AlterNIC's Hacker Pleads Guilty

Welcome Guest. | Log In| Register | Membership Benefits

March 20, 1998 (12:00 AM EST)

By John Borland,

Eugene Kashpureff, the domain name system hacker who successfully rerouted millions of Web users last year, pleaded guilty to federal charges of computer fraud Thursday.

As part of the plea, Kashpureff admitted causing damages of only $15,000, considerably less than the "hundreds of thousands of dollars" in damages cited in original charges, one of his attorneys said.

"This gives the court the opportunity to sentence Kashpureff relatively leniently if it chooses," said New York attorney Andrew Grosso, who had been assigned by the federal court as a consultant to Kashpureff's federal defender. "The range [of possible sentences] involved is such that the court could sentence Kashpureff to probation."

No sentencing date had been set as of Friday morning, Grosso said.

The charges stemmed from Kashpureff's actions last summer, when he took advantage of flaws in the domain name system to reroute all Web traffic headed for Network Solutions' InterNIC (http://www.internic.net) page to his own AlterNIC page. Net users attempting to register domain names with Network Solutions (http://www.netsol.com) during four days in June were instead presented with a message reading, "By redirecting the domain name internic.net, we are protesting the recent InterNIC claim to ownership of '.com,' '.org,' and '.net,' which they were supposed to be running in the public trust." A link on the substitute page led back to the real InterNIC.

Kashpureff repeated the hack, which he called "DNS Storm," for another three days in August.

The Web traffic reroutes were only a part of Kashpureff's protests against Network Solutions' government-granted monopoly on domain name registration. His AlterNIC company was founded to register alternative top-level domains such as .ltd, .med, and .sex, which were accessible through his own domain name servers, but not universally available on the Web.

Shortly after the two hacks, Kashpureff publicly admitted his responsibility. Network Solutions promptly sued him, but he settled the case with an apology, an explanation of how he had pulled off the hacks, and a promise to pay the company $5,000 in damages.

Despite this settlement, the Federal Bureau of Investigation viewed the hacks as a serious case of federal computer fraud and pursued the case on its own. In September, the FBI obtained a warrant for his arrest. After an investigation lasting several months, they located him working in Toronto, where Canadian police arrested him on Oct. 31. Kashpureff subsequently spent 55 days in Canadian jails while U.S. officials sought his deportation.

As part of the plea bargain, Kashpureff and the government agreed he had been responsible for "unspecified" damages in the amount of $15,000, Grosso said. This figure is far below that cited in the original federal complaint, which attributed losses of "hundreds of thousands of dollars" to Network Solutions, and said Net users experienced "confusion, frustration, and immeasurable economic harm" as a result of the hack.

"This is an absurd case of overkill," Grosso said. "I don't believe the government adequately investigated this case before the complaint was issued."

The self-described "webslinger" faces a maximum jail sentence of five years and a maximum fine of $250,000.