top of page

Kingpin
Kevin Poulsen

(5/26/22-5/29/22)

JN:
     (Side note to begin: Kevin Poulsen, the author, was a black-hat hacker who faced several years in prison before turning his life around and becoming a journalist. Now onto the story in media res) Returning to his safe house, Max Butler, codename Iceman, decided to cause chaos among black-hat hackers and law enforcement alike in 2006 by destroying multiple criminal sites and forcing everyone onto his new site, Cardersmarket.com. 
     (Now to his childhood) Max's father was into computers, an interest which rubbed off onto Max at a young age and something he spent his childhood doing. Following his parents’ divorce while Max was in high school, Max became much more troublesome. One night, after one of his computer geek friends found the master key to the school, Max committed mass vandalism and was charged as a minor. As high school came to a close without any more major incidents, Max decided to follow his girlfriend at the time to Boise State. Max's passion for computers was still in full power, and while the internet was still pre-web (no web browsers), he became intrigued by a server called TinyMUD, which hosted online Dungeons and Dragons where users could create what they wanted. Through this, Max's girlfriend began to see his darker side, and she eventually broke up with him, causing a lot of tension between them to the point where Max choked her. For his crime, he was sentenced to five years in prison for assault with a weapon (since that deadly weapon was his hands). 
     Years later, Max got out of prison, moved in with his father, and tried to turn his life around by getting a job, but was fired less than a year later after he was caught hacking his company’s files. So, to reinvent himself, he changed his last name to Vision and moved to Silicon Valley where his old friends had a place. While he was in prison, the internet had changed massively with the creation of the World Wide Web. At his friend’s programming house, called Hungry Manor, Max did computer jobs here and there and was eventually found by an FBI agent who wanted to use him to catch cybercriminals. At this point, Max became a white-hat hacker (someone who hacks for good), and while he still meddled in some curiosity hacking, he didn’t commit any crimes. After the Hungry Manor was reclaimed by its owners, Max moved to San Francisco to work as a penetration tester, hacking companies and telling them their network’s weaknesses for a paycheck. He also married his girlfriend, Kimi, and truly moved past his troublesome teenage years. Unfortunately, his darker side still existed.
     A few weeks later, a hole was discovered in the Linux security system, which almost every computer used at this time. Knowing that someone was bound to exploit this, Max decided to exploit it himself by entering servers and clogging the hole, essentially helping them from someone else’s harm. There was a catch though, Max could continue to enter their servers. Over the next five days, Max hacked into a multitude of government servers, including several from the Navy and Air Force. The feds eventually caught up to him and offered him a job to atone. His first mission entailed stopping a phone phreaking group (phone phreaking is essentially just breaking into a phone network), to which Max accomplished with little problems. The next one involved reporting on a hacker group at DEF CON (a hacking conference that happens each year), but Max had some grievances in following through with this (he was betraying whom he believed to be people like him). As he learned more and more about this group and their hacking, he began to rethink his decision to help the feds at all. After missing a few meetings, the feds gave him one final chance, to betray a man known online as Digital Jesus and whom Max considered to be a friend. True to his fellow hackers, Max didn’t follow through with this, so the feds dropped and prosecuted him. While Max waited to be properly indicted, he continued his pursuit of white-hat hacking and created a program called arachNIDS, which protected against cyber intrusion and traced the intruder. Then, in March of 2000, the FBI came for Max, and he pleaded guilty. When the trial came, many companies, friends, and fellow hackers spoke on Max's behalf, but the judge made an example out of Max, sentencing him to eighteen months in prison and three years of supervised internet use. 
     In prison, Max met a scam artist named Jeff Norminton and made plans with him once they were released in prison. Also in prison, Kimi divorced Max, leaving him without any ties to family. When Max finally was released from prison, he tried to get an honest job and do honest work, but his reputation was too damaged. With no money and living off of his old pals who struck it rich, Max decided to commit to the plans he made with Jeff. Jeff introduced Max to a man named Chris Aragon, who provided information and clientele. After a period of hacking vulnerable sites and exploiting data, Jeff ran off without a trace. Despite this, Chris and Max continued their criminal alliance. Around this time, two sites, CarderPlanet and ShadowCrew, became the leading sites in the online black market and sold pretty much everything anyone could want except for child pornography (at least there is some dignity). 
     After finding the site, Chris dove into a particular form of credit card fraud called dumping in which he purchased credit card information, including the CCV (the silver slip on the back of credit cards and the three digits that are associated with it). Max's side of the plan involved getting these dumps from other carders - stealing credit card information that was already stolen. Then, Max would deliver these to Chris, who would create physical replicas of the credit cards. Several girls that he hired would then buy purses using the credit cards, and then Chris's wife would sell the purses on eBay (the credit card companies would end up paying for this). Chris paid Max $10k a month for his troubles, and Max enjoyed being paid steadily for his services, especially with his new girlfriend, Charity. With most illegal operations, however, the feds found out about the operation. The feds searched Chris's place and Max's place, but found nothing as Max hid everything before they arrived. Nonetheless, they managed to arrest Chris after he used several fake cards.
     Worrying that Chris's arrest would get Max caught as well, he began to go into business for himself. Instead of buying purses with credit cards, Max simply extracted money from ATMs. This practice didn’t last very long as ShadowCrew and CarderPlanet became infested with feds. The leader of CarderPlanet, King Arthur, got out just in time with all of his rewards, but many in ShadowCrew weren’t as lucky as many leaders faced indictments in an operation known as Operation Firewall. With the downfall of the sites, Max kept mostly quiet in his hacking and relied on stealing stolen dumps and giving them to Chris and Chris's apprentice, a young man named Giannone, for money. In place of the sites remained smaller tribes of hackers. Max didn’t trust any of these smaller groups, so in 2005, he created his own site: CardersMarket. 
     He put the site out of some unknown Florida server and put himself as admin under the username Iceman. Then, he hired several co-admins including Giannone and Chris. All that Max needed was a Russian translator so that they could delve into the Russian market, and Chris found one named Tea, who went by Alenka. Hot on Max's trail was an FBI agent named Keith Mularski, who joined the FBI’s cybercrime wing. By creating a fake person and creating a profile to go along with it, he began joining various criminal sites under the username Master Splyntr. One such site that came under Keith's radar was CardersMarket. While he continued his undercover duties, another user, el mariachi, grew suspicious that the entire site was a sting operation by the feds, and worked to get the site pulled down. The feds did indeed have an inside guy, one of Max's admins, who they persuaded to be an informant. This proved to not be useful as Max caught his scent and removed him from the site. Despite the many wasted resources, the feds learned Giaonne’s name. 
     (Returning to Max) Max developed a system that hacked into restaurants' servers that would reward him with many drops each day, to which Max would then sell on CardersMarket under another alias. At the same time, el mariachi publicly accused the site of being a sting and got it  temporarily kicked off. After Max rebutted as Iceman that since he wasn’t doing any business as Iceman, the site was being used purely as a forum and thus was not responsible for what occurred on it (platform versus a public forum). He then hacked a server in Iran and proceeded to host the site there. With bigger plans in mind, he hacked into his four rivals’ sites, wiped their databases clean, and transferred all their information to Max's servers. While their main rival, DarkMarket, was able to get back up within a couple of days using a backed version, the damage was done to the rest, and CardersMarket grew tremendously. All the while, Keith snuck into the site, becoming known to Max when he complained about the site, Max's action in overtaking the other sites, and JiSli, the leader of DarkMarket. 
     Engaged in a war for competition, Max continually attacked JiSli’s site, presenting an opportunity for Keith to offer his services to secure JiSli’s site. Receiving permission to access the site, he used the FBI’s resources to protect the site from Max's Denial of Service attacks (DDoS) by expanding the server. Unbeknownst to all of this, Max continued running his site day and night, increasingly eager to drop his partnership with Chris out of fear of getting caught. 
     One day, he received a tip from a fellow user that someone from DarkMarket was connected to the government, and after some digging, found out about Keith. Unfortunately, the bias that Max was known to have against DarkMarket trumped the evidence, so Keith remained innocent in everyone’s eyes (close call). Some further good news, Keith learned from another law enforcement agent about Max's second account, Digits, which Max used to do business with CardersMarket, and from this Keith learned how Max got all of his dumps. He also set up an operation that got Matrix001, one of DarkMarket’s founders, arrested. He did all of this while tending to the normal affairs of being an admin for a criminal cyber enterprise, which included banning people who weren’t trading honestly, addressing complaints, and doing his own drops which were paid for by the FBI. He still had one main problem, and that was Max, as he had no idea who or where he was. That was also true for a man who went by the username Maksik. He was the largest dump vendor, the second being Max, and contributed to the 45 million dumps stolen from TJX stores in July alone of 2005. Both had incredible encryption that hid all the contents of their crimes, so even if the feds arrested Max, they couldn’t charge him with much. Still, Max was rightly wary about DarkMarket being run by a fed, so he had Iceman retire from the site and moved safe houses, although he still used the site under a new alias, Aphex. 
     In 2006, Giannone was arrested for selling dumps and after being sentenced to five years, spilled what he knew about Max, particularly that he hung out with Chris. The feds followed this lead until they found him. The only issue that remained would be finding him without letting him know that he was being sought after or he could get up and flee. Before they went after him, they arrested Chris after he made more illicit purchases. The state police proceeded to arrest his wife and begin their investigation, leading to the largest identity-theft bust in Orange County history. In the wake of Chris's arrest, Max drastically distanced himself from CardersMarket and tried to turn white hat. It was too late for him, and on September 5, 2007, FBI agents stormed through Max's door, arrested him without bail, and took him to Pittsburg. They knew about his eventual attempt to escape because he told one of his most trusted moderators who just happened to be another agent (there’s one problem with anonymity, especially while committing crimes online with strangers). Online rumors begun mostly by two more undercover agents, were spread that Iceman was a snitch. 
     Keith continued to run DarkMarket, which grew without a solid competitor, and his work led to 54 arrests. In 2008, he announced that he was closing the site, and shortly after doing so, his real identity was exposed. All that was left for him was to return to normal work, which in part included Max's investigation. All of his 5 terabytes of data had been decrypted, so Max could hide nothing. All in all, Max was responsible for 1.1 million credit cards stolen, worth around $86 million stolen. In prison, Max showed remorse for his actions and the judge sentenced him to thirteen years in prison, the longest US sentence for a hacker thus far (a Russian hacker was sentenced in the US to 27 years in 2017 for $170 million in damages). In the aftermath of it all, large English-speaking sites, such as CardersMarket or DarkMarket, cease to exist on such a public domain, and while credit card fraud and these dumps received at point-of-sale ends continued to exist, the companies decided it was cheaper for them to pay the loss than investing in new technology. In prison, Max sought to continue hacking, as he knew he couldn’t let it go, but this time he yearned to work for the government and become a white-hat hacker. (Max was released from prison in 2021 and will be under probation until 2026. And that’s the end of the story of Max's entrance to the hacking world and his inevitable demise from the leader of the largest illegal card vendor site. Thank you for reading and if you are planning on hacking, please do it legally.) 

bottom of page