firedocs media/politics article

Section: 39 Ways to Recognize A Cult When You See One


This is truly one of the most bizarre emails to come across my computer in awhile. Puts a rather bizarre spin on "The 39." Better yet, it warns anybody who visited the Heaven's Gate computer site that they might have an ActiveX-based "virus." If this is a myth, it's a well-woven, fascinating story.


Date: 97-04-01 18:18:41 EST

From Russian sub-Internet:

Who is to blame in death of the members of the Haven's Gate cult? The government of the former Soviet republic of Moldova and ... Microsoft, some people may say.

It has been announced today in Moscow, Russia, that a Ukranian hacker Grigorij Kislodrischenko broke into the computers of the cult some time ago, and spoke with the cult members as the captain of the alien ship trailing the comet. He appearantly convinced the cult members in his extraterrestrial identity by demonstrating them his total control of their computer as a manifestation of his extraterrestrial powers. He interrupted execution of local programs and began speaking with them in a robotic voice, synthesized by the computer. He opened a new window at his own will and sent voice and visual information to the cult members, and engaged in prolonged mystical coversations with them. When the cult members argued with him and did not follow his instructions, he shut down their computer, deleted important files and even altered their credit card bills and bank statements to demonstrate his total control. He claimed that his civilization had solved many famous mathematical problems supposed to be unsolvable on earth. As an example, he "demonstrated" how he can break unbreakable security codes. He asked the cult members to encrypt messages using PGP-compatible encryption software or built-in encryption capabilities of Microsoft web browser (SSL encryption protocol) and then read their messages back to them. Before long, the cult members had been convinced.

All these began when a cult member, browsing the web sites of like- minded, visited an ActiveX-enabled site and permitted an "applet" to his computer. Appearantly, finding a yet another security hole in ActiveX, Mr. Kislodrischenko managed to sneak in a Trojan horse and hijack the cult's computer network. Having a sniffer, that was monitoring everything that was going on inside the computer, it was not difficult for him to "decipher" any encrypterd messages, steal cult members' credit card and bank account numbers, etc.

It is not clear if Mr. Kislodrischenko had evil intents from the very beginning, or initially it was just another hacker's prank, but after a while he realised that his ability to intercept credit card numbers of Americans could bring him a lot of money. However, being a resident of Dnepropetrovsk, he needed accomplicies in America. And he found them in the cult members. There were not too many Americans who visited his own web site hosted by an ISP in Moldova. So, reportedly, Mr. Kislodrischenko put his ActiveX applet into the cult's web site, that brought him much more potential victims. Soon, he began breaking into computers of other Americans, but instead of telling them tales about eternal life, he "merely" stole their passwords and account numbers. It is not clear how much money he managed to steal this way, but appearantly, many millions dollars. Mr. Kislodrischenko left some money to the cult members, which explains how they manage to pay for their luxurios mansion in San Diego.

After months of successful operation something went wrong and Mr. Kislodrischenko decided to close the shop. However, he was either reluctant to leave 39 potential witnesses of his crimes or they hindered the final transfer of the stolen money. Anyways, he decided to kill them. So, he convinced the cult leader that he had cancer and persuaded the cult members to leave their "containers" and move to his space ship.

His scheme however has not ended with the mass suicide, there are indications that it only expanded. Thousands or even millions curious Americans visited the cult's web site and many of them were infected by the hacker's ActiveX applet. Mr. Kislodrischenko is at large and the Ukranian and Russain authorities were able to recover only tiny bits of the files he left in his PC after fleeing. Most of the files are encrypted, and will never be recovered, unless the hacker is caught and surrenders his private key. However, it is expected that it will be possible to create an anti-virus-like program that will scan the affected computers for the signs of Mr. Kislodrischenko's "applet". Two Russian and one Israeli software companies have already announced that they will begin selling such utilities within days.

Meanwhile, an extreme caution is advised in visiting the sites that might be infected from the contact with the Haven's Gate site. It is not yet clear if the "applet" can spread as a virus.

Since Mr. Kislodrischenko is not arrested, the reletives of the dead could attempt to seek damages from the government of Moldova who harbored a growing industry of sophisticated computer and telephone hackers and may be even from Microsoft, because the security deficianses in its ActiveX technology made all these possible. It might be expected that Sun Microsystems will announce on the press conference on the April 1, that if its Java had been used instead of ActiveX, such a security breach would not be possible and the 39 lives and millions of stolen dollars would be saved.

Sergei Burkov, Ph.D.

e-mail: bilbo@bilbo.com


Return to 39 Ways to Recognize A Cult When You See One

firedocs main menu