July 27, 2015

On the evening March 14, 2013, a heavily-armed police force surrounded my home in Annandale, Va., after responding to a phony hostage situation that someone had alerted authorities to at our address. I’ve recently received a notice from the U.S. Justice Department stating that one of the individuals involving in that “swatting” incident had pleaded guilty to a felony conspiracy charge.

swatnet“A federal investigation has revealed that several individuals participated in a scheme to commit swatting in the course of which these individuals committed various federal criminal offenses,” reads the DOJ letter, a portion of which is here (PDF). “You were the victim of the criminal conduct which resulted in swattings in that you were swattted.”

The letter goes on to state that one of the individuals who participated in the scheme has pleaded guilty to conspiracy charges (Title 18, Section 371) in federal court in Washington, D.C.

The notice offers little additional information about the individual who pleaded guilty or about his co-conspirators, and the case against him is sealed. It could be the individual identified at the conclusion of this story, or someone else. In any case, my own digging on this investigation suggests the government is in the process of securing charges or guilty pleas in connection with a group of young men who ran the celebrity “doxing” Web site exposed[dot]su (later renamed exposed[dot]re).

As I noted in a piece published just days after my swatting incident, the attack came not long after I wrote a story about the site, which was posting the Social Security numbers, previous addresses, phone numbers and credit reports on a slew of high-profile individuals, from the director of the FBI to Kim Kardashian, Bill Gates and First Lady Michelle Obama. Many of those individuals whose personal data were posted at the site also were the target of swatting attacks, including P. Diddy, Justin Timberlake and Ryan Seacrest.

The Web site exposed[dot]su featured the personal data of celebrities and public figures.

The Web site exposed[dot]su featured the personal data of celebrities and public figures.

Sources close to the investigation say Yours Truly was targeted because this site published a story correctly identifying the source of the personal data that the hackers posted on exposed[dot]su. According to my sources, the young men, nearly all of whom are based here in the United States, obtained the personal data after hacking into a now-defunct online identity theft service called ssndob[dot]ru.

Investigative reporting first published on KrebsOnSecurity in September 2013 revealed that the same miscreants controlling ssndob[dot]ru (later renamed ssndob[dot]ms) siphoned personal data from some of America’s largest consumer and business data aggregators, including LexisNexis, Dun & Bradstreet and Kroll Background America.

The administration page of ssndob[dot]ru. Note the logged in user, ssndob@ssa.gov, is the administrator.

The administration page of ssndob[dot]ru. Note the logged in user, ssndob@ssa.gov, is the administrator.

I look forward to the day that the Justice Department releases the names of the individuals responsible for these swatting incidents, for running exposed[dot]su, and hacking the ssndob[dot]ru ID theft service. While that identity theft site went offline in 2013, several competing services have unfortunately sprung up in its wake, offering the ability to pull Social Security numbers, dates of birth, previous addresses and credit reports on virtually all Americans.

Further reading:

Who Built the Identity Theft Service SSNDOB[dot]RU? 

Credit Reports Sold for Cheap in the Underweb

Data Broker Giants Hacked by ID Theft Service

Data Broker Hackers Also Compromised NW3C

Swatting Incidents Tied to ID Theft Sites?

Toward a Breach Canary for Data Brokers

How I Learn to Stop Worrying and Embrace the Credit Freeze

53 thoughts on “The Wheels of Justice Turn Slowly

  1. Dunton

    Brian, I got a feeling I could charge you for advices given in my comments, which you typically censor, and comments sent via my fb. Ok life’s not fair, agreed, but there must be a limit, damn :-))))))

    1. markD

      Hey Dunton, if your comments are so valuable why don’t you put forth a little effort to style them so they are palatable to Brian, enough for him to let them through. Then we can all benefit. I’d sure be curious. But if you can’t get them through then they must not be so valuable, huh, for you to put out the little bit of effort to make them palatable, then you must not think so much of them in the first place. If you can’t get them in front of us in the first place, they are no good to anybody. Instead of over-estimating your contribution, add just that tiny bit of effort it takes to say it politely and clearly enough so he would WANT to let them through. IF they are so valuable. Up to the challenge?

    1. JCitizen

      It seems many state’s juvenile justice laws trump all others.

  2. markD

    Exposure by public naming of all individuals (including their aliases) responsible is the only real way such evil can be fully addressed. The Justice department should never be allowed to deal that away.

  3. Chris M

    Do you know for certain that the case is sealed? I would expect to find something about this on PACER.

  4. anonymous

    There’s either an underage person, or an active investigation still ongoing, or both, in which case I would not expect any details.

    1. bette

      I agree. Probably under the age of 18.

      I taught a kid here in a Silicon Valley HIgh school that wa arrested once. We knew who he was but the public could not.

      His parents were so proud.

    2. TErickson

      ^^ Betting the one that has been charged is squueeeealing like a little piggy about all of his little friends. Until the net is cast this will remain sealed.

  5. techvet

    “The mills of the gods grind slow, but they grind exceedingly fine.”

  6. Mike

    It is interesting that special units like SWAT (and others) can be so easily dispatched to ‘ANY’ address by practically ‘ANY’ person. One would think that these things would require someone in authority to make such decisions. It’s almost as if they are all just a bunch of key-stone cops or brain dead groups that will take orders for anyone anywhere. If that’s the case, then what good are they?

    1. TErikson

      This has always troubled me, surprised there hasn’t been a shooting involved. Imagine middle of the night you door gets kicked in, the fog of sleep you think its a home invasion, come up armed to defend yourself not knowing its the police, the police are expecting trouble and see an armed person… yeah.

        1. JCitizen

          It seems to me that police departments need a data base that allows previous surveillance, intelligence, and an algorithm that can post a likelihood a call is serious or not. This could help them much like combat intelligence techniques used in the GWOT.

          Follow up would be just as swift, but some form of scouting would verify the possibility of an actual event. Some communities I’ve seen, use helicopter patrol, but that is expensive, and I can see prepositioned quad copter UAVs being very useful for this. In fact it would help in all crimes.

      1. Mahhn

        Happens all the time, even by wrong addresses. Innocent families are attacked, children, dogs and adults murdered by police that thought they were going into a crime scene. Police also killed by people thinking it’s a random violent criminal and opening fire on the dark suited thugs smashing their way into a home unannounced.
        The lack of verification of situation is the big problem. The people in change of the SWAT teams are so gung ho they loose site of why they are even doing this – to protect people. A simple internet search will show you hundreds if not thousands of instances like this.

    2. Hayton


      What has been allowed to flourish in America is a heavily-armed and highly aggressive Rapid Reaction Force : initially intended only for use in a few high-risk-of-death situations, SWAT teams are now being over-used for less serious operations but still with the original “shoot first, ask questions – no, forget the questions” mentality.

      I guess Brian can count himself lucky not to have had his dog(s) shot, his house trashed, and himself or his family killed or wounded, all in the cause of law’n order.

      The swatters know this, and wilfully put innocent lives in danger. So they deserve whatever punishment they eventually get, and then some more. Victim restitution would be a good idea, starting with a personal apology to the people they’ve set the SWAT teams onto.

      1. Rick

        Yeah. The best line I ever read was, “A SWAT team is like a penis. If you have one, you’re going to find ways to use it.”

      2. Mahhn

        Brian had warned the police that this could happen to him (heard this at one of his presentations), so they were cautious. Or he might have been murdered that day.

    3. Tommy

      The trouble is, if there is a real emergency any sort of hesitation by law enforcement could have seriously negative effects.

      1. Mike

        As apposed to this?

        It’s THE reason why they are called “professionals”. There is supposed to be a chain of command. It’s one of the things that separate law enforcement from the vigilante.

        It’s kinda scary to know that ‘these’ people can’t seem to tell the difference between a ‘real’ emergency and a juvenile prank (with deadly consequences). It’s something to take note of when living in a world that seems to have gone insane.

        1. JCitizen

          With the losing war on drugs, gang activity, and street violence police put up with, I submit that many of them suffer from PTS, just like combat troops. In fact many of them have actually just come home from Afghanistan, and have not addressed these issues effectively. Many of the police I know are also veterans.

      2. Nobody

        While hesitation in an emergency is a negative thing, having SWAT be the first responders is worse, imo. Officers should make the decision on whether SWAT is necessary, as it should take one quick look by an officer or two to realize how serious the situation is (if SWAT is needed).

  7. NotMe

    My favorite part – So truly Governmental speak:
    “You were the victim of the criminal conduct which resulted in swattings in that you were swattted.”

    Reminds me of catch-22 and really any of the gov’t stuff I have to read. Too funny.

    Thanks for the nice follow-up Brian!

  8. Greg D

    Hayton said, “the swatters know this, and willfully put innocent lives in danger. So they deserve whatever punishment they eventually get, and then some more. Victim restitution would be a good idea, starting with a personal apology to the people they’ve set the SWAT teams onto.”

    Exactly. I think here in the US, there should be much tougher sentences for swatting and other related activities.

    1. meh

      Should do like they do in Singapore and cane the little SOBs a few thousand times.

  9. No

    Love the way some names on exposed[dot]su have to explain who they are.

  10. Peggy

    This makes it all sound so trivial and juvenile, “You were the victim of the criminal conduct which resulted in swattings in that you were swattted.” May justice be fully served!

  11. zackis

    Brian I am glad that your finally seeing movement ( however small)

    I understand, as do others, that the wheels of justice do turn slowly but they do turn. I have been reading your site since early 2013 and it has proved not only a valuable information source but also a glimpse into the mind of the ‘enemy’.

    Thanks for all you do and keep up the good work!

  12. Bob Owen

    I look forward to the next chapter in the story. I knew you were in N Va, didn’t realize you lived in Annandale too.

  13. CooloutAC

    I have had the police pick the lock of an apartment I was staying at, and sneak in while i was sleeping in the living room. I woke up to an officers glock pointed literally inches away from my face while he asked me for id and I told him it was in my jacket so he could grab it.

    I held no grudges against them, actually we knew they were outside the door since they were knocking and shouting and we just ignored them. So i basically just pretended to be asleep when they came in.

    I gave them my id and told them my friend was in the bedroom, they actually bought him back later that night. It was all for parking tickets…. But these were warrant police and they usually dont’ know what you have a warrant for, they are just doing their job.

    1. Jason R

      That right there is the problem with policing in the US. Not that I agree with halting a pursuit of a speeding car that some cities do, but we need to apply the same logic to minor crimes, in order to prevent innocent bystanders from being injured.

      Say someone has parking tickets or something minor, and then results in a bench warrant. That bench warrant should be clearly marked that it solely a financial issue and nothing more and that no physical force should be used other than self defense of the officer. The law will catch up with them one day, even if it is when trying to apply for public benefits. Who cares about some minor parking tickets?

  14. Rick

    Given how trigger-happy the Fairfax County police are these days, the wheels of justice turning slowly is still one of the best possible outcomes.

  15. SeymourB

    It is rather delicious that the people upset over being exposed in a report, are now being persecuted for performing the very actions they enabled and/or undertook in the report they were reacting to.

    They’re probably underage and their parents are probably still in complete denial over just how serious the crimes are that their perfect little angels have committed.

    Still, it’s possible for a conviction under 18 to follow someone around, it’s no longer automatic that underage felons are assumed to become angelic once they turn 18. They’re handing down life imprisonment w/o parole on people under 18, which is far more serious penalty an than a felony conviction.

    1. Jason R

      Fine, keep the kids’ names out if they are minors, but publish the custodians names as they are under their care. Shame them as they’re not doing their job.

  16. IA Eng

    That first picture of a woman with the sunken eyes looks like a reverse image of how the Ashley Madison site feels like – dual black eyes. I wonder if it was a freakish calling.

    As for the the slow pace the Justice Department – I thinks its the long lines, sorted by priority. There are so many jusdges, so many plea bargains, interrogation rooms and agents to handle all these poor saps.

    Though your moments were stressful, the pain and agony of getting the the federal wringer for these thugs is a long painful one. I hope it is just the beginning of the pain and agony for those who participate in any potential violent or financial crimes.

  17. XBow

    The US Supreme Court has ruled many times that police have no duty to protect any individual (e.g. Warren V. DC). This is a VERY common misconception though.

    The police are only there to enforce the law. Can you imagine if the police could be sued every time someone got mugged?

    Fortunately, most officers are gracious enough to use their position to protect those who need it. However, there is absolutely no duty to.

    1. Mahhn

      I do know that. Although it is still wrong legally, to commit a crime as a police officer. Which is common and becoming more accounted for. Breaking into a house and killing innocent people is not excusable. So should poor planning that gets people killed (police are people too) be inexcusable too.

  18. Avid Reader

    Checkk out the book “Warrior Cop” by Bradley Balko on the rise of the US Police State, erosion of 4th Amendment rights, and misuse of SWAT against US citizens. The hazards of “swatting” are serious, Brian is lucky.

  19. Strawberry Fields

    If he was 16 when he swatted Brian Krebs the first time (March 2013), then he is most likely 18 now (if his birthday falls in the first 6 months of the year). As with some others, they probably waited till just after he turned 18 to arrest him. However, the crimes committed while he was under 18 are still considered juvenile crimes and would be kept sealed. The difference in being 18 is if he is from Canada, he’d be able to be extradited, and there would be a federal facility to house him. The few federal juvenile facilities are mainly for Native Americans, who fall under federal jurisdiction.

    His idiotic Twitter account tells the whole story. What an imbecile.

  20. Eliyah S.

    To Brian,

    First off, the information you actively provide on your blog have been invaluable and very educational when it comes to protecting my personal identities and of those who are close to me. So for that, I thank you.

    And again, I’m really sorry to hear that you had become a victim, again, of these heinous crimes. While I truly appreciate the information that you share with us after thoroughly investigation those areas that many would rather prefer to stay away from, I’m beginning to worry for your and your families safety. Now, I am a complete stranger and perhaps it is none of my business to concern myself, but I do express my concern because you are taking significant risk on behalf of others for the sake of educating the public and quite possibly to provide other valuable public service (i.e. speaking at a bankers conference, etc.).

    Please don’t answer the following question if it is too personal or inappropriate (I wouldn’t object if you decide to delete this comment entirely). But I wanted to ask – you’ve been doing this type of risky investigative journalism for awhile now, but before you had decided to go down this path did you consider the possibilities that you (and others close to you) in danger? Thankfully, no one was hurt during this attack, but I know you fell victim of ID theft, which is a nightmare to recover from.

    Also, with the array of attacks from various “circles of pitifuls” ranging from a silly prank to something that poses real threat to one’s safety, if I may ask – at the end of the day, is it worth it? In other words, I don’t think you are getting the credit you deserve, yet you are committed to your profession. But with all the inherent risks involved and threats getting more serious, do you still find motivation to keep going?

    Anyways, thank you again for what you’re doing. This is one of my top three blogs that I check on a daily basis.

  21. Josh

    “…the young men, nearly all of whom…”

    All of WHO. You wouldn’t say “them are based here in the United States”.

    They, subject, are based in the United States, therefore, “who”.

    1. -stephen

      Josh, ya got that backwards.

      “…the young men, nearly all of whom…”

      All of WHO. You wouldn’t say “them are based here in the United States”.

      They, subject, are based in the United States, therefore, “who”.

      The subject isn’t “they”, it’s “all”.

      “All”, subject, “are based in the United States” and “of whom” further defines “all”. “Whom” is the object of the preposition “of” and it is the objective case of “who”.

      He might have written “all of them are based…”.
      “All of they are based…” would be clearly wrong. “Them” is the objective case of “they”.

      Yer welcome.

      1. markD

        OED changes English when convention does, convention eventually rules.

        Nobody likes “go boldly” as the correction to “boldly go” in “boldly go where no man has gone before.” It just doesn’t flow right for people to pay attention to it.

        In this case “whom” suits just fine except of stodgy old public school, where Latin still lives and is useful to no one.

      2. Grammar Police

        Oops! Josh and -stephen were both wrong. In any case, all of whom is the correct usage.


        “Obligatory whom

        In one specific context whom seems obligatory: when it is preceded by quantifiers such as all of, both of, few of, many of, several of, etc. For example:

        The Millennium Stadium accommodates 72,500 spectators, all of whom are seated.

        Congratulations to all the winners, most of whom are definitely reading this blog!”

    2. Ding Aling

      Josh, it is “all of whom.” Josh the not-so-much-of-a-god

  22. Dean

    I do not understand the point in this letter from the DOJ. Are they going to give you a chance to ask for – and receive – restitution? Give a Victim Impact Statement? Or are they just sending these letters out (to you and that RS McCain guy) just for PR purposes so it looks like they are “doing something”?

    Did you try to call the DOJ to find out if this is, in fact, a real letter? You could be getting trolled, too.

    1. Lucille Balle

      Dean, that was my first thought. Being trolled. After all, who are they dealing with but the trolliest of the trolls?

      I did a pacer search on all the cases under that law in D.C. district from the day Krebs was first swatted, until today. The cases are such things as mortgage fraud. Why would swatting be charged under 18:371?

  23. Winski

    Yep, the continuation of the Bill Gates philosophy of building / selling / distributing at ANY cost / to BILLIONS of systems their magic ware.. ‘The public are basically stupid. Deploy what you need to keep them that way. And be quick about it’…. ALL founding principals of Microshaft decades ago and STILL guiding the purveyor of most things dark and dreary…

    You have GOT to be a bit slow to actually deploy this toxic waste… jeezzz..

Comments are closed.