Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

Outsmart Malicious Hackers


This whole thing sounds like something straight out of CSI: Cyber with references to Drones, Tor, remailers, anonymous image sharing and the scrubbing of meta data. Pretty interesting reading, although it rather smells like a lot of exageration. A super high-tech kidnapping – gone wrong in the end.

Drones, Tor & Remailers - The Story Of A High-Tech Kidnapping

Whoever wrote tho e-mails sent to the police (be it Matther Muller or not) was smart and plugged in, with references to the Egotistical Giraffe exploit and onions within onions.

The press called it the “Gone Girl” kidnapping. But the bizarre story of a former Marine and Harvard-trained lawyer who allegedly masterminded the abduction of a California woman is notable for more than the twists and misdirections that made it fodder for CNN. It’s a rare kidnapping-for-ransom scheme that availed itself fully of the riches of the Internet age, providing a glimpse of a future where brutal, physical crime and its digital analog merge into one.

FBI court filings unsealed last week showed how Denise Huskins’ kidnappers used anonymous remailers, image sharing sites, Tor, and other people’s Wi-Fi to communicate with the police and the media, scrupulously scrubbing meta data from photos before sending. They tried to use computer spyware and a DropCam to monitor the aftermath of the abduction and had a Parrot radio-controlled drone standing by to pick up the ransom by remote control.

All the high-tech theatrics may be part of why the police concluded that the whole thing was a hoax, until the FBI linked the abduction to a former attorney who once made the Journal of the American Bar Association‘s list of “techiest lawyers” for his computer skills.


It makes for really good reading, and it really goes to show..truth really is often stranger than fiction.

The irony is, he was tripped up by technology..and really simple technology. The Target POS system + CCTV was enough to foil him, plus the fact he used a burner phone at home? (not smart AT ALL). Why didn’t he just pay some kid $5 to go into the store and buy the phone for him?

Rookie mistake.

It’s unclear how much of the elaborate backstory in last March’s anonymous emails is reality, and how much is fantasy. The FBI affidavit notes that many of the incidents of burglary, theft, and vandalism described in the messages align with actual incidents reported to the police. But the bureau also notes that the same incidents were described in postings to the Mare Island section of the community news site NextDoor. It’s possible that the author of the email assembled his story Usual Suspects-style from NextDoor bulletin board postings.

Perhaps the biggest unanswered question is whether Muller’s accomplices, mentioned at such length in the anonymous emails, really exist. In the Dublin attack, Muller is believed to have acted alone. But in the Mare Island kidnapping, both Quinn and Huskins told the police they heard multiple kidnappers talking among themselves. And in the 2009 case, the victim counted two perpetrators. “The victim reported to us that she had seen only one suspect, but she believed that she had heard a voice of a second male suspect,” says Lt. Zach Perron, a spokesman for the Palo Alto Police Department.

So far only Muller’s arrest has been announced. The FBI won’t say whether they’re looking for anyone else or if Muller is cooperating with the government against former associates. “This is a continuing investigation,” FBI spokeswoman Gina Swankie says. “The only reason the case was unsealed and made public was to further the identification of other victims who may have experienced a similar crime.”

So, did he really have accomplices? Do the FBI know more than they are letting on? Or was the illusion of accomplices another creation of Mullers twisted mind, perhaps he played back audio of muffled conversations to make the victims think there were multiple assailants.

Who knows? I’m not sure if anything more will come out of this story – but nevertheless it’s an interesting one.

Source: Wired


Posted in: Hacking News, Legal Issues, Privacy

Latest Posts:


BSQLinjector - Blind SQL Injection Tool Download BSQLinjector – Blind SQL Injection Tool Download in Ruby
BSQLinjector is an easy to use Blind SQL Injection tool in Ruby, that uses blind methods to retrieve data from SQL databases.
CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds


Comments are closed.