Inside Happy Hacker, May 3, 1999
Visit the Happy Hacker site at http://www.happyhacker.org
http://www.lpwa.com web proxy
Hide your identity from the Web sites you surf
Table of Contents
* Another win in battle for Internet Freedom of speech
* Hacker wargame news: Antionline offers prizes!
* Black Helicopter sightings
* Instructions for sending viruses and Trojans
*** Another Win in Battle
for Internet Freedom of Speech
Our thanks to Antionline.com for providing an email list server
manage our mailings. It isn't easy running an email list
when some of
the world's most notorious hackers are trying to shut us down.
for Antionline founder John Vranesevich and Antionline
and Happy Hacker
Wargame staffer Corey Gallatin for figuring our how to keep an
list server running under conditions of brutal, incessant attack.
are real heroes in our battle against those computer criminals
"hacktivists") who believe they have the right to censor the Internet.
I (Carolyn Meinel) predict that Vranesevich and Gallatin will go
history alongside with other heroes of the battle for freedom of
such as Thomas Paine, Voltaire, and Benjamin Franklin.
*** Antionline offers
Prizes in Hacker Wargame
Check out http://www.antionline.com
for how to win prizes in the Happy
Hacker Wargame. You might even win a prize just for registering
*** Black Helicopter
You may have noticed Antionline, John Vranesevich, Happy Hacker
Yours Truly (Carolyn Meinel) are often the subject of nasty stories
originating from a number of folks who are prominent in news stories
about hackers. Just in case you haven't seen about how terrible
you can learn about our supposed crimes and noxious behaviors at:
People who have put in a great deal of effort trying to convince
that I am one or more of the following: a fraud, an FBI secret
informant, someone who sells my body for crack cocaine (whooee!)
* Pete Shipley (according to a recent Upside magazine story he is
of security for top six accounting firm Peat Marwick
http://www.kpmg.com/; his hacker
gang web site is http://www.dis.org)
and who reportedly was questioned by the FBI in conjunction with
Hacking for Girliez attack on the New York Times Web site; and
the dc-stuff hacker mail list (email firstname.lastname@example.org with message
* Brian Martin, who Shipley says assists him with security projects,
who has been raided as a suspect in the Hacking for Girliez attack
the New York Times web site (Martin's hacker gang web site is
and his computer security company is
with Trident Data Systems
http://www.tds.com/, which serves
Federal Government military and
* Chris Valor (Se7en), for a long time a close confidant of Pete
Shipley, until recently a member of Shipley's Dis.org gang, and
sometimes roommate of Brian Martin, and who was recently exposed
fraud who pretended to be a hacker when he knew nothing about hacking,
and who tricked the media into reporting that he was running a
campaign against kiddie porn
* Michael Schiffman, recently laid off from his job with Cambridge
Technology Partners (http://www.ctp.com/),
and co-editor with Brian
Martin of Phrack magazine (http://www.phrack.org),
and who at one time
negotiated with C-Net TV to defend the actions of the Hacking for
Girliez gang on one of their TV programs
* Modify (real name unknown, but he tells people he is Craig Whitmore),
who represented himself as Se7en's partner in their media hoax
being a team of anti-kiddie porn hacker vigilantes, and who is
of Martin's gang
These four hacker media icons have something truly surprising in
John Vranesevich reports (http://www.antionline.com/cgi-
In 1996, the self proclaimed "subversives
expert" Fred Villella began forming a team of
hackers through "New Dimensions
International", a company which he is currently
the president of. As of this year, Villella's team
of hackers have included: Pete Shipley, Michael
Schiffman, "Christian Valor", "Craig Whitmore",
and Brian Martin. These individuals have
arguably been the biggest names in the hacker
culture, the true "head of the hacker hierarchy".
You can see these people listed as working for Villella at his web
Note Crag Whitmore is listed as
For more on Villella's past involvement in penetration of suspected
subversive organizations, see:
To see what the Federal Emergency Management Agency (FEMA) was accused
doing while Villella was the number three man there, see:
Or read the book "The Secret Government: The Constitution in Crisis"
by Bill D. Moyers, Henry Steele Commager. According to this
leaders of FEMA, in conjunction with Col. Oliver North, attempted
military coup against the United States. The publisher's
on this book reads,
Based on an acclaimed
PBS documentary, The Secret Government
analyzes the threats
to constitutional government posed by an
of spies, profiteers, mercenaries, ex-
generals and "superpatriots"
who have tried, at various times, to
take foreign policy
into their own hands.
I talked with a reporter from the New York Times about the peculiar
coincidence that several Hacking for Girliez suspects/advocates
for Fred Villella. He told me that Villella, even though
he was the
number three man at FEMA, was never more than a bureaucratic
functionary, that contrary to news reports such as those cited
Villella never took an active role in FEMA's alleged plans to track
hundreds of thousands of Central Americans and throw them into
concentration camps in the event of a US invasion of Nicaragua.
me it is ridiculous to suppose that Villella and his contractors
preparing plans to throw hackers into concentration camps in the
of a cyberwar emergency.
HOWEVER, if you want to be safe, I recommend that you unsubscribe
any hacker mail lists -- ESPECIALLY Shipley's dc-stuff, Schiffman's
Phrack, and our Happy Hacker list, and resubscribe under an email
address that is hard to trace. Examples of free, hard to
accounts may be found at juno.com and hotmail.com. When surfing
web sites, you may keep your identity secret by using anonymizer.com
try the experimental service lpwa.com.
True, you still can be tracked down if the black helicopter set
willing and able to set up sniffers or carry out search warrants
access logs from your anonymous mail and web surfing servers.
least this way you will force the US Federal government to have
hard to violate your constitutional rights.
To unsubscribe from the Happy Hacker list, email You can resubscribe with your
anonymous email account from our home page, http://www.happyhacker.org
or by emailing with message "subscribe hh".
SO WHAT'S WITH THIS BLACK HELICOPTER STUFF? If you do a Web
"black helicopter" you will turn up many references to FEMA and
"America's Secret Government." Actually I see lots of black
helicopters over my home, but that's just because I live near the
headquarters for the "Special Forces" and its black helicopters.
all about black helicopters at
Or read about black helicopters in the book:
Black Helicopters Over America: Strikeforce for the New World Order
by Jim Keith, 160 pages, $12.95 Order info at
Actually, I'm tempted to offer expensive vacation stays at my Sandia
Mountains home so people can view black helicopters from their
my deck, sun room or swimming pool. Sorry, no sky views available
the sauna. As long as we are going to play with conspiracy
may as well do it for fun and profit. Oh, yes, we have horses
square miles of wilderness for the truly adventuresome. Now
do you want
to be my friend?:^)
I don't believe that Hacking for Girliez hit the New
York Times Web site
as a federally-funded (through Villella) retaliation for the Times
providing downloads of the Starr report. It probably was
that this happened on what was shaping up to be the busiest day
Web site's history, what with all those people rushing to download
just-released Starr report on the Monica Lewinsky's salacious details
her interactions with President Clinton. There is no way
administration would make the same mistake that President Nixon
when he hired people to burglarize the Watergate headquarters of
Seriously, while the Villella thing may turn out to be just a series
amazing coincidences, I do believe it is worthwhile to research
signs of a government plan to round up us hackers into concentration
camps. During WWII all people of Japanese ancestry were stripped
their property and thrown into concentration camps. News
that Villella's section of FEMA put in a lot of effort into tracking
down US residents who where born in Central America, and had planned
throw them into concentration camps if Reagan had authorized an
Thanks to several volunteers, we now have an in-depth dossier on
Villella and his associates. I would publicly credit the
have been helping with this research, except that Villella is
threatening to bring lawsuits against anyone who goes public with
stories about him. Anyone who does want public credit, let
me know and
you, too can hear from Mr. Black Helicopter himself!
Also, there is a possibility that some of Villella's contractors
commit computer crime against people who ire them, as suggested
stories about Hacking for Girliez suspects who are Villella contractors.
So don't identify yourself as having any involvement in our research
project unless you are prepared for massive computer crime attempts.
If you would like to help us dig deeper into the Villella story,
are some areas where we need help.
* Have you attended any of Villella's seminars? Who has spoken
What would you rate the technical quality of these seminars? Is
using pretend hacker Se7en?
* We need true identities of members of Pete Shipley's gang or any
gangs that are associated with Villella.
* If you live in the Bay Area, Denver, Nashville, Northern Virginia,
Boston region, Tampa/St.Petersburg, or San Diego areas, you might
able to find out amazing things about who the Federal Government
using in its research efforts on hackers. Contact me and
I'll tell you
how to research people's criminal and civil court records.
I will be using this information in my upcoming book "Hacker Wars."
Find something significant and you win an autographed copy.
If you are
willing to face attacks by Federal contractors and computer criminals,
will credit you by name or handle in the book.
Again, let me emphasize that I am not making any accusations against
Villella. Other people, such as reporters at the New York
Washington Post, and the Nation, and a Congressional Committee
Al Gore, are the ones who made these accusations. Villella
posted something at his web site saying that he has been exonerated
all accusations made by Al Gore's former Congressional Committee
him; that he was the victim of a vast, politically motivated conspiracy.
*** Instructions for
Sending Viruses and Trojans to Me
Lots of folks try to trick me into running Trojans or viruses by
me files that they claim are something else. Actually I welcome
and try to run them so I can study them. If you REALLY want
me to run
your Trojan or virus, however, please keep in mind that I variously
many Unix varieties, Win95, Win98 and WinNT flavors of operating
systems. Since each virus or Trojan is usually only good
operating system, you will make it easier for me to run your program
you tell me what operating system it was written for. -- CM
From: Donald J Carter <email@example.com>
I wanted to comment about the Happy99.exe, the newsletter I got
was sent via a stranger, well I was sent the Happy99.exe from a
and I ran it thinking it wasn't a virus, and I have Norton Anti-Virus
5.0 and it didn't detect a virus when ran, but when I updated Norton
found the Trojan. I just wanted to say it is sometimes sen
to you from
people you know too.
From: "Spud" <firstname.lastname@example.org>
Hey. I just read this section in your last newsletter about Happy99.exe
and how people keep sending them to you hoping you will run them.
I doubt that they even know that they are sending it to you.
know how the Happy99.exe trojan works? So they probably don't even
they are sending it to you. I got infected with it a long time
I unknowingly sent it to several of my collegues before I realized
was going on. I don't know if those guys that are sending
stupid worm know how to get rid of it, but here is how I got rid
The file is usually named HAPPY99.EXE in the email or article
attachment. When being executed, the program also opens a
entitled "Happy New Year 1999 !!" showing a firework display to
its other actions. The program copies itself as SKA.EXE and extracts
DLL that it carries as SKA.DLL into WINDOWS\SYSTEM directory. It
modifies WSOCK32.DLL in WINDOWS\SYSTEM directory and copies the
WSOCK32.DLL into WSOCK32.SKA. WSOCK32.DLL handles internet-connectivity
in Windows 95 and 98. The modification to WSOCK32.DLL allows the
routine to be triggered when a connect or send activity is detected.
When such online activity occurs, the modified code loads the worm's
SKA.DLL. This SKA.DLL creates a new email or a new article with
UUENCODED HAPPY99.EXE inserted into the email or article. It then
this email or posts this article. If WSOCK32.DLL is in use
worm tries to modify it (i.e. a user is online), the worm adds
The registry entry loads the worm the next time Windows start.
Removing the worm:
3.replace WINDOWS\SYSTEM\WSOCK32.DLL with WINDOWS\SYSTEM\WSOCK32.SKA
4.delete the downloaded file, usually named HAPPY99.EXE
NOTE: You will have to disconnect from the Internet before you
some of the files, or you may even have to drop to DOS.
*** Call for Writers
From: Lee Codrington-Marshall <email@example.com>
Hi Carolyn, I'm sure you get loads of enthusiastic writers wanting
stuff for your newsletter, but due to the exact nature you are
having to turn them down a lot. Please could you send them
and tell them to look at the InfoZone
section, if they want to write for my online magazine then I'd
than happy to give them a place to speak.
The InfoZone is entirely run and edited by volunteers, of all ages
experiences, on anything to do with computers and the internet.
Or subscribe from our Web site,
Unsubscribe by sending message
"unsubscribe" to .
This is a list devoted to *legal* hacking! If you plan to use any
information in this Digest or at our Web site to commit crime,
Foo on you! Don't email us bragging about any crimes you may have
committed. We mean it.
For Windows questions, email firstname.lastname@example.org or email@example.com
For Unix questions, contact firstname.lastname@example.org.
For Macs, email Strider <email@example.com>
Happy Hacker staff: Unix editor, <firstname.lastname@example.org>;
Windows editor, Keydet89 <email@example.com>; postmasters
D. Zerulik and William Lewis <>; Hacker
Director, Vincent Larsen <firstname.lastname@example.org>; Wargame Sysadmin,
Satori <Satori@rt66.com>; Webmaster, Diode <email@example.com>;
Clown Princess: Carolyn Meinel <>
Happy Hacker is a 501 (c) (3) tax deductible organization
in the United States operating under Shepherd's Fold Ministries.
This is all a plot to save your immortal souls!