DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Wiseguys indicted in $25 million CAPTCHA-bot scheme

Posted on March 1, 2010 by Dissent

NEWARK – Three men who used fraud, deceit, and computer hacking to make more than $25 million by acquiring and reselling more than 1.5 million of the most coveted tickets to concerts, sporting events, and live entertainment throughout the United States surrendered to federal authorities this morning after being charged in an Indictment, U.S. Attorney Paul J. Fishman announced.

The 43-count Indictment describes a scheme in which the defendants and their company, Wiseguy Tickets, Inc. (“Wiseguys”), targeted Ticketmaster, Tickets.com, MLB.com, MusicToday, and other online ticket vendors. According to the Indictment, which was returned by a federal grand jury on Feb. 23 and unsealed this morning, the defendants are alleged to have fraudulently obtained prime tickets to performances by, among others, Bruce Springsteen, Hannah Montana, Bon Jovi, Barbara Streisand, Billy Joel, and Kenny Chesney. The criminal scheme also targeted tickets to live theater, including productions of Wicked and The Producers; sporting events, including the 2006 Rose Bowl and 2007 Major League Baseball playoff games at Yankee Stadium; and special events, including tapings of the television show Dancing with the Stars. The events took place in Newark and East Rutherford, New Jersey, and across the United States, including in New York City, Anaheim, Chicago, Houston, Los Angeles, Omaha, Philadelphia, Pittsburgh and Tampa, according to the Indictment.

The Indictment charges Kenneth Lowson, 40, Kristofer Kirsch, 37, and Faisal Nahdi, 36, all of Los Angeles, and Joel Stevenson, 37, of Alameda, with conspiracy to commit wire fraud and to gain unauthorized access and exceed authorized access to computer systems. The indictment also charges 42 additional counts of wire fraud; gaining unauthorized access and exceeding authorized access to computer systems; or causing damage to computers in interstate commerce.

Defendants Lowson, Kirsch and Stevenson surrendered this morning at FBI headquarters in Newark and are expected to appear before U.S. Magistrate Judge Michael Shipp at 2:00 p.m. in Newark. Defendant Nahdi, who is not currently in the United States, is expected to surrender to authorities in the coming weeks. All of the defendants will be arraigned in the coming weeks before the United States District Court Judge Katharine S. Hayden, to whom the case has been assigned.

According to the Indictment, Lowson, Kirsch, Stevenson, and Nahdi used Wiseguys to obtain and resell millions of dollars worth of premium tickets to the most sought after concerts, shows, and sporting events. Wiseguys typically sold the event tickets that it obtained to ticket brokers, who in turn sold the tickets to the general public at significantly higher prices. Wiseguys profited by charging its customers, the ticket brokers, a percentage mark-up over the face value of the tickets it fraudulently obtained and re-sold.

Technological Steps to Ensure Fair Access to Tickets

The Indictment alleges that ticket vendors were unwilling to sell tickets in large quantities for commercial resale to entities such as Wiseguys or brokers. To ensure fair access to tickets, Online Ticket Vendors restricted access to their ticket purchasing system to individual users, as opposed to computer programs that purchased tickets automatically, and restricted the number of tickets that an individual customer could purchase. To enforce these restrictions, Online Ticket Vendors used computer software that was designed to detect and prevent automated programs from accessing the Online Ticket Vendors’ computers.

These protecting technologies included CAPTCHA, a computer program that requires would-be ticket purchasers to read distorted images of letters, numbers, and characters that appear on their computer screens and to retype those images manually before tickets can be purchased. “CAPTCHA Challenges,” such as the one below, are programmed so that the images are recognizable to the human eye but confusing to computers.

captchaAccording to the Indictment, other technologies the Online Ticket Vendors used to protect their computers include audio CAPTCHA Challenges, which are offered to ensure fair access to visually impaired customers who cannot see and respond to visual CAPTCHA Challenges; sending complex math problems to computers that were in the process of purchasing tickets (to slow down computers attempting to purchase multiple blocks of event tickets); and blocking the Internet Protocol addresses (“IP Addresses”) of computers that appeared to be using automated programs to access and attack the Online Ticket Vendors’ websites.

Sidestepping the Computer Defenses

To defeat the Online Ticket Vendors’ technologies, the defendants worked with computer programmers in Bulgaria to establish a nationwide network of computers that impersonated individual visitors to the Online Ticket Vendors’ websites, the Indictment alleges. The network – described as the “CAPTCHA Bots” in the Indictment – gave Wiseguys the ability to flood the Online Ticket Vendors’ computers at the exact moment that event tickets went on sale. The CAPTCHA Bots also automated and sped up the purchase process by completing both CAPTCHA Challenges and audio CAPTCHA Challenges automatically – faster than any human could accomplish the same task. The defendants thus gained a significant advantage over the general public in having access to the best seats to the most desirable events, according to the Indictment.

Allegedly, the defendants also used aliases, shell corporations, and fraudulent misrepresentations, both to deploy the CAPTCHA Bots and to disguise their ticket-purchasing activities. At various times the defendants, and others working at their direction, misrepresented Wiseguys’ activities to Online Ticket Vendors; to the companies that leased Internet access to Wiseguys for use of the CAPTCHA Bots; to the landlords that rented Wiseguys’ office space; and, in certain instances, to lower level employees at Wiseguys.

To further disguise their activities, defendants also created and managed hundreds of fake Internet domains (e.g., stupidcellphone.com) and thousands of e-mail addresses to receive event tickets from Online Ticket Vendors. The defendants also directed the development and deployment of technologies to secretly obtain CAPTCHA and audio CAPTCHA Challenges that could be used to buy event tickets for resale.

Defendants Lowson and Kirsch, according to the Indictment, owned Wiseguys and directed all of its operations; defendant Stevenson was the company’s chief U.S.-based programmer, programmed aspects of the CAPTCHA Bots, and supervised Bulgarian computer programmers; defendant Nahdi managed Wiseguys’ operations and finances and at one point took ownership of a Wiseguys’ entity named Seats of San Francisco.

If convicted, each defendant faces a maximum statutory penalty of 5 years in prison on the conspiracy charge and a maximum statutory penalty of 20 years in prison on each wire fraud charge. In addition, defendants Lowson, Kirsch, and Stevenson face statutory maximum penalties of 5 years’ imprisonment and a $250,000 fine on each of 19 counts charging gaining unauthorized access and exceeding authorized access to computers; and 10 years’ imprisonment for each of six counts charging damage to computers in interstate commerce. In addition, each defendant faces a fine of $250,000 per count of conviction.

Source: U.S. Attorney’s Office.

Category: Breach IncidentsBusiness SectorHackOf NoteUnauthorized Access

Post navigation

← OCR's web site criticized for "bare bones" approach
Payment Processing CEO Banned from the Business; Company Illegally Debited Millions from Consumers’ Bank Accounts →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.