Court documents reveal more about French’s hacker case

Posted on Monday, July 28, 2014 at 12:04 pm

The FBI’s targeting of Timothy Justin French varies with the bulk of federal prosecutions that normally materialize in Hamblen County inasmuch as the alleged crimes involve skills that generally can’t be acquired or honed in prison.

French, a 20-year-old Talbott man, allegedly ranks as a computer-hacking whiz who belonged to a band of like-minded standouts calling themselves NullCrew, according to FBI Agent Patrick M. Geahan,

NullCrew claimed responsibility for costly computer attacks on corporations, government agencies and educational institutions, according to Geahan.

Where the complex investigation intersects with commonplace, however, was French’s vulnerability to the wiles of an informant, according to Geahan.

French discussed past, present and future conquests, as well as revealed tactics for stifling law enforcement, with a man he came to trust after meeting him in a hacking-focused Internet chat room, according to the FBI agent.

French’s acquaintance flipped and shared his chat-room username with the FBI. Thereafter, French unwittingly placed himself in the disadvantageous position of allegedly discussing his crimes with an FBI agent.

The young man also left behind very detailed clues about his identity. This information, combined with alleged hacking attacks routed through a computer in Chicago from Morristown, led investigators to French’s door, according to Geahan.

French is being prosecuted in U.S. District Court in Chicago.

In the shadows, sometime

The criminal complaint against French sheds light in the murky and highly competitive world of accomplished computer “hacktivists” who operate in the utmost secrecy, yet at least in NullCrew’s case, jealously court notoriety.

“We are not LulzSEc, UGNazi, TeaMp0isoN or even anonymous,” French allegedly posted in an Internet-upload Website called Pastebin. “This is the start of something big, and it’s only just the beginning.”

French allegedly crowed on Twitter that NullCrew was the next big thing, and ample evidence exists that French wasn’t just blowing smoke, according to the criminal complaint.

Geahan does not specifically identify the entities French allegedly hacked, but NullCrew has been linked to attacks worldwide.

Their alleged corporate targets include Sony, Comcast, Time-Warner, Sharp Electronics and Bell Canada.

NullCrew members claimed they compromised the computer systems of the United Nations, the United Kingdom Ministry of Defence and Cambridge and Oxford University in England, according to published reports.

Another NullCrew member, Lewys Martin, a 22-year-old Englishman who reportedly described himself as a “crypto-anarchist” and an “anarcho-capitalist,” was sentenced to two years behind bars in 2013 for the Cambridge job.

In 2012, Martin was convicted of gaming “Call of Duty” players by illegally accessing their bank and PayPal accounts, and then selling the information to others and stashing the proceeds in a bank account in Costa Rica, according to published reports.

The criminal complaint does not allege that French made a lot of money by computer hacking, but that may or may not be significant.

Geahan indicated he knows lot more than he disclosed in the criminal complaint, and the FBI agent strongly suggested the impending federal indictment could include more details.

If French was able to profit substantially from the hundreds of e-mail addresses, passwords and other information he allegedly stole, he’s keeping quiet. French signed an affidavit of indigency, and is being represented by a federal public defender.

Too much information

French and NullCrew trumpeted their triumphs through Twitter accounts that were revered in hacktivist circles and on Pastebin. On one occasion, French forewarned an alleged corporate target, “We’re coming for you.”

They routinely communicated on CryptoCat, an online chat program that advertises itself as encrypted and unreadable by third parties. In French’s case, however, encrypted text meant little because he allegedly discussed hacking schemes with an informant and an FBI agent.

In the final analysis, French talked too much, according to the criminal complaint.

The means of thwarting police he described to the informant – using a remote computer to launch an attack – was precisely what he was doing through the computer in Chicago.

Geahan alleges that at the precise time the computer attacks occurred, French was logged into the Chicago computer, and was identified by his unique internet-protocol address in Talbott, but that’s not all the FBI has, according to the criminal complaint.

In January 2013, it came to light French had posted information about himself.

“My name is Timothy, I’ve told everyone that … My location in TN is different than what they thought,” the criminal complaint states.

The following month, French reported he had been involved in a “bad car wreck” in a 1996 Chevrolet Camaro. Driving records indicate French was cited for failure to yield right-of-way on Feb. 7, 2013 after he crashed a 1996 Camaro, according to Geahan.

The FBI agent alleges information obtained from Charter Communications also links French to the unique Internet-protocol address.

French remains in custody in the Chicago area. His detention hearing is scheduled for Tuesday.

-By Robert Moore, Tribune Staff Writer

Headlines of the Day