William Genovese
William Genovese is a former greyhat hacker turned security professional, who goes by the alias illwill.
History
In the early 2000s, Genovese was a former figure in a loose-knit group of computer hackers who called themselves illmob. illmob.org, that was a security community website ran by Genovese, which, at the time, had many high-profile incidents related to it. Genovese now works as a private security consultant involved in the computer security industry, doing penetration testing, phishing, OSINT threat intel, mitigation. He is also a contributor to the Metasploit project.
Website controversy
In 2003, Genovese's website was the first to release 0day code that exploited the MS03-026 Windows RPC vulnerability, which was later used by unknown hackers to create variants of the W32/Blaster Worm.[1] In response, Genovese released a tool he coded to remove the worm from infected Windows PC's.[2]
In 2004[3] federal authorities charged Genovese with Theft of a Trade Secret (US Code Title 18, section 1832), for selling the incomplete WindowsNT/2000 Microsoft source code to Microsoft investigators and federal agents, even though the code sold was already widely distributed on the Internet prior to his sale.[4] Authorities used an obscure law enacted under the Economic Espionage Act of 1996, which had been traditionally adjudicated through private civil litigation.
In 2005, the illmob.org site had posted leaked images and phone book from Paris Hilton's[5] T-Mobile Sidekick phone that were obtained from a fellow hacker.[6][7] Reportedly, the data was obtained by social engineering and exploiting a vulnerability in a BEA WebLogic Server database function that allowed an attacker to remotely read or replace any file on a system by feeding it a specially-crafted web request. BEA produced a patch for the bug in March 2003 which T-Mobile failed to apply. The website was also mentioned in news articles, in connection with Fred Durst's[8] sex tape leak which was stolen from his personal email account.
Hackerspace
From 2010 until his resignation in 2016, Genovese co-founded, and was a board member of a 501(3)(c) non-profit Hackerspace in Connecticut called NESIT, which he helped the local community by offering free classes on various network security topics, personal internet safety, reverse engineering, embedded electronic projects, 3-D Printing, and design. He helped build a virtualized pen-testing lab with a large server farm donation from a pharmaceutical company, where users can simulate attacking and penetrating machines in a safe lab environment.
Consulting
Since 2008, Genovese has reinvented himself as a security consultant, public speaker, and teacher. He does security consulting and performs penetration testing services for worldwide companies . He was also a co-founder and speaker at security conferences eXcon and BSides Connecticut (BSidesCT) in 2011, 2014, 2016, 2017, and 2018. In 2015 he was a panelist at DEF_CON 23 in Las Vegas for a charity fundraiser to help a fellow hacker who was stricken with terminal cancer.
References
- Malware FAQ: What is W32/Blaster worm? | SANS
- Windows Dcom Worm Killer | Full-Disclosure Mail List
- Defendant: Microsoft source code sale was a setup | The Register
- Statement from Microsoft Regarding Illegal Posting of Windows2000 Source Code
- Paris Hilton's Sidekick hacked | The Register
- They'll Always Have Paris | Washington Post
- Hacker penetrates T-Mobile systems
- https://web.archive.org/web/20100330172930/http://www.blender.com/guide/68174/who-does-fred-durst-think-he-is.html