globalHell (known as 'gH') was an American hacker group. They were one of the first hacking groups who gained notoriety for website defacements and breaches. The combined losses caused by the group were estimated to be ranged between $1.5m and $2.5m.[1] The group was called a "cybergang" as it had many of the same characteristics of a gang and carried out the same activities as a gang, including trafficking in stolen credit card numbers.[2]
GlobalHell
Formation
February 1998; 26 years ago (1998-02)
Founder
Patrick W. Gregory (MostHateD), Chad Davis (Mindphasr)
The group was founded by
Patrick Gregory and Chad Davis in February 1998. Gregory was a member of a street gang who turned to cyberspace to escape from the gang.[8] Between 1998 and 2000, the group's membership was estimated between 15 and 20.[9]
White House Website Defacement
In April 1999, the group invaded computer systems operated by the White House, the U.S. Army, Ameritech, U.S. Cellular and several other companies. On May 2, 1999, hackers invaded the White House website and put a picture of flowered panties on its home page.[10] Along with gH, a group called 'Hong Kong Danger Duo' also took part in the White House hack.[11]
On May 8, 1999, FBI agents arrested Eric Burns, known as Zyklon, charging him with multiple felony counts of computer intrusion, causing damage in excess of $40,000. On May 9, 1999, FBI launched raids on suspected members.[12][13][14][15]
On May 27, the group retaliated for doing searches of nine of its members by the FBI by flooding the FBI Web site with thousands of requests for access. The FBI shut down the site as to not cause anymore damage to the server. A hacker named 'Israeli Ghost' took credit for the attack on the FBI’s site.[16] Over the next week, Global Hell also attacked the
Virginia Senate.[17][18] Hackers from other organizations defaced website of
United States Department of the Interior and a site run by an Idaho-based federal supercomputer laboratory. A note threatening the destruction of the computers "if the FBI doesn't stop" was posted on a site maintained by the
Idaho National Laboratory.[19][20][21][22][23] Global Hell waas not able break into classified servers.[24]
Two members of the group were willing to cooperate. Through them, they got the address of Davis (Mindphasr). On June 2, FBI raided the Davis's apartment and he admitted being a member.[25] On June 28, at 2:14 a.m., Davis gained access to the Army's website and put a message "Global Hell is alive. Global Hell will not die".[26][27] He also gained access to an unidentified Army network and modified the computer files. The website was tampered with for as long as nine hours.[28] Public access was restored within two hours of knowing. After this attack, the Army switched its website from Microsoft's
Windows NT servers to
WebStar servers running
Mac OS.[29][30][31]
Davis was arrested on August 30, 1999,[32] and he pleaded guilty on January 4, 2000. On March 1, 2000, he received a six-month jail term and three years' probation. He was ordered to pay restitution in the amount of $8,054. Davis was the first person to be arrested in this investigation.[33][34][35][36][37][38]
Burns pleaded guilty to his charges on September 7, 1999. On November 19, 1999, he was sentenced to 15 months in prison and three years' probation, plus an order to pay $36,240 in restitution to his victims. Burns was prohibited from using a computer for three years.[39]
In December 1999, Curador, a Wales-based 16-year-old member of the group reportedly compromised 26 companies, including a number of ISPs. When authorities tracked him down and confiscated his system, they found more than 200,000
Pacific Bell Internet user accounts of which 63,000 were already cracked.[40][41]PacBell, then a part of
SBC Communications, responded by asking the affected customers to change their passwords immediately.[42] Losses were estimated to be $3 million.[43][44]
The group disbanded in 1999 as 12 participants in the group have been prosecuted for computer intrusions and about 30 more have faced lesser penalties.[45][46]
On Feb 12, 2000, a hacker calling himself
Coolio redirected users from
RSA Security's website to another hacked site in Colombia on which he left a message "owned by coolio".[47] He was assumed to be a member of gH by
Reuters. But law inforcement was searching "Coolio" lived in
New Hampshire, not gH member "Coolio" who resided in
Southern California.[48][49]
In March 2000, Patrick Gregory or MostHateD, agreed to plead guilty to conspiracy to commit teleconferencing fraud and computer trespass. On March 31, he was arrested on charges of car theft and burglary by the local burglary squad. Later sheriff's department discovered that Gregory was expected in federal court. Due to his arrest, he missed an important federal court appointment where he was to plead guilty to computer trespass, telephone fraud and data theft.[50][51][52]
On April 12, 2000, Patrick Gregory plead guilty to conspiracy for "computer hacking" and "telecommunications fraud"[53]. Gregory also admitted to stealing codes that allowed him to create illegal conference calls. Those conversations were some of the most important evidence against gH members. On September 6, 2000, he was sentenced to 26 months in prison and had pay $154,529.86 in restitution.[54][55][56][57]
Members
Patrick W. Gregory or MostHateD – Leader of the group. He was sentenced to 26 months' imprisonment and three years' supervised release. He received a reduced sentence for identifing other group members.[58][59]
Chad Davis or Mindphasr – Davis admitted to being a member of Global Hell and cracking into a number of other websites. He was ordered to pay restitution to the U.S. Army and serve six months in prison, followed by three years of supervised release and was required to receive approval to use the Internet.[60][61][62][63]
Eric Burns orZyklon – pleaded guilty for defacing the White House website
John Georgelas – He was a minor during the crackdown and was therefore not charged for his involvement. In 2006, sentenced to prison for unrelated cybercrime.[64][65]
ne0h – A Canadian hacker, featured in Kevin Mitnick's book, "The Art of Intrusion".[66][67]
Jason Allen Neff or Cl0pz – He avoided charges at the time. He later become a member of a gang of swatters under the name “CrazyJ”. He was also known as "Cl0pz420". He was also a member of
Milw0rm, 'partylinegaga' and other computer hacking and phreaking groups. He was arrested in 2011 for Swatting Conspiracy.[71][72]