Podcast 8: The Iceman

Jim Brangenberg: Hey, welcome to the Digital Desperados Podcast featuring Dark Tales from the Web. Patrick McMurphy is here today to tell us our dark tale. And it’s a good one. He’s joined by Brad Hawkins, founder and CEO of SaferNet VPN. And I’m Jim Brangenberg and I’ll serve as your story guide.

This broadcast is brought to you by SaferNet VPN. You wouldn’t live in a metropolitan area without a home security system. Why would you explore the internet without internet protection? Discover SaferNet VPN, your ultimate cybersecurity solution. Defend your work, your home with ease. We offer a VPN internet controls, virus protection for businesses and families.

And we take control with 84 website filters, protecting everywhere you go. And everywhere you try to surf on the internet. Sign up now at safer net. com. That’s safer net. com. You gotta check it out because you’ll never regret it. Safer net. com.

All right, Patrick, which dark tale are you telling us today?

Patrick McMurphy: Today, Jim, we’re going to talk about one of my favorites, Max Butler, a. k. a. the Iceman. And he was known as the Iceman because of both of his cool demeanor and he used to freeze his victims assets through credit card fraud. So, you know, salt of the earth type individual straight off the bat. So the Iceman was born on the, on July 10th, 1972 in Meridian, Idaho.

He was the youngest. Not sure how many siblings he had, but he had quite a few. His parents divorced quite young, he was just 14. His father was a Vietnam veteran and he owned a computer store. And so, you know, you can imagine, look, if your father’s owning a computer store, you’re immediately exposed to the digital world.

I mean, most people wouldn’t see that as getting into hacking, but, you know, it’s there from a very early age. And so, when he was a teenager, Iceman got into the internet, bulletin boards, if either of you can remember those online, and of course, hacking. And so, he was, he was kind of a rough kid. He, I mean, this guy just had, has had a long life of crime.

So, as a kid, in high school, he stole chemicals from the Meridian High School, just for notoriety amongst his peers. But he got caught doing it. And they kind of, the courts came down pretty hard on him. He was just a kid, but the charges were malicious injury to property, first degree burglary, grand theft, and he basically got probation out of all this.

And so after this incident, Iceman was sent to live with his father, his parents, you know, as I said, they were divorced, and he continued, he continued high school here, but you can see, this is a really, you know, this, we’re not off to a good start with this dude, you know, this guy’s stealing chemicals and things.

It’s not looking good.

Jim Brangenberg: I’m just getting over the fact that Brad and I have a lot of friends in Meridian, Idaho. I’m like, is this still going on? I mean, there’s a lot of incredible companies who you deal with on a daily basis in Meridian, Idaho. We should maybe make sure they listen to this episode, Brad. I

Patrick McMurphy: think so. If they’ve ever had their assets frozen, it’s the Iceman. He almost sounds like the boogie man, the way I’m talking about him. But so the Iceman eventually went to college. Freshman year, he gets arrested for assault. So this guy’s not playing around. He tried to appeal it. It actually, the appeal failed due to procedural issues.

They didn’t basically raise the appeal in time. And so he, he gets sent to prison and it’s probably one of the few guys we’ve dealt with who gets sent to prison for a non hacking crime, right? This guy just assaulted someone. Normally we deal with people who steal, you know, X amount of .

Brad Hawkins: Well, I was just thinking that. You got a hacker that we’re here talking about being a hacker, and so far he’s been busted for stealing chemicals and for beating somebody up. So, you look at that and say, this guy’s all around not, not a healthy minded person, so.

Patrick McMurphy: Yeah, exactly. And so he gets, he gets out of the Idaho State Penitentiary on April 26th, 95.

And so at that time, Iceman, he relocates, he lives with his father near Seattle. And so he secures a few different part time jobs, mostly in technical support, because the guy is really good with computers. And at the time, he’s involved with IRC, Internet Relay Chat, which was a really, I think one of the first forms of chatroom.

It’s still kind of popular in some circles today. But he gets involved in downloading warez . And when I say warez , I mean I’m spelling it W A R E Z. Which, and warez refers to pirated software and media. Very popular nowadays, but not as popular back then. So at the time ISPs, Internet Service Providers, are looking out for people sharing any warez at all. Like, all over the country.

And so an ISP in Littleton, in Colorado detected that Iceman is uploading warez to an unsecured server. They effectively saw he was using an intense amount of bandwidth and thought to themselves who could be using that much bandwidth. And so the uploads are traced back to where Iceman was working, which were corporate offices of CompuServe in Washington.

Jim Brangenberg: Which they were a huge player back in the late 80s, early 90s. They were a huge player on the internet.

Patrick McMurphy: Right, exactly, yeah, it’s, it was crazy, and so I mean, they fire him. They fire him, you know. It’s, that’s just how it is.

Brad Hawkins: Wow, so, so what, what exactly is a warez?

Patrick McMurphy: Really Brad, these days you would be referring to it, if you were like to, these days people pirate movies, and they also might pirate software, things like photoshop, and so what happens is that You would download it off something, actually, I won’t go into how you would do it.

Brad Hawkins: Good idea.

Jim Brangenberg: There’s an instruction manual by Patrick on how to steal software.

Brad Hawkins: So, so explain.

Patrick McMurphy: In very vague terms, there’s certain websites where one could download products that you would normally have to buy with money. However, they download them illegally and then they then host them illegally so others can download from them.

It’s the same then as it was, as it is now.

Brad Hawkins: So he was not in Littleton, Colorado, but he, he got busted from downloading in Littleton, Colorado. Can you explain how that happens?

Patrick McMurphy: The ISP was, the internet service provider was in Littleton, Colorado, and saw that his bandwidth was excessive. So the ISP for a CompuServe were likely a company based out of Littleton, Colorado.

Brad Hawkins: Hmm. Gotcha.

Jim Brangenberg: Oh, but you know, just like you said, someone’s always watching as we see in this great story. How else would they know how to advertise what’s on the side of your screen? That’s what I want to know. How come when you have a conversation in your living room, all of a sudden we pull up your phone and Facebook, the ads have to do with exactly that?

No, they’re not listening at all. No, they’re not. No. So you need to stay safe. Wherever you are on the internet and SaferNet is the way to get that done. It’s an easy to use cybersecurity app on all of your devices. It keeps your business and your family protected. Experience your VPN with internet controls, virus protection, 84 website filters for a distraction free and safe online environment.

Get secured now. It’s going to change your life and it’s going to make it so you don’t ever have to worry about, should I be clicking on this link or not? Well, you probably should still be worried about that, but safer net’s going to be your back up. Safe for net. com. That’s safer net. com. Back to you, Patrick.

Patrick McMurphy: Right. So not only was Iceman fired, he was also now facing a 300, 000 dollar lawsuit from the software publishers association for unauthorized software distribution. So in a somewhat unusual move, he settled the lawsuit for 3, 500 dollars as long as he provided free computer consulting. So it’s a bit of an odd move.

Why would you settle and then get consulting off this individual? And so Iceman has this idea that he’s going to, he’s going to make it this computer security consultancy and he adopts this new alias called Max Vision. He’s a very dramatic individual. That’s part of the reason why I like him. It’s just stupid names all the way through.

So his intention here is to kind of pivot away from his past and into this white hat hacker role, focusing on defensive cyber security measures. Now, you probably know what I’m going to say next, because this did not last at all. While Iceman or Max Vision was going around fixing security leaks, he installed a backdoor on every single system he fixed.

So he could go in there for later access. The guy was just, he was relentless. Unfortunately, he kind of poked the wrong bear because he was working with one company who were a client for the Department of Defense and he decided it would be a fantastic idea to install a backdoor on a DoD system. And so due to this, the, whatever investigators they have in the DoD are there sitting at their computers and they get a pop up that says, Oh yeah, by the way, someone just installed a backdoor on one of our systems, buddy.

And so the DoD immediately find him, he gets arrested, and on the 25th of September 2000, he pleads guilty to gaining unauthorized access to Department of Defense computers. They send him for 18 months into a federal prison. And so, most people here would probably learn their lesson, right? In a federal prison.

But, you know, Iceman gets out after 18 months. He’s released in 2003. And he begins exploring Wi Fi for anonymous cyber attacks with an accomplice called Chris Aragon. And so, him and Aragon are a duo to be reckoned with, really. They actually start creating their own malware, including rewriting something called the Bifrost Trojan.

And what the Bifrost Trojan was excellent at back in the day was bypassing antivirus. Back then it was all Norton McAfee. I mean it’s still kind of, a lot of it is today, but Bifrost just strolled right past either of those applications. He also used HTML applications and capabilities on Internet Explorer, which a lot of people were still using for some reason to steal American Express credit card data.

Jim Brangenberg: Well, in 2003, Internet Explorer was like – Nobody else had anything else. I mean, there were very, there were very few options. I mean, the Google was out there then, but Internet Explorer and Google, that was it. That’s all you had.

Patrick McMurphy: There was like early Firefox. There was a couple, there was definitely, there was a few options.

Jim Brangenberg: I wouldn’t have used early Firefox. Late Firefox and even in the late 2009, 10 was still a little rough. I use it today, but anyway, sorry, I interrupted you. I know you’re getting all the really good stuff, but it’s just like. There weren’t a lot of choices. Internet Explorer, if you had a PC, it’s what you’re going to use. That’s what you had.

Patrick McMurphy: Yeah, I know, but man, I just, I could never be caught with it. Even when I was that age, not a chance. And so, what he did with Bifrost, he targets Citibank basically using Bifrost to steal credit card information. He would then funnel the PINs over to Aragon, his accomplice. And so Aragon would coordinate cash withdrawals from ATMs.

He would get blank debit cards and load up the debit cards with the numbers that the Iceman was stealing. He would go to the ATMs and basically just drain them dry.

Brad Hawkins: So, so basically, what he’s doing is every time he gets busted, he just gets more sophisticated and more aggressive in what it is that he’s trying to do.

Patrick McMurphy: Yeah, if you actually trace every time he gets arrested, when he gets out of prison, he gets more aggressive, basically.

Brad Hawkins: It’s like he’s in there saying, I got to do this better next time. And you’re giving him a timeout to analyze and figure out a better strategy.

Patrick McMurphy: I mean, if they talk about prison being for rehabilitation, it was not. It just made the guy angrier.

Brad Hawkins: Yeah, he’s super aggressive in this growth strategy. Yeah, unbelievable.

Jim Brangenberg: I think pretty sure that prisons have become a breeding ground for further criminal activity except in a few certain states, but most… prison is not a place to go and you know, just relax for several years.

Business owners, you gotta listen up. I mean, it’s criminals, search engines. They do not need to know everything you do on the internet. Safer net ensures your company’s safety with its powerful cyber security defenses like their VPN, their internet filters, their web, their website filters, their internet controls, and their antivirus.

You gotta trust safer net, get it on your computer now so you can have worry free online operations. Safer net. com that’s safer net. com. Back to Iceman.

Patrick McMurphy: Yeah, so, you know, as I was saying, Iceman, I mean, the name comes from the cool demeanor, but it’s here, you see. So when he was using the Bifrost Trojan it actually, he ended up freezing people’s assets because there was so much credit card theft involved. He was eventually arrested again in 2007 for running something called carders market.

And now, things like carders markets are very popular to this day. And what the website carders market was is that, you would steal credit cards, and you know, obviously it’s kind of hot. You want to get rid of it as soon as possible. You go to the carders market, and then you sell on that information to people.

And you have to ensure that the credit cards are working, you can’t just go in with any old numbers, or you, you, you lose your credibility. But the authorities

had found he was the guy behind it. And so what happened is that he eventually pled guilty to wire fraud for stealing close to 2 million credit card numbers.

His use of credit card details, just between him and Aragon, resulted in 86 million dollars worth of fraudulent transactions. And so, he was sentenced to 13 years in prison, which was at that time the longest hacking prison sentence in the U. S. He’s been released. He was released in 2021. He’s under five years of supervised release, and he also has to pay back 27. 5 million dollars to his victims. So right now, as we’re talking, he has three years left before he’s unsupervised. Will he go back to hacking? Without an absolute doubt, the iceman will be back freezing your credit cards. You heard it here first. .

Brad Hawkins: Wow. So obviously that’s a lucrative business. Right. To, to hack on those credit cards.

How do they get ’em?

Patrick McMurphy: Mostly through various means like the Bifrost, Bifrost Trojan, which, you know, in itself could deploy botnets, get involved in phishing. It’s really, it’s the same old story, Brad. They’re using just different methods that all, all come back to the same attack vectors.

Brad Hawkins: Hmm. So those people listening, what kind of strategies would, can you think of that would help them not give up their credit card information?

Patrick McMurphy: I would say the biggest one is phishing. It’s always going to be phishing. That is the number one cybercrime attack vector for just about anyone. You get the dodgy email about pay your bill, and you go in and all you need, or maybe you get an email about all your packages here, what you need to pay for it, can you give us 10 dollars ? And you put in your credit card information and it’s gone. It’s always going to be phishing.

Jim Brangenberg: The Post office, sending you an email going, Hey, we’ve got a package for you, but we, we can’t deliver it to you. Give us your address. And then we’re like, well, how’d they get my email address? People seriously. Or UPS or FedEx. But what I find is that I get constant emails on my hotmail account that they have real people’s names, but when you look at the email address, they’re not real people.

And so you just, I’m constantly deleting. I mean, I get 500 junk emails on my Hotmail account every day. I’m like, really? Yeah, I wasn’t born yesterday. Patrick, is there a moral to this story? You got any morals to the story? I think we should come up with a moral to the story.

Patrick McMurphy: I think the moral to the story here, Jim, is quit while you’re ahead if you’re a hacker. Quit while you’re ahead. It’s a story of, I suppose, an individual who’s been a career criminal and despite his past, he was always allowed near the sensitive computing system. It’s ridiculous that time and time again, I mean, the guy gets caught for pirating and then they’re like, okay, we’ll leave you off if you come work for us.

And then, and then they get surprised when he starts hacking them. But it kind of goes, and as well, you know, it goes to show you just never know how much cybercrime there is out there in relation to things like card theft until. You don’t know you’re a victim until, you know, your assets get frozen by the Iceman, so.

Brad Hawkins: Right, right.

Jim Brangenberg: Well, you heard it here. The internet and everything digital can have a dark side with many dark players like Iceman. It’s why you need SaferNet by your side. VPN, antivirus, 84 web filters, so much more. Listen, I’ve installed it in all of my company computers, on all of my personal computers, and It’s fantastic.

The other day I had an email and I thought it was legit. And I clicked on it and, and safer net said, yeah, I don’t think you want to go there people. And, and I just said, well, I guess this isn’t legit. So thanks to safer net for always supporting our efforts, for bringing these stories to your ears and giving them the exposure they need.

Really iceman needs to be exposed to a big hot flame. Please for your own security and the security of those you love and those you work with, check out safer net. com and get secured today. Till the next time, click only on the links you trust from those you trust and delete the rest or you may become the victim of a digital desperado.