Programmers, Hackers, And “Mythical Hackers”
The latest episode of the Darknet Diaries podcast reassessed the identify of “Mobman,” who created a Remote Access Trojan called Sub7
If you listen to “Darknet Diaries,” then this is old news — about a month ago, Jack Rhysider released an episode of him interviewing the real Mobman, then put him in a call with the man who claimed to be Mobman. Mobman created a Remote Access Trojan (RAT) called Sub7.
If you do not know who this is, neither did I…but clearly his identity matters to a lot of people. A writer named Jean-Pierre Lesuer wrote:
There comes a time in the life of every hacker or cybersecurity professional when a singular catalyst sparks the transition from novice to seasoned expert, from enthusiastic script kiddie to dedicated professional. For me, that catalyst, that game-changer, was SubSeven. This program wielded an influence on my life that remains unparalleled to this day. It was the driving force that propelled me into the Trojan Scene and the wider world of InfoSec.
— Source
Steve Gibson, a cybersecurity researcher best-known today for the Security Now Podcast, wrote this in 2002 as part of a forensic analysis:
I have recorded the IPs and account numbers of more than 100 @home subscribers who have security-compromised Windows machines currently running active Trojan attack Zombies. As we will see below, each of those machines also receives a complimentary copy of the latest version (v2.21) of the incredibly invasive Sub7Server Trojan. This grants the hacker who is controlling the Zombie — the “Zombie-master” — absolute control over his victims’ machines. Among the many invasions the Sub7Server Trojan enables is monitoring every keystroke for the purpose of capturing online passwords, credit card numbers, eBanking passwords and you name it.
Now, you might think that this would be significant to @home’s chief of security, Todd Welch, but it isn’t. I tried to talk to him on the phone, leaving a detailed voicemail describing the situation, but I was shuffled off into the system and asked to eMail the IP’s to “abuse@home.com”. Refusing to have the machine IP’s disappear and never to know what, if anything, had been done, I called back the next day and got Todd on the phone. I have no idea why, but he didn’t sound at all happy to be talking with me. It was as if he wished this problem would just go away — or that at least, I would.
— Source
In short, this was a really significant tool used by hackers around 1999. I will not pretend to understand its complexity and intricacies, but I was impressed by the aforementioned Medium post. Amazingly it was not paywall-blocked, and it also makes no mistakes with Mobman’s identity:
In “Mobman 2,” the real Mobman comes across as modest and matter-of-fact. This is quite a contrast to the “other Mobman.”
The Other Mobman
Rhysider made an episode called “Mobman,” which was one of his first episodes. Certain details in the episode did not seem to add up. One Reddit user wrote:
It’s not just his attitude and personality, it just seems as if he has only a cursory knowledge of any of the technologies used. Multiple times throughout the interview something he said didn’t quite make sense, or didn’t match up with what I remember from that time period. He’s talking about learning asp.net and basic web technologies, doing trivial ultima “exploits”, and brags about a bunch of well-known, simple “hacks” that most everyone knew at that time. Then suddenly he has the networking, Windows, etc. knowledge to create sub7 with no explanation?
— Source
Rhysider himself commented that others had expressed similar skepticism. But he was only an independent journalist, and the man he interviewed seemed to present solid proof. One of the strongest bits of proof was a Rolling Stone article:
There’s a reason he sounds so weary. Mobman is a 32-year-old wizard who can hack just about anything but has to settle for a job as a network admin for an online-poker company. That’s because he’s a convicted felon, a black hat who, because of one major fuck-up as a teen, can’t get hired directly by the feds or most private companies. His story represents another hitch in the cyber-recruitment race: the brilliant hackers who’ve crossed the line earlier in life. “I’ve been in there. I know it, and I’ve done it,” he says. “That’s what you would get from me.”
Related: Is This Man the Most Hated Person on the Internet?
Like Street and the others, Mobman fits Bonvillain’s bill of being damaged and hungry. The son of a U.S. Marshall mother and an absentee father, he got A’s in schoolwork but F’s in conduct. “I was bored,” he says. “They didn’t push me.” Instead he pushed himself, writing a program that let him cheat in his favorite game, Ultima Online. Mobman just wanted to steal virtual weapons and gold to get an edge. But when the program, Sub7, leaked onto the Net, black hats around the world discovered it could be used to steal all kinds of things, including AOL accounts and credit-card numbers.
Most if not all of what Rolling Stone published above, it turns out, is not true. The self-published Medium article is more correct. Mobman was from Romania, he did not have a storied criminal past, and he certainly did not create Sub7 to cheat at a video game. In “Mobman 2,” the man impersonating Mobman struggles to answer basic questions about his location, handle, and implementation details of the code itself.
If anyone still has a doubt, they need look no further than the DarknetDiaries Reddit threads:
Here, the person impersonating Mobman finally acknowledges that he did not create Sub7.
“Hacker” vs. “Hacker Perception”
The original story of “the other Mobman” was already pretty interesting. He:
- Learned how to hack a video game
- Hacked AT&T
- Served prison time for hacking AT&T
Was this true? It could have been. But creating something like Sub7 has a mythos to it, whereas the rest of this person’s story is dismissed on the Darknetdiaries subreddit as “common exploits.” The real Mobman, in the second episode, tells a much more reserved story:
- He learned to program
- He made Sub7 as a tool, as he learned to program
- He intentionally disappeared for a while
Pairing these real-life technical skills with an extremely confident, “criminal mastermind” persona makes for a pretty good story.
Why Did The “Other Mobman” Do This?
I don’t know, but I have an idea…
Casting more judgment on the “other mobman” would be nothing new (mob mentality, if you will). I know very little about who these people are, what their real intentions were, and how moral each individual person was. Did the Mobman impersonator just want a little attention? Did the real Mobman really create this without obvious criminal intent? I am a little reluctant to even pose the questions. I have no idea.
But I think we all get a little caught up in mythos. We have a human desire to embellish accomplishments, sometimes exaggerate a story or two. It’s easy to judge someone who seemingly fabricates an entire story from nothing, but I think it just makes people feel better about their own abilities and stories.
Or…not. I don’t know.
Closing Thoughts
I have heard “the myth of the genius programmer.” This is the myth of the genius hacker. It’s not enough for the “genius hacker” to just have the right skill level — it also has to be a criminal mastermind who fits our perception of what a hacker ought to be like. Jail time? Sure. Then the hacker manages to hack from INSIDE.
The interesting thing is, that part may actually be true. But the story stands out more if the hacker first did something incredible, something no one else in the world could do, then got caught.
I am of the personal belief that genius programmers exist as well. I may even go as far as to say that I have personally met and worked with one of them. But I do think that in programming, like in any profession, we tend to have certain people who get caught up in the mythos. They think the supposed “genius programmer” has to think and act in a certain way, and it’s how we get people who start to get wrapped up in their own perceptions. They become obsessed with being perceived as hypercomptent programmers, instead of being able to just relax and focus on the thing they dedicated themselves to, to begin with.
Anyway, please read the story by Jean-Pierre. It’s so good.
