Script Kiddie Leaves Photo ID Behind After Wreaking Havoc

TOP del.icio.us digg

Please understand: The information on this ID has been verified against the user's PayPal data to confirm that is indeed the real McCoy. The person who did this has access to the bank accounts and credit cards.  In addition, he has a personal website that features the same username as what he used on our system and has his real name all over the domain records.  This person is not framed.  It's really him.

UPDATE: As if that wasn't enough evidence, he's come out and admitted on his personal website that the ID is indeed his.  In addition, the IP that was used to execute the UDP flood perl script matches the IP he contacted me with on IRC.  Please, for the sake of my sanity, stop telling me he might have been framed.

As the administrator of a free shell account provider, I see all kinds of questionable activity on a regular basis.  Some people try their hardest to root the server they've been given access to, shut it down, or to wreak havoc on a remote server from ours.  In any case, they usually try to cover their tracks before trying anything stupid.  Not so in the case of Mr. Machelesen of the Netherlands.  Before uploading and executing a perl script designed to send a flood of UDP traffic to an IRC user, he was kind enough to upload a scanned copy of his official government-issued photo ID to his public_html folder.

Meet the script kiddie of the year, Mr. Machelesen:
picture of a script kiddie

Please take this moment to make a mental note: It's not a good idea to upload photo ID before bringing down a shell service.

73 comments to “Script Kiddie Leaves Photo ID Behind After Wreaking Havoc”

  1. Comment by toresbe:

    That’s truly brilliant, A-grade stupidity. It depresses me to see that people my age are capable of this crap. Thanks for sharing, though.

  2. Comment by themessiah:

    Bumma!

  3. Comment by Jay:

    Aye, this scurvy dog be not the brightest!

  4. Comment by Al:

    Perhaps it might be a good idea to obscure some of this guys details to prevent identify theft and fraud?

  5. Comment by Holic:

    You have to be kidding….Did this person want to get caught, what the hell is up with that. Anyways, yea thats just plain ol’stupid…

  6. Comment by yaaarrrhhh:

    Perhaps a quick visit to his home with a soft club would be appropriate.

  7. Comment by zaqck:

    Brunner is making history…all you guys that think hes making a mistake and what not….i admire him for doing something different from anyone else…and having the courage to say “look i did it, what now” type of scenario. Ill see you in heaven man…….grats.

  8. Comment by Script kiddie or smart hacker? at PC & Network Services: Blog:

    [...] You can see the the sysadmin’s blog post here. [...]

  9. Comment by xen ix:

    Maybe this is a new “trend” for criminals? Leaving their ID behind just incase someone would like to prosecute them for what they did. :D

  10. Comment by Matt:

    Oh dear…….the first time I looked at the photo I thought it was Macaulay Culkin. Div of the year surely.

  11. Comment by online tv:

    He deserves it, looks really young – probably like 15-17 years old

  12. Comment by PC_Diz:

    Well… being that it says his DOB is April, 1988 we know he is 18.

  13. Comment by Keith:

    As you have said it, he’s a kiddie; unless he is some kind of a youth expert hacker, then you won’t get to see so many kiddies trying to mask themselves while “vandalising” the server.

  14. Comment by karl-tux-stadt.de » Wie blöd muss man erstmal sein:

    [...] Der Qbi scheint eine neue Kategorie in seinem Blog zu haben namens “Scriptkiddie des Monats“. Da hat doch tatsächlich so ein Kiddie sich einen Shellzugang bei Chris Brunner registriert, als erstes eine Kopie seines Ausweises hochgeladen und dann versucht ein paar Kiddiescripte zu starten. Das gehört wahrlich in die Kategorie “ich bin blond”. Mir bleibt nur zu hoffen, das der Qbi das Ernst meint mit der Überschrift und so etwas jetzt monatlich veröffentlicht. [...]

  15. Comment by sic:

    Nice one online tv, “probally like 15-17″ why don’t you ask for his id…. oh wait.

  16. Comment by DRKSTR:

    errrrrm, count down to when he was born…
    besides, keeping track of everything WE do, now THATS a crime! GRRRR

  17. Comment by _d1ZZy_:

    I know it is illegal to display an offenders image and details if he or she is under a certain age……however im assuming this guy is 18.

  18. Comment by Me:

    oh my god I can’t believe you just wrote that online tv.
    You might have noticed that Identity Cards give a date of birth

  19. Comment by James:

    @ Online TV…. yeah.. it’s photo ID? It has his birthdate on it. 04/10/1988.

  20. Comment by James:

    Whoops. 19 april***

  21. Comment by Hyper123.net » Script Kiddie Leaves Photo ID Behind After Wreaking Havoc:

    [...] read more | digg story [...]

  22. Comment by skorm:

    If you looked on the card it tell’s you the birthday, no need for guessing age.

  23. Comment by John Hoffman:

    He’s 18 years old.

    Old enough to be extraditet to the us.

  24. Comment by Wouter Masselink:

    He was born on april the 19th 1988, that makes him 18 years old. His ID is dated October 2001, back then he was 13 years old.

    Guys like this make me feel ashamed to be Dutch.

  25. Comment by naruto:

    Dumbass

  26. Comment by lewney:

    Was his username skyrim? :)

  27. Comment by w00t:

    what a n00b, hopefully he will be put in the same hall of shame as the worst hacker ever :P

  28. Comment by De chileen:

    Well he’s only 1.60m tall, which means he’s some sort of smurf.
    I can’t be really suprised because Marvin is from Roermond, that’s a town located deep in a rural dutch province called “limburg”. A lot of redneck retards are from limburg.
    With all the details found on his ID card a lot of nice things can be done.
    Thanks for sharing!

  29. Comment by Stijlloze:

    Priceless!!!

  30. Comment by JeroenZ:

    I’m from the Netherlands and I would like to say that I am in no way affiliated with this dork of dorks.

  31. Comment by Patrick K.:

    lol thats just hilarious

  32. Comment by Fabian Remkes:

    Well I saw some of the conversation he had on that serverchat….

    The chat-admin gave that idiot the IP of his local host…. (A real hacker should know that…even I do lol) So

    1)he made his computer chrash…
    2)after returning he deleted his own drives…by his own local host address ofcourse…

    I’m gonna write the goverment to give his province to Belgium…

  33. Comment by Jan.S:

    Wow man,hes a real nice person.
    Has done his job real good.Real good…..

  34. Comment by Geronimo:

    LOL, this has been taken over by one of the most popular websites in the Netherlands, http://www.geenstijl.nl...

    This kid needs plastic surgery now :D

  35. Comment by Sure:

    He is 18, born in 1988

  36. Comment by web design uk:

    Hahaha classic.
    I bet Mr. Machelesen will think twice in future.

  37. Comment by Yuka Poppe:

    As a dutch security aware IT professional I’m feeling deeply ashamed :)

    Mr. Machelesen’ future reputation is definitly good for a few laughs though, some people just have to learn the hard way.

    Now that i think of it, I believe I do actually had a copy of my passport floating around on the unix shell of a server I have running somewhere, perhaps now is a good time to see if I already got rid of it, you never know ;-)

    It doesn’t really matter anyway, with the current and future laws around here, its only a matter of time before some (h/cr)acker or government employee (dutch inteligence agency’s system administrators and employees are known to randomly throw usb-sticks with sensitive unencrypted information around in subways, cabs, and other public locations) finds a way to (un)intentionally expose all data in this country’s dataretention and personal information databases for all to see.

    At least we still have this unique dutch softdrugs policy :)

  38. Comment by Vtwin:

    Smiiillleeeeeeeeeeee

  39. Comment by Bo:

    OMG this is F*cking hilarious… how stupid can you be. I’m ashamed it is a Dutch kid since I’m Dutch myself!

  40. Comment by Henk:

    Thanks for giving me the best laugh sofar this year…!

  41. Comment by SA:

    From http://forums.phoenix-hosting.org/viewtopic.php?t=516&view=next&sid=0faba19cba286a1d8dc4e354e4f3fe9a:

    “I’m Marvin Machelesen, and come from the Netherlands. (…) I’m into coding perl scripts, and just hanging around on IRC (might just drop by on your irc server Wink )”

  42. Comment by Willem:

    He made a statement on his own site:

    Mijn verklaring hier:
    Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
    Ik heb nooit een perl-script om iets te flooden geupload naar de server.

    Translated:

    I’ve uploaded my ID-Card to my own server and probably also to silenceisdefeat.org
    I’ve never uploaded a Perl-Script to flood something to the server.

  43. Comment by Damn Foreigners:

    Wow what a moron – Thats a top 10 dumbest script kiddie story fosho

  44. Comment by Bas:

    Brilliant.

  45. Comment by oohh:

    ROFLOL!, he’s stupid.. probably because he’s from Roermond!

  46. Comment by Z:

    LOL

    Those dutchies x)

  47. Comment by 1c3d0g:

    LMAO…that’s incredibly stupid. Only the Dutch… ;-)

  48. Comment by Commenter:

    “Aangezien jullie de server beetje zwaar aan het belasten zijn,
    Mijn verklaring hier:
    Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
    Ik heb nooit een perl-script om iets te flooden geupload naar de server.”

    Lousy translation:

    ” Since the server is heavily buried, My decleration here:
    I have uploaded my ID-card to my own server, and probably also to silenceisdefeat.org
    I never uploaded a perl-script to flood an IRC-server.”

  49. Comment by ArcLight:

    Perhaps Mr. Machelesen would benefit by taking a word of advice from Ron White: “The next time you have a thought…just let it go.”

  50. Comment by Law enforcement:

    I hear the word “slammer”.

  51. Comment by Wouter:

    What do you expect, it’s a “Limbo”! (person from Limburg, southern province of Holland)

  52. Comment by Deimos:

    Whahahahahah pwn

  53. Comment by falch69:

    lol…what a fucking retard!

  54. Comment by bob:

    Haha he looks gay

  55. Comment by Ibot:

    whahaha, im from holland too, what a fool!!

  56. Comment by Masiu:

    how do you know that is not the hacker trying to fool you into thinking this guy hacked you? no one can be that stupid!

  57. Comment by Danny:

    whaha! nice job m8!

  58. Comment by Marsje:

    This guy uses no style!

  59. Comment by e-:

    “Brunner is making history…all you guys that think hes making a mistake and what not….i admire him for doing something different from anyone else…and having the courage to say “look i did it, what now” type of scenario. Ill see you in heaven man…….grats. ”

    script kiddys were already invented.

  60. Comment by Snafu:

    Statement on his own website: “Aangezien jullie de server beetje zwaar aan het belasten zijn,
    Mijn verklaring hier:
    Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
    Ik heb nooit een perl-script om iets te flooden geupload naar de server.”

    Translation: “As you are somewhat overloading the server,
    My statement here:
    I once uploaded my ID-card to my own server, and probably to silenceisdefeat.org as well
    I never uploaded a perl script to flood something to the server.”

  61. Comment by Unchain3d (the dj):

    this Dutch guy or gay whatever he is calls himself a hacker?
    uhhmmm… turning off a firewall is a simple thing if you cant do that your not a hacker, please Marvin give me a break. Uploading your ID card on your own server and than hack some one is very smart, its like going to the police and telling them you killed some one after you killed some one!

    Marvin you’ve got allot to lurn but this mistake was so stupit and where ever you go and what ever you do I’ll be watching you and I think others will be to
    Thanks http://www.geenstijl.nl for putting story about Marvin on your webpage, this is great and what he did was so stupit. Maybe he will win the price for ‘most dummest Dutch hacker of the year’ you’ll never know??

    kind regards unchain3d (the dj)

  62. Comment by m00:

    duuuuude be smart.
    the guy cant be framed for cyber crimes in holland.
    neither can you for all kind of other actions that involve computers hacking & cracking.

  63. Comment by Yatusk » Blog Archive » Script Kiddie Breaks Stupidest Script Kiddie on Earth Record:

    [...] Hot and Spicy Sauce [...]

  64. Comment by Prutswerk:

    Zijn hier ook naakte wijven?

  65. Comment by Uhm:

    I wonder how many people reminded him to renew his identity card early October..

  66. Comment by tom:

    He probably gave his ID cause he don’t give a toss if you know who he is. If anything he doesn’t want anyone else taking credit for his efforts

  67. Comment by netop:

    THIS GUY, WHAT A PRO,
    no one else has balls as big has his, and brains as small as his…
    what a legend ;]

  68. Comment by mynet sohbet:

    I wonder how many people reminded him to renew his identity card early October..

  69. Comment by skyrim:

    no, lewney, it wasn’t. Not funny.

  70. Comment by MeBerserk:

    The guy looks like an idiot and he is an idiot for sure. Goddamn if u can’t think of something like that =P

    glad I’m living about 100km away, might not look that far for u guys but I’m glad already =)

    ps who are these idiots that keep posting translations of his statement -_-

  71. Comment by هلاليه:

    I wonder how many people reminded him to renew his identity card early October

  72. Comment by Zellers:

    That is most likely the most effective article that ever cross my reference. I do not see why anyone should disagree. It could be too easy #for them# to comprehend…anyway good work i’m coming back here for Extra Nice Stuff!!

  73. Comment by Bunten:

    That is probably the best article that ever cross my reference. I don’t see why anyone should disagree. It might be too easy #for them# to comprehend…anyway nice work i am coming back right here for More Great Stuff!!

Leave a Reply