• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Hospital Hacker GhostExodus Owns Himself – Arrested

July 2, 2009

Views: 48,063

This story actually gave me a lot of LULZ, how stupid can you be seriously? Man this guy made so many mistakes for someone so paranoid (he had a web cam setup outside his appartment door so he could see who was coming)..

But then he exposed his IP address on IRC, posted his face on some freaky vampire site and posted up screenshots of the HVAC system he ‘owned’ on a forum.

He wasn’t exactly making it hard for someone to find him..especially seen as though he actually WORKED IN THE HOSPITAL.

The leader of a malicious hacker collective who used his job as a security guard to breach sensitive Texas hospital computers has been arrested just days before his group planned a “massive DDoS” attack for the July 4 Independence Day holiday.

Jesse William McGraw, 25, of Arlington, Texas, was taken into custody late Friday evening after posting screenshots showing he had complete control of computers that administered air-conditioning systems at The Carrell Clinic in Dallas, federal prosecutors said. McGraw also brazenly posted videos showing him installing malware on hospital computers that made them part of a botnet he operated, said a network security expert, whose sleuthing uncovered the breach.

As a contract security guard at the hospital, McGraw had no authorized access to any of its computers. But that didn’t stop the miscreant, who went by the handle GhostExodus, from taping himself as he walked down the halls of the hospital with a blue security guard uniform poking out through a gray hoody, as he bragged about gaining control over sensitive computers.

If there was ever an original script kiddy, I think this guy fits the bill perfectly.

Seems like his l33t hacking skills extend to walking into rooms he has access too (with a security card), and taking some screenshots!

Or perhaps even sometimes he booted in with BackTrack and reset the passwords.

“It’s a unique mindset among these hackers,” said Wesley McGrew, a 29-year-old network PhD network security researcher at Mississippi State University. “It’s all about respect and fame and the respect of their equally weird peers.”

According to McGrew and federal prosecutors in Dallas, McGraw was the leader of a hacker gang known as the Electronik Tribulation Army. He had recently posted videos admonishing fellow hackers to carry out a “massive DDoS,” or distributed denial of service, attack on July 4, a date he called “Devil’s Day”. While the target and other details of the attack are unknown, the investigators are taking the threat seriously because McGraw, prior to his arrest, had tendered his resignation as a security guard job effective July 3.

According to court documents, hospital officials had experienced problems with their HVAC, or heating, ventilation and air-conditioning, units and were perplexed why none of the system alarms had gone off as programmed. Had they seen screenshots posted here by someone calling themselves GhostExodus, they would have known why. They images showed the HVAC control window for the hospital’s surgery unit. A test alarm setting was turned to “inactive.”

“You almost can’t help it ya know,” GhostExodus writes. “It must be done!”

Yah you just can’t help messing with the critical HVAC system of a hospital YOU TOOL. What is the point of that anyway, other than bragging rights (which will only impress other script kiddies).

Who knows…I guess if he had any real skills he wouldn’t be working as a security guard and he’d actually be using his talent to make some real bank.

Oh well, good luck to you I say GhostExodus.

Source: The Register

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Hacking News, Legal Issues, Malware Tagged With: botnet, ddos, dos, malware



Reader Interactions

Comments

  1. nubanx says

    July 2, 2009 at 1:45 pm

    its this kind of BS that gives the “label” hacker a bad stigma.

    h4cktivism carried out in the 90’s normally had the agenda of publicizing a political, religious, and/or socio-economical viewpoint via technology. sites that were deemed “the bad guys” were typically targeted. there was almost this feeling that the hackers were the good guys; the ever vigilant miscreants that held alternative lifestyles in favor of shepherding in the realm of the digital age with a new stage of ethics.

    This guy had local access to hospital machines and put people who were sick or people who choose to help people that are sick in jeopardy for no reason other than “its too easy”.

    this disgusting waste of carbon deserves no title associated with information technology. being called a script kiddie would be flattering to him. the sad part is once he gets out, he’ll probably have revenge on mind and a newly revised sense of purpose and focus, making him target even worse things. maybe he’ll get a similar ending as JDahmer.

    /one can only hope. :-P

  2. David says

    July 2, 2009 at 7:28 pm

    I agree if this guy was sooooo uber elite he was working in a nice IT security company.
    25 years old and showing off in IRC chans? Get a life GhostExodus!

  3. Droope says

    July 3, 2009 at 7:14 pm

    LOL. Poor guy.

  4. Lepht says

    July 4, 2009 at 12:35 pm

    this gets to me. the hell it “must be done” – would this sort of shit still have to be done according to him if the HVAC failed while they were operating on some poor guy? if some elderly patients died of hypothermia on the ward?

    there are so many better uses of the skills we’re learning. damn, that makes me mad.

    L

  5. Talverion says

    July 4, 2009 at 3:54 pm

    There is a reason many “computer geeks” and “hackers” don’t have much of a social life… If they’re doing anything illegal, as this man did, they don’t want to talk about it, also blowing their cover. He really screwed up on this one. *facepalm*

  6. Navin says

    July 6, 2009 at 6:15 am

    Hehe…just wht I needed to get a smile on my face this monday morning!!

  7. Will says

    July 6, 2009 at 5:17 pm

    What is sad is that this walking witless wonder came very close to harming others. If Wesley McGrew had not raise a red flag on this guy, we might have been reading about horrors at the hospital and not laughing at this guys bumblings.

    Granted, this guy is an idiot and would have been caught after the fact. But other than his bragging and a heads up call by Wesley McGrew, nothing stopped him from infecting the hospital’s equipment and carrying out his plan. In one article, the IT staff noted that the HVAC system was acting funny, but this did not raised a warning flag to the hospital’s security or IT staff.

  8. j0 says

    July 6, 2009 at 8:27 pm

    lolz, funny kid, he should have a rest now for couple of year’s ..

  9. DirtyOldBastard says

    July 8, 2009 at 11:28 am

    0wnig box with root password is as lame as defacing wikis.

  10. Omniscient says

    July 9, 2009 at 7:10 am

    The poor guy might get a few years over hacking an air conditioner. Epic fail. I feel bad for him but this is what happens when you commit a crime, brag about it, and a post a video of the whole thing on youtube.

    Doesn’t take a l33t person to figure that out.

  11. das licht says

    July 9, 2009 at 8:31 am

    Haha- you guys don’t realize that he wasn’t doing it just to be “1337” he was doing it to prove that he could do it and this would have hurt ABSOLUTELY NO ONE! He wasn’t doing it to kill people off in a hospital or put them in serious pain/suffering- It was about the people who constantly talk shit… Like the people on this blog, saying shit and saying you are all ‘1337’ xD

    Just to prove that he could do it when most of the people that say they are ‘1337’ on the internet are mildly retarded and have terrible OCDs where they have to convince every last person in the world that they are cool in all aspects or they will die.

    … Anyone can talk shit online… Most of them can’t back it up.

    I’ve known about him way before this all happened by the way.

    Some of you believe anything you read/hear on the internet or T.V. and it’s rather pathetic that any of you will buy into it as soon as you hear about it without even questioning it- assuming the source you heard it from is just correct no matter what, regardless of how blatant it is.

    Will- you’re a raging faggot; no one ‘raised a red flag’ just like it said in the following link (later in this post) he just ‘snitched’ on him for things that I could go and look up on youtube or forums that I go to.
    I could find things like that, or even worse things than that, in a very short amount of time- seeing that I go to many forums (which are not private or hidden at all) where users post things like this regularly.

    I can *guarantee* that none of you know what you’re talking about;
    http://www.mcgrewsecurity.com/

    I bet most of you just saw this on a blog or Google or some friend who saw it somewhere on the internet, etc. and just decided “hey, here’s my chance to hate on someone I don’t even know to pretend I’m 1337.”
    Watch some of the videos on there. The people in those videos are actually right.

  12. Bogwitch says

    July 14, 2009 at 10:30 am

    @das licht
    I’m sorry that you feel that way. The fact is, he had authorised, physical access to a box and managed to install some malware onto it. This does not make him a particularly good hacker. He did it to seek noteriety within the community to which he felt he belongs.

    I suspect that most people who you have slated on this blog could install a RAT given unhindered physical access to a box, it’s not difficult.

    The bottom line is, he was in a position of trust which he broke.

    As for not putting life at risk, I would also have do disagree. Whether he went through with the proposed DoS on not, he had introduced some code onto the systems that had not gone through the same (hopefully rigorous) testing that other software components would have gone through. This software could have introduced other vulnerabilities or conflicts that he was not aware of. If the operating theatre was closed down due to a failure of the HVAC, lives could have been put at risk.

    Finally, please provide evidence to back up your *guarantee* that we don’t know what we’re talking about.

  13. Navin says

    July 14, 2009 at 3:10 pm

    das licht dude, firstly, I must tell U tht I’ve been on this site/blog for around half a decade and not once have I heard anyone at all claim to be a L337 #@x0r, or any crap like that (except maybe on the retards posts). Most of us are in fact self-proclaimed n00bs/security enthusiasts (me included) and are here just to keep ourselves updated on the events in the world of Network security.

    That said and done, lets get back to the point. The very fact that he “hacked” a HVAC shows that he had either no knowledge of how important a component it is in any medical institute or had a fair idea of wht he was doing and wanted to show that he was up for the challenge. I have nothing against people who simply hack webpages (by wht methods whatsoever) to spread propoganda eg: http://www.google.co.in/search?hl=en&q=syrian+hacker+gnom but the very fact that he did it to a HVAC proves that he’s a complete moron!! More evidence of this comes from his statements like:

  14. Das Licht says

    July 15, 2009 at 5:00 pm

    @ Navin. I’m not saying ppl on here are calling them 1337 or anything… Notice the quote tags.
    It was on another blog. =/
    In the comments somewhere.
    Oh yeah, and to that ‘Bogwitch’ person. O.O

    I don’t think it’s something he should be in prison/jail for either way… I’m not saying I think he should have done that at his own work place (he especially* should not have done that at his own work place!!)

    http://www.youtube.com/watch?v=cl8qUrx3-6k
    watch please.

    http://www.youtube.com/watch?v=NXi9AtKv25k
    This video is kind of funny toward the end, too… That guy is kind of an idiot. O.O
    (lol)

    but, whatever… meh… just watch.

  15. Bogwitch says

    July 16, 2009 at 9:44 am

    @Das Licht

    Thanks, 10 minutes of my life I won’t get back.

    So, two kiddies on YouTube say ‘He’s a nice guy’ is evidence enough that he meant no harm? If he actually did intend no harm, he should be locked up for stupidity.

    Get yourself back to /b/ – You’ll be much more at home there.

  16. PigSkinsNBawls says

    July 19, 2009 at 11:38 am

    “h4cktivism carried out in the 90

  17. Bogwitch says

    July 21, 2009 at 11:46 am

    Oh, it’s h4cktivism, is it? I thought it was a skiddie posturing and attempting to gain kudos within, what appears on the surface, to be a lame circle of zomg 7331 hax0rz.

    What exactly was the cause he was trying to publicise apart from his own ego?

  18. the tan man says

    July 30, 2009 at 3:27 pm

    This guy is 1337! Joke, I lol’d though.

  19. Das Licht says

    August 2, 2009 at 4:00 pm

    Bogwitch, you’re a douchebag…
    I hate /b/. I didn’t say just because two people say it’s okay makes it legal, I’m saying you’re a retard and you don’t understand what you’re talking about- you try to make it one-sided as possible.

    Yeah, I didn’t reply for a while, I’ve been gone… It doesn’t alleviate the fact that you’re an idiot, to the core.

    Nothing he did could have possibly caused harm, end, done, nothing more after that, you have no argument… =]
    You lose.

    You’re saying he SHOULD have harmed people in trying to do this? It’s stupid that he wasn’t trying to harm someone? Maybe you should be in prison…

  20. Bogwitch says

    August 3, 2009 at 9:11 am

    @Das Licht

    I understand fully what I am talking about. The issue I have is with your statement that he ‘intended no harm’ – I now take issue with your statement ‘Nothing he did could have possibly caused harm’

    He intended harm. He intended to mess around with the air conditioning of a hospital. Messing around with control systems such as these would have a negative impact such as operations being cancelled which could have the consequence of loss of life.
    If he never intended to go ahead with the stunt, he has still changed the operating platform by installing his software which could have unknown, unforseen consequences (trusted computing, anyone?) again, giving the possibility of threatening life.

    My points are these. He was in a position of trust which he betrayed. He has not displayed any superior penetration skills, he had physical access to the box. If he intended no harm, he’s a moron as there could be consequences to his actions. If he was committed to carrying out his actions, he could potentially be threatening life directly, therefore he’s at best, a moron.

    As for the personal insults, water off a ducks back.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Falco - Real-Time Threat Detection for Linux and Containers

Falco – Real-Time Threat Detection for Linux and Containers

Views: 298

Security visibility inside containers, Kubernetes, and cloud workloads remains among the hardest … ...More about Falco – Real-Time Threat Detection for Linux and Containers

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 592

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 556

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 594

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 451

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 677

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (235)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,297,577)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,103)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,638)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,691)
  • Password List Download Best Word List – Most Common Passwords (933,521)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,170)
  • Hack Tools/Exploits (673,298)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,183)

Search

Recent Posts

  • Falco – Real-Time Threat Detection for Linux and Containers May 19, 2025
  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy