"AOL is rioting," the email read.
A large population of aspiring hackers has been networking on AOL for months, using free-trial accounts to gather in private chat rooms. While AOL set up new procedures to stop them, they weren't willing to give up without a fight. At least 30 young hackers circulated email promising "a final act of violence." Passwords stolen from new users would be harder to re-use-leaving no better alternative than to go through them all at once.
At least 70 more screen names came into play for the big event. Targeting "New Member Lounges," their antics quickly overloaded the "Guide Pager," which stopped functioning altogether (returning the message "Please try again later"). Hundreds of AOL users watched as their chat rooms scrolled through screens of gibberish. "RIOT MY BROTHERZ!!!" "CANCIL YOUR ACCOUNTS" "TO THE REVOLUTION!!!!"-sometimes five users at a time, skipping from room to room to evade AOL's watchdog "Guides." After hundreds of lines, rendering chat rooms unreadable, a Guide would appear several minutes later to input the standard macro warning. ("LeTzRiOt, scrolling is a violation of the Terms of Service...") But once terminated from the system, the hackers would instantly return with another account and resume activities-making sound files play, activating disk drives, displaying obscene pictures, or scrolling random numbers across the screen.
"My AOL software is corrupted.It iz making me scroll," one hacker claimed.
This went on for hours. It did not live up to the email's promise of "DEATH TO AOL!!!!!!," though, ironically, all chat rooms were closed the next day. However, a recent three-hour outage was blamed on the installation of anti-hacker hardware.
This clash centers on "password fishers." AOHell, the point-and-click hacker software, takes advantage of the AOL feature which logs "Instant Messages" sent from one user to another. AOHell can automatically send an Instant Message to every user in a chat room; by logging the responses to an official-sounding message asking for passwords, AOHell can target hundreds of users in a few minutes.
AOL now watches for "password fishers" in the New Member Lounges, periodically reminds users NOT to give out their password to strangers, and bans the word "hacker" in chat room names. But some say their latest fix may have backfired: because they've made stolen passwords harder to re-use, some hackers say they are even more intent on fishing for new ones.-Dave Cassel