Star Wars: Lady Gaga, Ke$ha and the German Hacker Heist
A few young Germans have the world's biggest record companies at their knees. After hacking into the computers of famous recording artists and their managers, they have placed unreleased songs by the likes of Lady Gaga and Shakira on the Internet. Two have been caught, but the others are still at work.
It's 9 a.m. in the western German city of Wesel, where Christian M. is still in bed, dozing in his room in the basement. It's a morning like every other, when getting out of bed doesn't seem worth the effort. There isn't anyone waiting for him in the outside world, where no one is interested in a young man who dropped out of vocational school and, at 22, is now unemployed and spends hours in front of his computer.
Except Lady Gaga, Mariah Carey and Leona Lewis, that is. It's August 26, 2010, in a residential area of red-brick duplexes in this city on the lower Rhine River, when the basement door opens and in bursts Lady Gaga, together with Mariah Carey and Leona Lewis. Actually, it's the police who are now standing in front of his bed, after Christian's sister let them into the house. Christian blinks as an officer shines a flashlight into his face. Then a male voice says: "You know why we're here."
Christian probably has a pretty good idea. Lady Gaga, Mariah Carey, Leona Lewis and a few other superstars have been hunting him down, along with their record companies, Universal and Sony, the American Federal Bureau of Investigation and its German counterpart, the Federal Office of Criminal Investigation (BKA). And now they've found him, a boy who looks closer to 17 than 22, who doesn't say more than a few sentences at a time and squints when he takes off his glasses.
The male voice belongs to a detective with the police criminal investigation division in nearby Duisburg. It doesn't take him long to secure a confession from Christian. Denying the charges wouldn't do him any good, anyway. The evidence is sitting on his desk: his mobile hard drive, which he usually hides in another room in the basement at night.
When they examine the drive, the police find a few thousand songs that Christian and other hackers have stolen from the computers of singers and music producers. They aren't just any old tracks, but a treasure trove for the music industry: songs that aren't even on the market yet.
Seven weeks earlier, the police had searched another room in Duisburg, the operations center of Deniz A., 17, who goes by the hacker name "DJ Stolen." Together, the two young men had been selling unreleased songs to buyers in Mexico and the United Arab Emirates.
'Shouts' and Possible Blackmail
There is even more at stake with Deniz, whose hard drive contains chat protocols that could be interpreted to suggest that he may have blackmailed international stars. Fearing that DJ Stolen could place their songs on the Internet, thereby destroying the marketing campaigns for their next hits, they would send Deniz a "shout," a few spoken sentences that make it sound as if they, the stars and the hacker, were buddies. A shout is the most valuable trophy after a successful attack, allowing someone like Deniz to show that he has the toughest gangsta rappers and the biggest soul divas in the palm of his hand.
Can this be true? Are the coolest glitz-and-glamour stars in an industry worth billions afraid of two young men in Germany, one in a basement in Wesel and the other in a teenager's room in Duisburg? The case, which is being investigated by the public prosecutor's office in Duisburg, leads into an unknown world created in only the last three years, a world with its own rules and a "modus operandi that is still largely unknown," according to a German police report.
Christian estimates that at least 100 young hackers in Germany are competing with each other to see who can crack the computers of the most famous pop stars, along with those of their managers, record companies, relatives and friends. Their goal is to place songs that no fans have heard yet online for other hackers. The bigger the star, the greater the hacker's fame and, of course, the greater the value of the songs. At least some of these Internet pirates, like Christian and Deniz, are believed to be selling the stolen songs.
Universal and Sony are so nervous that Rasch, their Hamburg law firm, isn't even willing to say whether it is connected with the case. The concern is that this could turn into a mass phenomenon, making the damage worse and worse.
American singer Usher, for example, reportedly discarded a fully produced album in 2009 because the songs were already circulating on the Internet. But even after the raids on Christian and Deniz, the hackers continue to hunt for fresh songs. Although United States authorities recently shut down their most important venue, the website rmx4u.com, a new one has already taken its place. The name is similar, except that this time the server is located in Tonga in the South Pacific.
An Unassuming Teenager
Christian, who is short and thin, is sitting in his parents' living room. He doesn't like to talk -- and, in fact, would prefer not to say anything at all. One could easily overlook him. Apart from his frayed jeans and black Adidas tracksuit top, there isn't anything remarkable about this young man. There is no car or motorcycle in front of the house. He doesn't even have a license to drive a moped. Instead, he has spent some of the money he made with stolen songs to buy new glasses for 150, a laminate floor for his room and a Playstation -- nothing extravagant.
"But all of this has nothing to do with hacking," he says. The investigators disagree. Someone who is unsuccessful in life and is unpopular as a result can find something on the computer that he has never had before: recognition.
- Part 1: Lady Gaga, Ke$ha and the German Hacker Heist
- Part 2: 'I'm Addicted to Music'
- Part 3: Personal Greetings from Stars Were as Important as Money
© SPIEGEL ONLINE 2011
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH