Remember those purely social internet forums?
If you don’t then this might seem weird to you, but back in the day before Facebook, Myspace, Instagram or the word ‘social network’ existed outside of lecture halls, if you wanted a place to hang out online that wasn't open to the public, then private message boards were pretty much your only decent option.
So the story goes that in the early nineties, me and my old college buddies, we split the costs of the server, got together and I made us a private forum. You can guess what happens next, the years go on and the forum gets a fair amount of use, memories were made, users come and go but eventually better social tools take over and the forum gets mothballed.
The last conversation I had on the old forum was about ten years ago, I kept the site up and running all these years for a few reasons. One was to have a place to test stuff, and I ended up using the server as a tool to teach my kids how to use computers properly. (You guessed it! I’m a network admin.)
Skip to present day and about four weeks ago you can imagine my surprise when I get an email informing me that new users are registering accounts on the forum. At first I figured it was some of the old guys coming back for nostalgia. You won’t find the site on google and the URL isn’t something you would just guess either, So I logged myself in and went to check out the new thread, the subject line was a series of numbers “1088A7 7BR286 33PZ00”. I clicked on title to inspect the conversation but there was only one post, a series of letters and numbers with spaces at random intervals too long to post here. My first thought was that it was a prank, so I checked the admin log for IP’s just to see who it was, turns out my supposedly private forum had received 400 unique hits at the exact time of posting, from I.P addresses all over the world. I should have known then that something weird was going on, but I was curious and It felt like a puzzle I was being asked to solve.
As I wracked my brain over the next few days I began to research as much cryptography as I could, but whatever code these posts were in wasn’t something I could decipher. After about three days of searching another post appeared, in much the same theme and again there were around 400 unique hits at the time of posting that prevented me from finding the origin.
This is when things began to take an even stranger turn.
So far, the same user had posted each entry in the thread. A few hours after the second post five other users started leaving messages, all of which were huge entries of letters and numbers. The posts came flying in over a four-hour period until they just stopped and the server started going insane, CPU and ram usage began to max out but the traffic never changed. At that point I had seen enough and pulled the plug on the server, assuming It was being used as a bitcoin miner and forgot about the whole thing.
The next day I got a text on my work phone.
“Turn on the server”.
I was more than a little shaken, but I didn’t do anything straight away as I was at work. A few hours after my lunch break was over I got a Facebook message from my teenage son which was unusual so I checked it straight away. The message was a picture of his face from his laptop webcam along with our home address. If any of you have kids you can imagine my calm and measured (hint: It wasn’t) reply. A few minutes later my work phone started ringing with one of the support technician’s caller ID, but when I took the call they weren’t on the other end. Instead to my surprise it was Stephen hawking’s voice speaking at me over the line.
“The forum is being used for great things, leave work, return to your family and plug the server back in. You have two hours.” I knew that was a threat, I’m not an idiot so I didn’t take any chances. I raced back home, plugged the server back in and waited for a response. My personal phone buzzed this time with a new text message from my daughter.
“Well done. No more interference, we’re waking up.”
“We’re waking up”, what the hell did that mean? I made myself a coffee and tried to log into the server but I was locked out. Whatever was happening they had full access to everything we owned, which shouldn’t be possible. The more I thought about it, the crazier my theories got until eventually I realised whatever was happening was way beyond my capacity to deal with.
Remember the old college buddies I set the forum up with? Well one of them works for the NSA, and his name is Pete. I figured that if anyone would be willing to help me out with this, it would be him. I mean, I just didn’t trust local police to have the know-how and the FBI doesn’t exactly have a ‘call here if you don’t think the local police force have the ability deal with your situation without getting your family killed’ hotline, you know? I just needed a way to contact him without ‘them’ realising what I had done.
I knew I was traceable via my phone GPS, so they would know wherever I went with them. I also know my car could be tracked the same way, so I couldn’t go anywhere with them but I also couldn’t just leave them at the house or they might get suspicious. I had no idea to what extent they had access to CCTV around the area or the other webcams in the house or at work either, so I had to make everything seem normal, but not too normal.
I drove back to work with the phones, my work laptop and a hoodie, when I arrived at the office I sat at my desk, returned my devices to their usual places and got back to work. When I was satisfied a believable amount of time had passed I began operation ‘call for help’.
Step one: I walked at a smooth and completely normal pace down the hallway and to the left where I entered the conveniently camera free server room.
Step two: After entering the server room I got changed into the hoodie I brought with me and limped out of the office, hopefully with my head covered and my gait changed they wouldn’t recognise me through the outdated low-res Chinese cameras.
Step three: As soon as I got out of the office I limped to the nearest bust station and took a ride to the nearest mall, where my Oscar winning doctor house performance would take me to the nearest mobile store. With the piece of paper on which I’d written my friends phone number I quickly hobbled over to the men’s bathroom, picked a stall and made the call. The phone rang. Then it rang again. And then I hit a voicemail.
No worries hang up and try again!
Shit. Fuck. Shit.
It took 12 tries in the mall toilets before I got anywhere, but when I finally got through to him he understandably wasn’t very happy. “Who the fuck is this and why have you called me twelve times?”
I blurted out as much as I could in 30 seconds, I even got as far as the weird codes still being posted on the forum, then the son of a bitch hung up on me. I just sat there for a few seconds, stunned. I didn’t know what else to do, so I dialled in 911 but before I could put the call through the burner phone rang. Unknown number.
It was Pete, he spoke very quietly down the line and told me he couldn’t talk on his personal number, but that I did the right thing by calling him. I quickly picked up the story from where I had left off, leaving out no details. I feel sorry for the guy who sat in the other bathroom stall, he must’ve thought I was a maniac. After I finished I felt the tone of the conversation change and then it was my turn to listen as he blurted out a ton of technical questions about the nature of the traffic and forum posts. I told him he could see the posts for himself if he got on to the website but he quite wisely told me that would be a bad idea, any unexpected traffic that they spotted would be a dead giveaway I’d told someone what was happening.
Then I asked what the hell he thought was happening, how could they even have found our old forum let alone have the resources to infiltrate my life like this? He tried to bypass the question but I kept pressing him. I figured my kids were in danger and I had a right to know who the hell these people were but he refused to answer and told me to head home. I refused to co-operate until I knew who was threatening my family.
He said “it’s not a matter who, It’s a matter of what. That’s all you want to know, for your safety and mine. Agents will be at your house in a few hours, your family home and we’ll take it from there.”
I couldn’t believe what I was hearing, I’m a glorified network guy whose computer was probably hacked by well-informed Chinese kids somewhere, now my family is being questioned by federal agents? And who or what the hell are these people and why is the federal government getting involved so quickly?
Two hours later there was a knock at the door, outside was a white guy in a crisp blue suit and tie, to his right was a black guy in a tan get up. Both were easily 6,5’ and had little American flag pins on their collar. I realised then I had walked into an episode of Homeland.
The two introduced themselves as NSA agents, but I don’t recall their names. I asked for ID and they presented their cards, I even made a note of taking down their agent numbers for my own records. After we’d exchanged pleasantries and I made sure everyone was on the way home to talk to the two men, I went into the kitchen to make coffee. When I came back into the living room the agents had already begun tearing the place apart.
They took every device they could get their hands on, our laptops, home PC’s, even our smart TV and managed to stuff them all into the back of their car, it felt more like a robbery than police work. When they had finished, they returned to the house and sat with me in the living room, they asked me a lot of personal questions about who my family was, and how long it would take them to arrive. More than anything it made me feel like they were more concerned about getting us all in the same room than helping us. The low buzz of their phones put an end to the barrage of questions, simultaneously they pulled the devices out of their pockets and exchanged an exasperated look with one another before thanking me for my time and rushing out of the door, taking thousands of dollars of my equipment and personal items with them.
Ten minutes later there was another knock at the door. Pretty shaken by this strange intrusion I didn’t answer the door at first, but after a second more intense knock I opened the door. In front of me were two men and a woman, average height, nothing notable other than the badges in their hands.
Our exchange went something like this.
“Sir, Pete informed us of the situation. If it’s ok with you we’d like to begin-“
“Didn’t you guys just send some people?”
“I’m sorry sir, we’re it.”
“But what about the other two who just left? I have their badge numbers written down here.”
The agents at the door looked pale as I explained what had happened.
Then I went pale as they explained that those two men hadn’t been sent by the federal government.
They left soon after they realised everything of value had been taken, but assured me they’d be working the case in the meantime. I haven’t heard anything back from them since.
I’d been trying to get in touch with my buddy for weeks about what the hell had happened and whether I was safe but he never picked up and eventually the number was disconnected. I even made the drive to his house, but when I got there it was for sale and him and his family were gone.
I thought this nightmare was over, but last week I was followed on my way to work. I think my family may be in danger so since then I have finished building a new server, I’m going to put the forum back up and see what happens. So far all know is that there is something or someone out there using computer resources that has the intelligence to outsmart the NSA and the FBI. What worries me most is that no one I’ve spoken to has any idea exactly what it’s up to.
I’ve put my story out here in the hopes that I’ll be able to give an update when this is all over, but If I don’t then I hope someone out there finds this and it helps them.
Be careful out there on the web.