DOCUMENT: Internet, Crime

FBI Probe IDs Conde Nast "Hacker"

Fashion-obsessed student had home raided by feds

Conde Nast "Hacker"

View Document

Conde Nast Documents

DECEMBER 20--An FBI investigation has identified a fashion-obsessed Ohio man as the person who last year illegally gained access to a Conde Nast computer system and downloaded photos and pages from upcoming magazine issues which he then posted to his blog, The Smoking Gun has learned.

The FBI probe resulted in a raid earlier this year at the Ohio home of Ross Ulrich, a 22-year-old community college student. In a TSG interview, Ulrich said that he confessed to agents as they executed a search warrant at his family’s Columbus residence.

The graphic design student said he also copped to accessing a Warner Bros. server holding images and clips from a variety of movies in production, as well as the computer systems of ad agencies and other magazine publishers.

Ulrich told TSG that he believed federal investigators have not yet made a decision whether to charge him in connection with his downloading of more than 1100 files from the Conde Nast system. He said that a federal prosecutor in New York was “supposed to give me a court date,” but that he has not heard from government investigators in several months. Ulrich is seen above in his Facebook profile picture.

Asked about his motivation for accessing the Conde Nast system, Ulrich claimed that it was simply to obtain images that he could be the first to post online. He added that many bloggers and fan sites compete to publish images from paparazzi agencies and fashion photo shoots. The higher res the better, Ulrich noted. On his MySpace page, Ulrich lists his "heroes" as fashion photographers Bruce Weber, Steven Klein, and Mario Testino. As for favorite books, he wrote, “Does FLAUNT Magazine count?” Another online profile lists "Bitch is trippin'" as a favorite quote of Ulrich, who often uses the online handle "r0b0tj0n3z."

While Ulrich said that a black market exists for the purchase of passwords that allow entry to the web sites of large photo agencies and publishers, he contended that he did not pay to gain access to the Conde Nast and Warner Bros. systems. Instead, Ulrich said, he discovered via a Google search a list of compromised servers that had been posted online. This list of FTP addresses and related passwords allowed Ulrich to spend time “poking around,” he said, “without having to brute force anything.”

Ulrich recalled that during one of his Conde Nast forays he discovered the December 2009 cover of W featuring Demi Moore. He quickly uploaded the unpublished image to The Fashion Spot, a style site where Ulrich was a frequent commenter in the invitation-only forums. The image of the W cover lasted only a few hours before Conde Nast demanded that it be removed, recalled Ulrich, who listed interests of “trends, models, beauty” on his The Fashion Spot profile page.

Ulrich then opted to post his purloined images on FashionZag, which he opened on Google’s Blogger platform.

Conde Nast learned last November that its computers had been compromised when pages from upcoming issues of several publications--including GQ, Vogue, Lucky, and Teen Vogue--began appearing on FashionZag. Those images--which included the entirety of GQ’s December 2009 issue--quickly began appearing on other sites.

An internal Conde Nast investigation revealed that one of its computer systems had been accessed repeatedly over a three-month period by a user who downloaded files from a wide array of the publisher’s titles. A subsequent copyright lawsuit filed by Conde Nast disclosed that the unauthorized access came from a single IP address. Ulrich was later tied to that IP address after subpoenaed records from an Internet service provider revealed that it was connected to an account in his father’s name.

Ulrich told TSG that he agreed to pay Conde Nast $12,500 to settle the firm’s copyright claim.

Court records show that Warner Bros. also filed a federal lawsuit last year after the firm discovered that its servers had been improperly accessed and that copyrighted images had been copied. The IP address from which the film company’s servers were accessed was identical to the one logged by the Conde Nast system. At the time Warner Bros. and Conde Nast filed their respective lawsuits, they were unaware of the intruder’s identity, and named “John Does” as defendants.

Ulrich told TSG that he has not paid Warner Bros. damages, and believes that the film company had decided not to further pursue its civil action.

Noting that while he once subscribed to Vogue and several other Conde Nast titles (and was a “starred” commenter on The Fashion Spot), Ulrich said his legal troubles have impacted his enthusiasm for such things. “I’m kind of over it,” he said, adding that he hoped federal investigators realize that he has learned his lesson. (4 pages)

Comments (2)

Lesson to be learned: use a bouncer to connect to any compromised FTP server. There's plenty of countries that don't play nice with the U.S, which forces them to break laws if they really want to find you. He should have been using pftpfxp-mew!
Why someone would do something so risky for something so pointless is beyond me.