"Word of mouth leads to a lot of arrests," says Clifford Neuman, director of the USC Center for Computer Systems Security. "Hackers often brag to others on message boards and social [media] services, so detectives look for indications like online postings and then start tracing forward from that activity."
In Arciszewski's case, the feds tracked down the IP address used in the attack and connected it to that troublesome tweet. According to Ryan J. Reilly at TPM Idea Lab, the FBI went from Arciszewski's Twitter account to his personal website. Before long, they found his real name, matched up some photos, and showed up at his UCF dorm room with a warrant for his arrest.
On the plus side, that may have been the most action Arciszewski's dorm saw all semester.
Stupid hacker trick No. 2: Risqué Miley Cyrus pics arouse suspicion
The suspect: Josh Holly
The crime: Hacking celebrities' Internet accounts as part of a spam and credit card-stealing caper
Dossier: It's no party in the U.S.A. these days for Josh Holly, the 21-year-old accused of hacking Miley Cyrus's Gmail account and posting provocative pics of her online. Holly is currently facing criminal charges -- though, in a surprising twist, not for the semi-indecent exposure of the then-15-year-old star.
Holly's trouble actually revolves around a series of spam-based credit card thefts. In August, he pleaded guilty to felony charges stemming from the possession of about 200 compromised credit card numbers. According to the FBI, Holly hacked into numerous celebrities' MySpace accounts, then used their accounts to spam the masses, reaching legions of responsive followers and bringing in more than $100,000 in shadily obtained revenue.
So where does the lovely Ms. Cyrus factor into the equation? Holly famously bragged about breaking into Miley's email and stealing her risqué photos (which, of course, were plastered all over the Web in no time). Holly told Wired the whole thing started when he broke into a MySpace admin panel and found a plain-text list of passwords. He tried Miley's MySpace password on a Gmail account she was known to use, according to the interview -- and sure enough, it worked.
The bust: Though Holly was never charged specifically for the Miley incident, that high-profile hack appears to have played an integral role in his arrest. The FBI followed his boastful bread crumbs and raided his Tennessee home. They seized his computer and found all the evidence they needed inside.
Holly seemed to spot his slip-ups pretty quickly -- after the fact, at least. In an interview conducted with Wired shortly after his arrest, Holly is quoted as saying, "There's no way I can get out of this. ... I was an idiot and I didn't delete any of my [hard drive data]. I never thought they would raid me. They're going to get full proof [sic] evidence of everything that I've said I've done."
Of course, the massive amounts of money moving through various accounts probably didn't help, either. Where there's money, after all, there's almost always a trail.
"Whenever there is required collusion -- the exchange of a hack or credit card number or anything like that -- that creates a point of vulnerability where information can be exposed," USC's Neuman explains.
Holly could face up to 10 years in prison and a $250,000 fine.