poulsen infiltrated computers and telephone servers in the late 1980s and early 1990s, with his most famous hack job being his deception of a Los Angeles radio station. KIIS-FM held in a call-in contest with a Porsche 944-S2 as a prize for the 102nd caller. To ensure he’d win the luxury car, Poulsen took control of the switchboard lines and blocked all incoming calls, thereby guaranteeing his being the lucky winner.
Poulsen was eventually arrested in 1991, after which he was sentenced to five years in federal prison and banned from using computers and the Internet for the three years following his release. After being freed, he reinvented himself as an online security and tech news journalist.
Scotsman Gary McKinnon infiltrated systems belonging to the United States government and military not out of a desire to launch an attack or steal sensitive information, but rather to prove the existence of aliens.
Believing that the US was withholding information regarding extraterrestrial beings from the rest of the world, between February 2001 and March 2002, McKinnon hacked into dozens of US army, air force, navy, and Department of Defense computers, in addition to 16 NASA computers, while on a self-described “moral crusade” to find classified documents regarding UFOs.
In spite of the US’s allegations that McKinnon was performing an act of warfare—unsurprising, given the proximity of the time of the hacks to the 9/11 terrorist attacks—McKinnon claims he had never acted with malicious intent, and, true to his word, had never stolen any documents or spread any viruses.
The US fought for 10 years to have McKinnon extradited and jailed, but British prosecutors ultimately ruled that he would not face charges in the UK due to mental illness. He controversially remains under the protection of the British government today.
Albert Gonzalez is the mastermind behind the biggest online credit card fraud in history. From 2005 to 2008, he stole and resold more than 170 million card and ATM numbers. He and his accomplices used SQL injection to install backdoors on several corporate systems—including those of OfficeMax, T. J. Maxx, Marshalls, Target, and Barnes & Noble—in order to launch packet sniffing attacks, thereby allowing him to steal confidential computer data from the retail stores’ internal corporate networks.
Gonzalez (who went by Internet handles ‘Segvec’, ‘J4guar’, and ‘Soupnazi’, after the infamous Seinfeld character) saw his cyberheist come to an end when he was arrested at a lavish hotel in Miami in 2008. He subsequently was handed two concurrent 20-year prison terms, the longest sentence ever handed to an American for internet crime.
Adrian Lamo earned the moniker ‘the homeless hacker’ due to his illegally hacking high-profile networks such as those of America Online, Yahoo, WorldCom, Microsoft, and The New York Times while living a nomadic lifestyle around the United States.
Lamo’s Times hack was ultimately the cyber crime that got him grounded. For hacking into the famous newspaper’s internal computer network and accessing and modifying confidential databases, Lamo was ordered to six months of house arrest, two years of probation, and to pay more than $64,900 in restitution.
In spite of his arrest, Lamo did not stay out of the limelight for long. He made headlines again in 2010 when he turned in whistleblower Bradley Manning.
Jonathan James made headlines in 2000 as the first juvenile to be incarcerated on charges of cyber crimes. In 1999—when James was only 15 years old—he committed a series of digital intrusions into the systems of none other than the US government. His primary target was the United States Department of Defense—wherein he installed a backdoor to one of their computer servers, as well as a sniffer that allowed him to intercept over 3000 messages between government employees.
Through this interception, James managed to get a hold of the source code of the International Space Station, which controlled critical life-sustaining elements, such as temperature and humidity. As a result, NASA had to shut down its computers for three weeks, costing the organization over $41,000.
James made history when he was arrested, convicted, and sentenced a year later, for which he served six months in an adult federal correctional facility. Sadly, he committed suicide in 2008 after being allegedly falsely implicated in a TJX computer system intrusion, saying in his suicide note that he feared being prosecuted for crimes that he had not committed.
Canada-born Mike Calce is best known by his hacker nickname, Mafiaboy, as his real name was withheld during his high-profile arrest and trial due to being a minor.
Calce’s main modus operandi were denial-of-service (or DoS) attacks, which involves bombarding a site with so many requests that its servers are overrun. Using these attacks, in 2000 he took down big names such as eBay, Yahoo!, and CNN.
Calce was eventually caught and he pleaded guilty to 56 counts of hacking and attacking websites, for which he was sentenced to eight months in open custody at a juvenile delinquent center, one year of probation, and restricted use of Internet. However, his DoS spree had left its mark: It caused approximately $7.5 million in global economic damages and prompted the US government to hold a White House summit on cybercrime.
David Benjamin Schrooten
The arrest of Dutchman David Benjamin Schrooten by US authorities all the way in Romania shows the lengths to which the American government will go to take down cyber criminals.
Schrooten—who’s known in the computer hacking underground as ‘Fortezza’—was arrested and extradited from Europe for a credit card fraud scheme that victimized people all around the world. In total he trafficked over 100,000 credit card numbers that had been stolen by hackers, thereby creating a profitable black market for stolen data, victimizing thousands of US citizens, and defrauding US banking institutions out of millions of dollars. For his cyber crime of marketing pilfered credit cards via internet sites, Schrooten was sentenced to 12 years in an American prison.
If your computer has ever been hit with a worm virus, you have none other to thank than one of its pioneers, Robert Morris.
Morris unleashed the first worm onto the Internet to gain significant mainstream media attention in 1988 when he was a 21-year old student at Cornell University. Written to gauge the size of the Internet and not to cause damage, the worm was released from MIT and went on to exploit known vulnerabilities in Unix sendmail, finger, and rsh/rexec, as well as weak passwords. However, the code had unintended consequences: It could infect a computer multiple times and slow it down to the point of being unusable.
In the end, the Morris worm infected 10% of the internet and caused damage estimated to cost between $100,000 and $10 million. Due to his claiming non-malicious intent, Morris received a light sentence, which he served out before going on to become an esteemed MIT professor.
Crackas with Attitude
Despite their amusing group nickname, Crackas with Attitude (CWA) are a group of six teenagers with serious hacking chops, who’ve committed a number of severe cyber crimes against members of the United States government.
The CWA have hacked into the emails of the likes of CIA director John Brennan and Director of National Intelligence James Clapper, claiming afterward that it was so easy that a 5-year old could do it. They even claim to have their hands on hundreds of the email addresses, SSNs, and phone numbers of US intelligence employees.
It goes without saying that the CWA delight in humiliating important law figures, which appears to be the main—if not sole—motivation of their internet crimes.
At the time of writing, the Cracka group is still at large (and probably still in high school).
How to Protect Yourself from Cyber Criminals
The Internet is awash with cyber criminals like the ones listed above. Don’t be fooled into thinking that they only go after high profile targets such as government organizations and big business; many digital ne’er-do-wells go after the personal and banking details of regular folk as well.
To protect yourself from becoming a victim, implement basic Internet security measures such as creating strong passwords for all of your online accounts, safeguarding your personal details on social media, and arming your computers and smartphones with a VPN such as ExpressVPN or Buffered.