Page 084


Undergound. Go to Table of Contents.

   talking. He was there to listen.

  

   On that fateful day, Par happened to be in one of his magnanimous

   moods. Par had never had much money growing up, but he was always very

   generous with what he did have. He talked for a little while with the

   unknown hacker on Altos, and then gave him one of the debit cards

   taken from his visits to the CitiSaudi computer. Why not? On Altos, it

   was a bit like handing out your business card. `The

   Parmaster--Parameters Par Excellence'.

  

   Par had got his full name--The Parmaster--in his earliest hacking

   days. Back then, he belonged to a group of teenagers involved in

   breaking the copy protections on software programs for Apple IIes,

   particularly games. Par had a special gift for working out the copy

   protection parameters, which was a first step in bypassing the

   manufacturers' protection schemes. The ringleader of the group began

   calling him `the master of parameters'--The Parmaster--Par, for short.

   As he moved into serious hacking and developed his expertise in X.25

   networks, he kept the name because it fitted nicely in his new

   environment. `Par?' was a common command on an X.25 pad, the modem

   gateway to an X.25 network.

  

   `I've got lots more where that come from,' Par told the stranger on

   Altos. `I've got like 4000 cards from a Citibank system.'

  

   Not long after that, Steve Mathews was monitoring Altos again, when

   Par showed up handing out cards to people once more.

  

   `I've got an inside contact,' Par confided. `He's gonna make up a

   whole mess of new, plastic cards with all these valid numbers from the

   Citibank machine. Only the really big accounts, though. Nothing with a

   balance under $25000.'

  

   Was Par just making idle conversation, talking big on Altos? Or would

   he really have gone through with committing such a major fraud?

   Citibank, Telenet and the US Secret Service would never know, because

   their security guys began closing the net around Par before he had a

   chance to take his idea any further.

  

   Mathews contacted Larry Wallace, fraud investigator with Citibank in

   San Mateo, California. Wallace checked out the cards. They were valid

   all right. They belonged to the Saudi-American Bank in Saudi Arabia

   and were held on a Citibank database in Sioux Falls, South Dakota.

   Wallace determined that, with its affiliation to the Middle Eastern

   bank, Citibank had a custodial responsibility for the accounts. That

   meant he could open a major investigation.

  

   On 7 November, Wallace brought in the US Secret Service. Four days

   later, Wallace and Special Agent Thomas Holman got their first major

   lead when they interviewed Gerry Lyons of Pacific Bell's security

   office in San Francisco.

  

   Yes, Lyons told the investigators, she had some information they might

   find valuable. She knew all about hackers and phreakers. In fact, the

   San Jose Police had just busted two guys trying to phreak at a pay

   phone. The phreakers seemed to know something about a Citibank system.

  

   When the agents showed up at the San Jose Police Department for their

   appointment with Sergeant Dave Flory, they received another pleasant

   surprise. The sergeant had a book filled with hackers' names and