Cold Open
The following presentation is not suitable for young children. Listener discretion is advised.
On April 1, 2001, an American naval intelligence plane jetted across the sky over the South China Sea, only seventy miles off the coast of Chinese territory. The aircraft and its crew were several hours into a signals intelligence mission, an operation designed to collect foreign intelligence by picking up information from foreign communications that could prove useful to the United States government.
By 2001, China was on the rise as a major economic powerhouse. Its economic reforms implemented several decades before had paid off — it was gaining influence on the global stage, enough power that the United States felt it had to keep a close eye on it. That day, American naval forces were doing just that. The mission was going smoothly — at least, until the plane bearing American naval markings was spotted deep in Chinese airspace.
The United States’s relations with such a significant communist force were rocky in the best of times. Now, an intelligence-collecting airplane had been caught soaring suspiciously close to Chinese territory. Two Chinese fighter jets patrolling the airspace over the South China Sea raced toward the American plane to intercept it, repeatedly passing dangerously close to its wings. The maneuvers were like warning shots meant to frighten away a trespasser, intended to intimidate the American aircraft. But a pilot in one of the two Chinese fighter jets miscalculated his tactical approach as he went in for another pass. Instead of flying in close proximity to the American aircraft yet again, the pilot collided with the American plane. In a burst of flames, the Chinese jet went down, killing the pilot inside.
The American naval plane began to spin out of control. After a heart-pounding few minutes, the crew stabilized the aircraft, but it had sustained too much damage to make it to American soil. The decision was quickly made on board: the crew would have to land the plane on Chinese soil, on the nearby island of Hainan.
As the damaged plane coasted into an emergency landing on Hainan, the crew scrambled to destroy classified intelligence onboard. Once they landed, the Chinese government seized control of the aircraft, and the 24 members of the crew. For a tense eleven days, the United States negotiated for the crew’s release as the Americans on the aircraft were interrogated by Chinese officials. The Chinese government also tore the naval airplane apart, managing to recover the bulk of the intelligence despite the crew’s efforts to destroy it before landing.
Finally, on April 12, the crew was released from China and was allowed to return to the American territory of Guam. However, tensions still ran high between the two nations. Americans were furious that the 24 crew members had been detained by China for so long — and some Americans chose to act, not with physical violence, but with online violence.
Hackers across America, fingers poised over their keyboards, decided on their own accord to assemble and to take up the fight against China through their screens. Leading this charge was the mysterious group Hackweiser. These hackers, a relatively new network on the scene, had gained notoriety in recent months for defacing websites in America. Now, they turned their online firepower against an American adversary. Only this time, their online graffiti could do much more than inconvenience Internet users — it could shatter an already fragile diplomatic thread between the United States and China.
Hackweiser was about to start an international incident.
In this episode, an all-out cyber world war, the infamous hack of the Girl Scouts’ website, and one hackers’ role in the FBI.
I’m Keith Korneluk and you’re listening to Modem Mischief.
You're listening to Modem Mischief. In this series we explore the darkest reaches of the internet. We'll take you into the minds of the world's most notorious hackers and the lives affected by them. We'll also show you places you won't find on Google and what goes on down there. This is the story of the Hackweiser.
Act 1
In March 2001, Americans were anticipating many things — springtime was approaching, summer was on the horizon, and, perhaps most exciting for some, it was Girl Scout cookie season. Across America, girls clad in Girl Scout sashes and badges were selling cookies door-to-door and enticing potential buyers with well-known Girl Scout classics, from Thin Mints to Tagalongs.
It was a fun season for the children getting a taste of entrepreneurship, and for the adults purchasing the cookies who received their own tasty treats (and subsequent weight gain). But on March 10, some hackers decided to seize hold of Girl Scout cookie season and twist it into their own form of fun. That night in the middle of the weekend, members of the Hackweiser group hacked into the Girl Scouts of America website and plastered it with Girl Scout-inspired gibberish. We demand cookies for all the hackers, they wrote across the website page. We need Samoas, Thin Mints and some Tagalongs Peanut Butter Patties! Playful banter ensued on the remainder of the page, in which Hackweiser took credit for the hack. They signed off by adding, Now we can get some girlies.
These silly, largely harmless ploys for attention were not a new modus operandi for Hackweiser, which had gained a reputation for defacing major websites and smearing web pages with its rather immature and obnoxious online personality since the group’s founding in 1999. Aside from the Girl Scouts of America, its targets included the likes of Microsoft, Sony, and Walmart. Like most hacker groups, they were driven by their desire to prove to the online world that they were capable of hacking these sites and leaving their own quasi-inappropriate calling card on the web pages.
Hackweiser wove its sense of humor into its work. Even the hacking group’s name was a joke of sorts, a play on the name of the popular (and now more controversial) beer Budweiser. Shortly after its Girl Scouts of America hack, on April 19, the group set its sights on CyberNanny, a filtering software intended to be installed on desktops to block access to websites identified as inappropriate for children. Of course, the irony of the situation was not lost on Hackweiser members. The group proceeded to plaster the CyberNanny site with vulgar language in a three-part attack, beginning with an initial vulgar defacement, followed by a defacement claiming credit by posting the Hackweiser logo on the site. By the following day, CyberNanny was still struggling with yet another vulgar piece of online vandalism. Ironically, Hackweiser had transformed the CyberNanny site into a website that the company itself would likely deem offensive and ban in its system.
Among the hackers attacking these sites was Jesse Tuttle, who had already built an impressive hacking portfolio by the time he received the invite to join Hackweiser in 2000. He started with distributing pirated software in 1994, only to descend deeper into the fray of the hacking world in the late 1990s as he began to hang out with and learn from other hackers and hacking groups. In 1999, he started defacing websites in the usual Hackweiser style to try to establish a name for himself and make more connections in the hacking world. When he was invited to join Hackweiser in 2000, he was overjoyed — he was in. In honor of the event, he christened his hacking identity with the online name “Hackah Jak.” During the next few years, he became active across multiple hacking groups, including World of Hell, which gained notoriety in 2001 after launching several high-profile attacks against major corporations. World of Hell would target weaknesses in website security and, like Hackweiser, would deface the websites and leave mischievous messages. And if you’d like to learn more about World of Hell, listen to episode fifty of Modem Mischief which we just released.
Hackah Jak had a knack for finding loopholes and flaws in systems. In typical Hackweiser fashion, Hackah Jak kept it playful, even sprinkling in some public service. He would sometimes leave notes for the systems he hacked, saying: Hey, I hacked your system. Here’s how I did it. Here’s how you should patch it. With his extensive expertise, it didn’t take long for Hackah Jak to rise to a position of prominence in Hackweiser.
But when the American spy plane incident in China occurred, the fun and games turned serious. The defacements that they had done just for kicks were now overshadowed by a new era of Hackweiser, ushered in by Tuttle. Now, they were more than just internet clowns — they were hacktivists with a political agenda in mind.
As news of the detainment of the American crew in China rippled across the online sphere, Tuttle became angry with the actions of the Chinese government. How could they detain and interrogate the crew? He reached out to Hackweiser members and fellow hacking groups, saying: We’re Americans and we’re patriots. We have to do something.
In April 2001, dozens of hacktivist groups — alongside members of Tuttle’s own group Hackweiser — answered the call. They assembled, but this time their targets weren’t set on the Girl Scouts, or CyberNanny, or a major American corporation. They swiveled their sights across the Pacific and aimed for the country that had angered Tuttle and other patriots so much.
Project China had begun.
Act 2
Though China had shown the first signs of aggression in the real world, Americans fired the first shot in the cyberwar that was just beginning to brew. Hackah Jak led the charge by launching his own damage on Chinese online systems. Staying true to Hackweiser’s tried-and-true online graffiti tactics, he hacked dozens of Chinese government sites and defaced them with anti-China rhetoric. He even pulled a few networks run by the Chinese government offline.
Hackah Jak served as the proud face of the hacktivist movement, taking on the role of spokesperson to the media for Hackweiser and other groups. When speaking to the South China Morning Post, a democratic newspaper based in Hong Kong, he sent a clear message to Chinese hacker groups across the Pacific, saying: We wanted to get their attention and we won’t stop until these groups cease to exist and we humiliate them.
As expected, Hackah Jak’s words and his defacements of major Chinese websites did not sit well with Chinese hacker groups watching their own country’s systems get ravaged by American groups. They took Hackah Jak’s words and Hackweiser’s defacements as a challenge: they were ready to retaliate.
A major cyberwar — the largest the world had ever seen — had now begun.
Throughout the month of April, American and Chinese hacker groups exchanged fire, each flexing their expertise by aiming to take down high-profile websites. American hackers managed to find their way into the website for China’s remote sensing satellite ground station and deface it with a photo of a mushroom cloud. The Project China hackers continued to leave threats and challenges for Chinese hackers, vandalizing one Chinese website with this message: Get ready to meet a strike force with strength the world has never seen before! We are going for all-out cyber warfare on your gov.cn boxes and every other box that you fucks haven't secured!
But Chinese hackers, not to be outdone, clapped back with a strong surge of hacks, vandalizing websites for the National Institute of Health, the Navy, the Department of Labor, and the California Department of Energy. They even hacked the White House historical association website and covered it with Chinese flags.
The war raged on. Just within the month of April, the American Project China hackers successfully attacked more than 100 Chinese sites and Chinese hackers had remained in stride, with the Honker Union of China — a Chinese hacking group — defacing more than 80 websites.
As May approached, the cyberwar only intensified, with Chinese hackers breaking into the United States labor and health department websites to post anti-American messages, reading: Beat down American imperialists. They also plastered eulogies and pictures of the fallen Chinese jet pilot Wang Wei across the sites.
Infuriated by these recent maneuvers, Hackweiser and fellow groups also went on the offensive, defacing hundreds more Chinese government and commercial sites and posting pornographic photos and messages supporting drug abuse on the web pages.
On April 30, Chinese hackers doubled down, announcing a week-long war on American sites. Both governments braced for impact. The FBI issued a warning about the planned Chinese cyberattack, and China issued a similar warning to look out for large cyberattacks and intensified its Internet security surveillance.
The cyberwar raged on into May, with hackers on both sides continuing to hack and deface websites.
But then, in an unexpected twist, an editorial appeared in The People’s Daily, the Chinese newspaper run by the nation’s Communist Party. Instead of supporting the actions of its own underground hacking groups, China publicly denounced the attacks on American government sites, especially the hack of the White House website. They labeled the actions of Chinese hackers as web terrorism, even calling them “unforgivable” and illegal. It was clear that both China and the United States governments were growing tired of the abrasive, obnoxious attacks constantly pummeling their systems and webpages. After the editorial was released by the Communist Party, Chinese hackers had a decision to make — was it time to give up the fight?
After more than a month of cyberwarfare across the world, the online waters finally began to quiet. Chinese hackers were heeding the warning of their government — they had pulled back. American hackers seemed to follow suit.
A year later, in 2002, sensing the risk of a resurgence in the hacking war, the Chinese government once more requested that its hackers refrain from drumming up online trouble again on the anniversary of the spy plane incident. The hackers obeyed — the online realm was quiet.
The two nations were ready to move past the spy plane incident, and now the hackers that had taken up the fight were ready, too. After all, there were other companies to troll and websites to deface.
The cyberwar was over.
For Hackah Jak and Hackweiser, the end of the cyberwar meant that they would spend their summer in 2001 on a search for their next CyberNanny defacement, or their next Girl Scouts of America hack. It was back to the status quo.
At least it was until September 11.
Act 3
On September 11, Americans across the country were glued to their television screens, watching in utter shock as the towers of the World Trade Center fell. Within a span of hours, thousands of American lives were snuffed out. It was unlike anything they had ever seen.
Most people could do nothing but watch the event unfold in horror. But for Hackah Jak and his Hackweiser group who possessed specialized computer skills, sitting on the sidelines was not an option.
We have to do something, Hackah Jak told his fellow hackers again. Still riding the rush of the cyberwar earlier that year against China, Hackweiser and other hackers launched into a new cyberwar, this time against the terrorists who had orchestrated the 9/11 attacks. Tuttle and his cyberarmy scoured the online space for Osama Bin Laden’s cyber team and aimed to infiltrate it.
In the months that followed, Hackweiser and Tuttle continued to remain active in the hacktivist realm, defacing websites that seemed anti-American and who they suspected might sympathize with terrorists. Hackweiser was in its hacktivist era, making online ripples felt across the globe. But for a group of computer geniuses bending and breaking rules and laws in the name of patriotism, the illegality was bound to catch up with them.
In 2003, Tuttle received a knock on his door in Hamilton County, Ohio. When he answered, he came face to face with local law enforcement.
Tuttle didn’t know why they were on his doorstep, but for a hacker active in the underground online community, he knew it couldn’t be a good sign. How can I help you, officers?
You’re under arrest, they told him.
When he was charged, the seriousness of Tuttle’s situation came to light. He was charged with six counts of unauthorized use of government property and ten accounts of possession of child pornography. The potential outcome was dire — he was facing up to 86 years in prison.
The 23-year-old hacker was placed under house arrest as he awaited trial. Tuttle himself was confused by the charges and as his case unfolded, he shared why in a bombshell revelation: He claimed he had been working on-and-off with the FBI since he made a name for himself in the cyberwars of 2001. Tuttle said that the FBI had sought him out in 2001 and offered him a deal: He could remove his names from some wanted lists and channel his rare computer expertise to help others.
For the next couple years, the FBI would reach out to Hackah Jak when they encountered a roadblock in an investigation that they believed only he could clear. Most recently, they had tapped him to assist in a human trafficking investigation that involved child pornography. That’s why there were pornographic images of minors on my computer, Tuttle explained to law enforcement.
But local law enforcement in Ohio weren’t buying Tuttle’s claims. To them, the story seemed far fetched. In fact, they viewed the Hackweiser leader as rather delusional. Since Tuttle was operating within the local law enforcement’s jurisdiction, any help from the FBI in escaping the charges was becoming entangled in red tape.
Still under house arrest, Tuttle braced for a long legal battle. As his fellow Hackweiser members watched the famed Hackah Jak become embroiled in a high-stakes trial, they sensed danger and disappeared into the online ether.
Hackweiser had fallen apart.
Act 4
By 2007, Tuttle was still walking around his house under electronic ankle monitoring. He had spent a long four years under house arrest as local authorities worked hard to get his charges to stick. From their perspective, he had broken the law, whether it was for the sake of FBI investigations or not.
Finally, after a long wait and many closed-door conversations between federal and local authorities, Tuttle’s claims were all confirmed — he had been an informant for the FBI and had assisted in multiple investigations. Much to the chagrin of local authorities, he walked free.
Still, years had passed since Hackweiser had disintegrated. The glory days of their hacktivism were far in the rear view. Even with Tuttle free from house arrest, his major cyberwarfare days were behind him and the group never reformed.
Still, Hackweiser and Tuttle left a legacy. They revolutionized the role of hacking on the international stage. Hackers no longer existed only to troll companies and government sites — many groups formed with new purposes in mind. The actions of Hackweiser and sister groups in 2001 during the spy plane incident — and later after the September 11 attacks — inspired a whole wave of political hacktivism at far grander and more organized scales.
As for Tuttle, he took a step back from underground hacking after his exhausting legal battle.
I told myself I was done, Tuttle said. Instead, he segued into tech consulting and software development.
For the remainder of Hackweiser, many members remain cloaked in anonymity. But it is thought that former members are still active in the online underground.
Thanks for listening to this special bonus episode of Modem Mischief. If you’re hearing this show, then that means you’re supporting us on Patreon or Apple Podcasts and we’re grateful as all hell for you. Your continued support keeps this show in production and producing these bonus episodes. Modem Mischief is brought to you by Mad Dragon Productions and is created, produced and hosted by me: Keith Korneluk. This episode is written and researched by Emily McGinn. Mixed and mastered by Greg Bernhard. The theme song “You Are Digital” is composed by Computerbandit. Sources for this episode are available on our website at modemmischief.com. And don’t forget to follow us on social media at @modemmischief. And slide into our DM’s. Thanks for listening!