Guilty plea in Kinko's keystroke caper

Raked in 450 online banking passwords


If you used a computer at a Kinko's in New York City last year, or the year before, there's a good chance that JuJu Jiang was watching.

The 25-year-old Queens resident pleaded guilty in federal court in New York last week to two counts of computer fraud and one charge of unauthorized possession of access codes for a scheme in which he planted a copy of the commercial keyboard sniffing program Invisible KeyLogger Stealth on computers at thirteen Kinko's stores sprinkled around Manhattan.

For nearly two years ending last December, Jiang's makeshift surveillance net raked in over 450 online banking passwords and user names from hapless Kinko's customers, according to the plea. He would use victims' financial information to open new accounts under their names, and then siphon money from their legitimate accounts into the new, fraudulent ones.

According to court records, the caper began unraveling last October, when Jiang had the bad luck to use a stolen GoToMyPC account to remotely control a victim's home computer while the victim was sitting in front of it. The victim, unnamed in court filings, watched as the PC's cursor began moving of its own accord, riffling through files, opening a browser window, and then establishing an account with online money transfer site Neteller.com under the victim's name. The victim had logged into the machine through GoToMyPC from a Kinko's on Seventh Avenue a few days earlier.

GoToMyPC's access logs captured Jiang's IP address, and after a brief investigation, the U.S. Secret Service raided the apartment Jiang shared with his mother in Queens. They seized books on hacking, a laptop computer and four desktop machines from Jiang's bedroom. Under questioning, Jiang, admitted sniffing passwords and usernames from Kinko's machines and selling them over the Internet, according to a Secret Service affidavit filed in the case.

Two months later, while free on bail, Jiang got caught planting another keyboard sniffer at a Kinko's on West 40th Street in New York.

The plea is silent on how much Jiang made from the scam, and prosecutor Joseph DeMarco said he couldn't answer questions about the case. The only financial losses that Jiang admitted to last week were $5,000 in "damage" caused to Kinko's computers by his installation of the surveillance software -- a stipulation that satisfies the minimum statutory requirement for a computer fraud conviction. Jiang also pleaded guilty to two criminal copyright violations for auctioning Microsoft software that was not meant for resale.

Jiang's attorney, Louis Freeman, told a judge that his client was undergoing a psychiatric evaluation, and that Freeman plans to use the results to ask for a reduced sentence. Reached by telephone, the lawyer declined to elaborate.

A Kinko's spokesperson said the company tries to make customers aware of the risks of entering personal information and data on publicly accessible machines, but would not discuss what security measures they take, or comment on whether the company made any changes as a result of the Jiang case. At least some Kinko's stores have warning placards next to every public workstation.

Last year, Kinko's security measures became an issue in the pre-trial arguments in the Zacarias Moussaoui terrorism prosecution. Defense attorneys sought information on Moussaoui's 2001 use of a public access PC at a Minnesota Kinko's store, but were foiled by what the FBI said was Kinko's national policy of completely reimaging public access machines on a weekly basis. It's not clear how that policy squares with Jiang's success; one possible explanation is that Jiang visited the 13 Kinko's frequently enough to retrieve the stored keystrokes before they were wiped out, and then re-installed his loggers afterwards.

Sold by San Francisco-based Amecisco for about $100 a copy, Invisible KeyLogger Stealth is a kernel mode keyboard sniffer that hooks Windows system calls to prevent users from seeing the program. Some anti-spyware products -- like Spydex's Advanced Anti- Keylogger -- can detect IKS through its growing keystroke logfile.

In an e-mailed statement, Amecisco's director Leon Yan said the company strongly condemns illegal use of its surveillance software. "Our intended audiences are authorized system administrators and parents," Yan wrote. "And I can give you examples after examples of parents [who] wisely used this tool to help with their children."

Jiang is in custody at New York's Metropolitan Correctional Center pending sentencing. A sentencing date has not been set.

© SecurityFocus logo

Related stories

Keylogging student charged with massive ID fraud
Mafia boss jailed in FBI keyboard bugging case
FBI chief Mueller lied to Senate about key-logging


Other stories you might like

  • Firefox kills another tracking cookie workaround
    URL query parameters won't work in version 102 of Mozilla's browser

    Firefox has been fighting the war on browser cookies for years, but its latest privacy feature goes well beyond mere cookie tracking to stop URL query parameters.

    HTML query parameters are the jumbled characters that appear after question marks in web addresses, like website.com/homepage?fs34sa3aso12knm. Sites such as Facebook and HubSpot use them to track users when links are clicked, and other websites like YouTube use them to enable certain site features too.

    On June 28, Firefox 102 released a feature that enables the browser to "mitigate query parameter tracking when navigating sites in ETP strict mode." ETP, or enhanced tracking protection, encompasses a variety of Firefox components that block social media trackers, cross-site tracking cookies, fingerprinting and cryptominers "without breaking site functionality," says Mozilla's ETP support page.

    Continue reading
  • Old school editor Vim hits version 9 with faster scripting language
    All of the famed user-friendliness and ease of use, but 'drastically' better performance

    Old school editor fans, rejoice: some two and a half years after version 8.2, Vim 9 is here with a much faster scripting language.

    Vim 9 has only a single big new feature: a new scripting language, Vim9script. The goal is to "drastically" improve the performance of Vim scripts, while also bringing the scripting language more into line with widely used languages such as JavaScript, TypeScript, and Java.

    The existing scripting language, Vimscript, remains and will still work. Only scripts beginning with the line vim9script will be handled differently. The syntax changes are relatively modest; the important differences are in things like local versus global variables and functions, and that functions defined with :def will be compiled before they are run. This allows many errors to be caught in advance, but more significantly, compiled functions execute from 10× to 1000× faster.

    Continue reading
  • Iceotope: No need to switch servers to swap air-cooled for liquid-cooled
    Standard datacenter kit just needs a few tweaks, like pulling off the fans

    Liquid cooling specialist Iceotope claims its latest system allows customers to easily convert existing air-cooled servers to use its liquid cooling with just a few minor modifications.

    Iceotope’s Ku:l Data Center chassis-level cooling technology has been developed in partnership with Intel and HPE, the company said, when it debuted the tech this week at HPE’s Discover 2022 conference in Las Vegas. The companies claim it delivers energy savings and a boost in performance.

    According to Iceotope, the sealed liquid-cooled chassis enclosure used with Ku:l Data Center allows users to convert off-the-shelf air-cooled servers to liquid-cooled systems with a few small modifications, such as removing the fans.

    Continue reading
  • Gartner predicts 9.5% drop in PC shipments
    Stark contrast to 11 percent increase year-over-year in 2021 shipments

    The party is over for PC makers as figures from Gartner suggest the market is on course for a breathtaking decline this year.

    According to the analysts, worldwide PC shipments will decline by 9.5 percent, with consumer demand leading the way – a 13.5 percent drop is forecast, far greater than business PC demand, which is expected to drop by 7.2 percent year on year.

    The PC market in the EMEA region is forecast to fare even worse, with a 14 percent decline on the cards for 2022. Gartner pointed the finger of blame at uncertainty caused by conflicts, price increases and simple unavailability of products. Lockdowns in China were also blamed for an impact in consumer demand.

    Continue reading

Biting the hand that feeds IT © 1998–2022