Teen hacker 'Mafiaboy' pleads guilty to 55 charges

Computerworld - The teen-aged computer hacker known as Mafiaboy pleaded guilty today to 55 of 66 counts of mischief in connection with last year's denial-of-service attacks that crippled several major Web sites.

Authorities arrested the 16-year-old Montreal youth last April and charged him with two counts of "mischief to data" for a distributed denial-of-service attack (DDOS) that brought down the Internet sites of CNN.com, Yahoo Inc., Amazon.com Inc., eBay Inc., Dell Computer Corp. and others between Feb. 8 and Feb. 14 (see story).

Soon after the court had convened, prosecutor Louis Miville-Deschenes announced that the youth had pleaded guilty to the charges. The youth, who can't be identified under Canadian law, will be freed pending sentencing. He had previously pleaded not guilty to all charges.

Although some experts last year had concluded that Mafiaboy was an amateur copycat and that the real culprits may never be found (see story), Mark Rasch, vice president for cyberlaw at Predictive Systems Inc. in Reston, Va., and the former head of the Computer Crime Unit at the U.S. Department of Justice, said it's unlikely the authorities have the wrong person.

"He's caving," said Rasch. "I will grant you that he's an amateur, but he's pleading guilty because he is guilty. It would be extraordinary if he is not the person primarily responsible."

In addition to a two-year prison term and a fine of $1,000 Canadian dollars (about $650 U.S.), the youth could face a wide range of conditions restricting his activities after his release. Although Canadian law grants the court broad discretion in cases that involve minors, the teen-ager could be forced to forfeit his PC or be banned from using the Internet for a specified amount of time.

Last year, a U.S. court slapped convicted computer hacker Kevin Mitnick with a 46-month prison term and ordered him to pay $4,125 in restitution to more than a dozen companies and organizations (see story). Federal authorities arrested Mitnick in 1995 for cracking corporate and university systems and for illegally downloading proprietary software. He pleaded guilty to seven counts of computer and wire fraud charges.

The court also barred Mitnick from accessing computer hardware and software and any form of wireless communications. He's also banned from working at a company that has computers, and he can't possess passwords, cellular phone codes or data encryption devices without permission.

Although it's possible that the Canadian teen-ager may face restrictions similar to those imposed upon Mitnick, Rasch said the court likely would consider the threat he may pose in the future