On the dark web, no one knows who you really are. At least that's the idea, anyway.
In 2015, a hacker called Ping ran an infamous dark web forum called Hell, where cybercriminals distributed large caches of stolen data. This included the personal information of some 4 million dating site users and 27 million passwords for another hookup site. The original version of Hell abruptly and mysteriously shut down in July of the same year.
According to legal documents, Ping is allegedly a teenage boy from Canada who was arrested in 2015 for supposedly trying to hack his own school's staff.
The boy—who Motherboard won't name for legal reasons—and his alleged hacking escapades have been mentioned in previous media reports, but the link between him and the Ping identity has not been reported before.
In June 2015, the then 15-year-old boy was arrested on suspicion of hacking into a TeacherLogic account. TeacherLogic is a piece of software used by his high school to log grades, keep tabs on attendance, and host curriculum information. According to one of the legal documents, the affected teacher's username and password had been obtained by a keylogger—a device that plugs into a computer and records whatever the user types.
The boy also allegedly sent a phishing email to all of his school's teachers in an attempt to gain access to TeacherLogic accounts. He had supposedly used his neighbour's Wi-Fi to create and access a fake email account to send this email, but had also accessed the account from his own IP address, the document adds.
Motherboard could not independently confirm every claim included in the documents—the boy's lawyers and prosecutors did not respond to multiple requests for comment—but many of the statements in the documents line up with the timeline of the high school hack, mirror other details such as the correct names of school employees, and echo statements made by police.
A hacker who claims they obtained the documents from someone's email account and has links to the Hell forum provided the files to Motherboard.
According to the documents, when police searched the boy's room and devices they found a USB adaptor that can be used to obtain wireless network passwords; various pieces of malware designed to break into computers; and a keylogger.
"[The boy's] room is a 'hacker's" dream,' an alleged letter written by a Crown Prosecutor to the boy's attorney reads.
As for how this all relates to Ping and the Hell forum, when police executed the search warrant, they allegedly found the boy was using the username Ping (although the website or program is not mentioned). The boy was also apparently hosting a Tor hidden service on his own computer called Ping Sec.
"I think I have more than enough evidence to prove that [the boy] is 'Ping' and is responsible for accessing the CBE computer system," the prosecutor writes according to one of the documents.
The Hell forum has gone through a succession of closures and subsequent relaunches, before eventually dying down. But it will remain as one of the more notable hacking forums on the dark web.