Ligatt Security, the Atlanta-based firm headed by Gregory Evans, the world’s self-proclaimed number one hacker, has responded to a local news report that pokes holes in Evans’ reputation. They accused the CBS affiliate and their reporter of working for the competition and taking part in an /i/nsurgency raid against the company.
The Tech Herald has been following and reporting on the Ligatt saga since last summer. On Valentine’s Day, CBS 46 Atlanta News ran a segment at 11:00 p.m. that questioned Ligatt Security’s CEO’s credentials, motives, and past as a convicted felon.
The CBS Atlanta story starts by talking about Evans’ past, including conviction for wire fraud and an unpaid $9 million dollar judgment, and moved on to rehash his plagiarism issues.
Evans is accused, with proof, that he plagiarized his book, “How To Become The World’s No. 1 Hacker”. Part of the CBS Atlanta report featured Ben Rothke, the security expert who first reported on the stolen materials. For his part, Evans claims he used that material for the book legally and sued those who claimed he stole it. The courts dismissed the case.
Another person consulted by CBS Atlanta was Chris John Riley, the security expert who was threatened by Evans, or someone on his staff, for his reporting on the plagiarism. The threats against Riley were proven by IP evidence, based on email headers and logging. To date, Evans denies any role.
In his interview with CBS Atlanta, Riley made a comment that is at the heart of the InfoSec community’s beef with Ligatt. “I’m worried that people are using [Ligatt’s] service, believing they are secure,” Riley remarked.
To say that the CBS Atlanta report made Ligatt and their CEO look bad is an understatement. So on February 15, when Ligatt posted a response on their website, the notion that they want to shoot the messenger is understandable. They called the CBS report false, later adding that it was vindictive and single sided.
The letter posted to Ligatt’s website claims to be the unedited version of the one CBS Atlanta posted [PDF]. Clearly this isn’t the case, aside from the inclusion of racial remarks redacted by CBS. Yet, the grammatical errors (no vs. know, etc.) and tone of the two letters prove they are Ligatt’s work.
“Unbeknownst to CBS Atlanta 46, Mr. Evans has faced many challenges over the past year, mostly because he is an African American male dominating a predominantly Caucasian industry,” Ligatt’s letter, explains.
The letter goes on to say that Evans was singled out in an “article” written in 2009 called “Operation: NiggerMatrix”. In the “article”, Evans is mentioned by name and racial slur more than three dozen times. The problem is that the article referenced is a Wiki, meaning anyone can alter it and add to it, and that it was a planned raid by /i/nsurgency.
/i/nsurgency is where groups or people are targeted for raids. When raided, several things can happen, but the common action is trolling, or cyber harassment. Those who take part in the raids, more often than not, do so for their own amusement. Before the raid plans were deleted, network scans, email addresses and other information about Ligatt and Evans were posted. Cache copies of the Wiki are here and here.
This isn’t the first time that Ligatt has pulled the race card while defending themselves against criticisms. It’s a go-to response if their past has anything to say about it. Still, several in the InfoSec community point out the irony, considering that Ligatt uses race as both a shield and selling point.
Ligatt’s letter continues by insinuating that the CBS Atlanta reporter who worked on the story, “is working with our competition and is out to destroy the reputation of Mr. Evans, the same plan “Operation Nigger Matrix” sought out to do”.
“As a respected news station in Atlanta, GA, it is astonishing to us how your reporter did not validate their sources before running a story on Mr. Evans. Mr. Evans has secured radio and television interviews tomorrow with your competitors to clear up these ridiculous allegations. This letter is going to other news stations so they will be able to see how bias [sic] this news story is,” Ligatt’s statement added.
In addition, Ligatt’s letter referenced another recent event, which CBS reported on. Recently, Ligatt Security suffered an internal leak, resulting in company communications being released to the Internet.
In their letter to CBS Atlanta, Ligatt says that:
“The most important thing is an email we recovered and turned over to the FBI stated, ‘One reason why we hacked him was because the guy at CBS news needed more.’ We turned this email over to the FBI.”
This is a heavy accusal for a news station. CBS Atlanta has not commented on it, and we’ve asked Ligatt for copies of the email in question, including full headers. In addition, we’ve asked Ligatt for any additional comments, and links to the interviews given by Evans to respond to the CBS Atlanta report. If they respond, we will update this story.
The CBS Atlanta video is included with their story. You can view the segment here. The report also makes mention of the DC3 conference, and Ligatt addressed that with a copy of a letter written by a law firm that no longer represents them. The poster referenced in the letter is below.