Path: gmdzi!unido!mcsun!uunet!mailrus!accuvax.nwu.edu!nucsrl!telecom-request
From: ekr...@ulysses.att.com
Newsgroups: comp.dcom.telecom
Subject: "Legion of Doom" Indictment
Message-ID: <8424@accuvax.nwu.edu>
Date: 30 May 90 16:42:21 GMT
Sender: n...@accuvax.nwu.edu
Organization: TELECOM Digest
Lines: 75
Approved: Tele...@eecs.nwu.edu
Posted: Wed May 30 17:42:21 1990
X-Submissions-To: tele...@eecs.nwu.edu
X-Administrivia-To: telecom-requ...@eecs.nwu.edu
X-Telecom-Digest: Volume 10, Issue 397, Message 1 of 12


Computer Consultant Could get 32 Years If Convicted of Source-Code Theft

Baltimore - A Middletown, Md., man faces as many as 32 years in prison
and nearly $1 million in fines if convicted of being involved in the
"Legion of Doom" nationwide group of Unix computer buffs now facing
the wrath of federal investigators.

The U.S. Attorney's Office here on May 15 announced the indictment of
Leonard Rose, 31, a computer consultant also known as "Terminus," on
charges that he stole Unix source code from AT&T and distributed two
"Trojan Horse" programs designed to allow for unauthorized access to
computer systems. Incidents occurred between May, 1988 and January,
1990, according to the indictment.

The five-count indictment, handed down by a federal grand jury,
charges Rose with violations of interstate transportation laws and the
federal Computer Fraud and Abuse Act. Rose faces as many as 32 years
in prison, plus a maximum fine of $950,000.

He is the third person to be indicted who was accused of being
connected with the so-called Legion of Doom. Robert J. Riggs, a
21-year-old DeVry Institute student from Decantur, Ga., and Craig M.
Neidorf, 19, a University of Missouri student from Columbia, Mo., also
have been indicted.

Rose's indictment stemmed from a federal investigation that began in
Chicago and led investigators to Missouri and Maryland, assistant U.S.
Attorney David King said. While executing a search warrant in
Missouri, investigators uncovered evidence Rose was transporting
stolen Unix 3.2 source code, King said. Investigators then obtained a
warrant to search Rose's computer system and found the stolen source
code, King added.

He said the Trojan Horse programs were substitutes for a legitimate
sign-in or log-in program, with a separate shell for collecting user
log-ins or passwords.

"Whoever substituted [the Trojan Horse program] could get passwords to
use the system any way he or she wanted to," King said.

The indictment was a result of a long-term investigation by the U.S.
Secret Service, and was issued one week after federal authorities
raided computer systems at 27 sites across the United States.
Investigators seized 23,000 computer disks from suspects accused of
being responsible for more than $50 million in thefts and damages. The
Secret Service at that time announced that five people have been
arrested in February in connection with the investigation.

King said he was unaware if Rose indictment was related to the raids
made earlier this month.

"We don't just go out and investigate people because we want to throw
them in jail. We investigate them because they commit an offense.  The
grand jury was satisfied," King said.

The U.S. Attorney's Office said the investigation revealed individuals
had accessed computers belonging to federal research centers, schools
and private businesses. King would not name any of the victims
involved.

Rose was associated with the Legion of Doom and operated his own
computer system known as Netsys, according to the indictment. His
electronic mailing address was Netsys!len, the document said.

The Legion, according to the indictment, gained fraudulent,
unauthorized access to computer systems for the purpose of stealing
software; stole proprietary source code and other information;
disseminated information about gaining illegal access, and made
telephone calls at the expense of other people.
    

Eduardo Krell                   AT&T Bell Laboratories, Murray Hill, NJ

UUCP: {att,decvax,ucbvax}!ulysses!ekrell  Internet: ekr...@ulysses.att.com