Install

Get the latest updates as we post them — right on your browser

. Last Updated: 07/27/2016

AOL Case Called Step Against Online Fraud

The conviction last week of a Yale University student for developing a program allowing hackers free access to America OnLine, the world's largest Internet provider, could be a step towards cracking down on worldwide online fraud and restoring AOL access to Russia, a company spokesman said Tuesday.


Direct access to AOL from Russia has been shut down since Dec. 14 because of widespread fraud.


Nicholas Ryan, 20, of Victor, New York, pleaded guilty to a charge of computer fraud at a Jan. 8 federal court hearing in Alexandria, Virginia, Reuters reported. He faces up to five years in jail and a $250,000 fine. Ryan was the author of a program called "AOL4FREE" which enabled users to trick AOL into giving them free time on the Internet, said Jack Hanley, the assistant U.S. attorney who prosecuted Ryan.


"AOL4FREE" was distributed in AOL chatrooms, Hanley said, and was most heavily used between September and December 1995. The loophole Ryan used to trick the system has since been closed, said AOL's Gau, but other programs are "still out there," and are being actively investigated by AOL's anti-fraud team.


"AOL.Crack," a program widely sold in Russia in pirate CD-ROM markets that allows hackers to open false AOL accounts, is one of the programs under investigation by AOL, but is "not one of the more sophisticated" fraud systems, Tatyana Gau, vice president of AOL's Integrity Assurance department, said. AOL has not been able to confirm if use of "AOL.Crack" by Russian net surfers has been at the root of the recent boom in online fraud, but the company is developing additional credit vetting systems which would make "AOL.Crack" useless.


However, AOL still has no time frame for restoring AOL's local access numbers in Russia until the exact nature of the fraud is identified, said Gau. "AOL.Crack" may not be the only program in use in Russia, since it can only be used to open accounts if the service is accessed through an American local number, or via the Internet. The problem is that maintaining local access numbers to Russia is approximately three times more expensive then in the United States, said Gau.


"Russia has not been specifically targeted as a problem area. The problem is not isolated to Russia," she added. "But the potential liability of keeping Russian access numbers is much greater. That's why we need to be sure that we have a secure service before we can resume."


The Russian Directorate of Economic Crime, or UEP, has a department of credit card fraud, said a spokesman for the UEP, but as yet its investigation of computer fraud is limited to hackers who make false bank transfers. The new Russian Criminal Code identifies "misuse, illegal access to and damage of computer systems" as a crime, as well as "manufacturing false credit and payment cards," but includes no provision for online use of non-existent credit card numbers.


"That type of crime is still out of our reach. It presents huge legal and logistical problems," said the UEP spokesman, who did not give his name. "Where is the crime committed? In Russia? In America? It's not clear. It is a problem our judicial system has not tackled."