Kevin Poulsen is a senior editor at Wired.com and editor of the award-winning Threat Level blog.
His new book on cybercrime, KINGPIN, comes out February 22, 2011 from Crown. About a skilled San Francisco computer intruder Max Ray Vision, 37 who was sentenced to 13 years in federal prison and ordered to pay $27.5 million in restitution for stealing nearly two million credit card numbers from restaurant point-of-sale terminals, banks, businesses and other hackers — in what is the longest hacking sentence in U.S. history.
In the late 1990s, Vision was a superstar White Hat, billing himself as an $100-an-hour computer security consultant. In 2001 he was sent to prison for 18 months for launching a scripted attack on Pentagon systems, that left backdoors and packet-sniffers behind. In prison, Vision met more serious criminals, like former bank robber named Chris Aragon, who became Vision’s partner. Aragon, used the info to create counterfeit cards, then recruited a crew of shoppers to buy merchandise for resale on eBay. Aragon earned at least $1 million in the business, police say.
Using informants and some genuine electronic gumshoe work, the feds arrested him in September 2007 at a corporate apartment he used as a hacking safe house. When the feds seized his computer, they found five terabytes of encrypted data. Experts at Carnegie Mellon University’s Computer Emergency Response Team eventually cracked Vision’s crypto.
With credit for time served and good behavior, Vision could be released in December 2018.