Los Angeles, California—May 2018
When Pia Zimmerman retained Paladin LLC, she turned over her computers, peripherals, and passwords, as Dunne had requested. She gave him a key to her house and an access card to enter the offices of Padaro Pictures. Dunne rented a cheap hotel room in Carpenteria, a few miles south of Zimmerman’s grand, besieged home, where he began doing his initial forensic work. A few days later, he moved to West Hollywood, near the Padaro lot, where he began working on the servers and access points for the studio’s accounts.
The hardest part was asking Zimmerman to show him which were the real sex pictures and which were the fakes. Her boyfriend had been in the habit of shooting videos of them having sex, so there was a trove of personal pornography that displayed every inch of this prominent producer’s anatomy. She sat stoically as they searched the hacked archive for the fakes.
“This one,” she said, pointing a thin, rigid finger at an image that showed her astride one of Hollywood’s most famous actors. “And that one,” she said with a shudder, pointing toward an image of fellatio. “And that one, too.”
As they surveyed the fake images, Dunne was astonished by the clarity and detail. Somehow, a computer had created an image in which Zimmerman’s face had been grafted to the lips and mouth of another woman. The famous faces had been melded with the bodies so artfully and seamlessly that they appeared to be entirely real.
“I’m so sorry,” Dunne said.
Zimmerman was quivering. She put her hand over her face to hide her embarrassment.
“I’ve seen something like this before,” ventured Dunne. “Not this good.
But this same idea.”
“When and where?” she asked.
“I can’t talk about it,” he said. “But we’ll get these people.”
* * *
The job took just over two weeks. Dunne got lucky. He also had some technical assistance from a computer security company in Laguna Beach. The founder was a former colleague from the agency who owed Dunne a favor from long ago. He helped Dunne set up a command post in his hotel suite near the Padaro headquarters.
Dunne reconstructed the cyber assault step by step. The attacker had stealthily gathered his hacked information and then chosen a grand cover name, “Partisans of Freedom,” to shield himself. The fictitious organization sent messages to Zimmerman and other Padaro employees, demanding a billion dollars as the price for not releasing intimate personal and corporate files of the company and its executives. The absurd size of the ransom made clear this wasn’t a commercial hack, but something else.
Padaro had immediately called the FBI and hired a fancy cybersecurity firm, but by then it was too late. The attacker had been exfiltrating data for weeks and began messaging it to entertainment industry websites, directing the curious to torrent files that were cached online. The files’ names were too tantalizing to resist: “Sex Tapes,” “Zimmerman Feuds,” “Nude Movie Pix,” “Hollywood Whore,” “Hooker of the Rich and Famous.” Someone with system access had combed through Zimmerman’s personal and corporate files and vacuumed up the most damaging information.
From the day he arrived in Santa Barbara, Dunne had suspected this was an inside job, and now he assembled the evidence that confirmed it.
His team found the malware quickly, with a standard hashing algorithm.
The tool had the same signature as a file-extraction program that had been used in a half dozen other hacks. The raider had obtained system-administrator privileges by targeting a phishing scam on a careless member of the Padaro IT department. Then the hacker went to work, using his stolen root access to get into Zimmerman’s personal files and pick and choose the most damaging material.
* * *
Dunne’s luck was that the attacker had beaconed back to a command server that could itself be hacked. A scan of the server’s ports revealed an unpatched vulnerability, which Dunne used to invade the server. He found that one of the emails sent to the entertainment industry media disclosing the hack could be linked to an alias account used by a former producer at Padaro named Anwar Malek, who had been fired two years before.
Malek, the disgruntled employee, was born in Saudi Arabia, the son of a wealthy businessman who had helped finance Padaro’s films years before. The son had gotten his first job at Padaro as a favor to the father. He had money and connections, but not enough talent. He was convinced that Jewish executives at Padaro and other studios were conspiring against him because he was a Muslim Arab.
Malek had filed a nuisance lawsuit the previous year claiming that Zimmerman had retaliated against him because he refused to have sex with her. The lawsuit was quickly dismissed, and everyone forgot about the case, except Malek.
The angry anti-Semitic messages were like watermarks. On Malek’s computer, Dunne found reams of propaganda attacking Israel and Jews. Malek was a special devotee of an Israeli-Arab poet whose verses were included in mes- sages Malek sent to his Arab friends: “The Creator sentenced you to be loser monkeys, / Victory belongs to Muslims, from the Nile to the Euphrates.”
Dunne had promised Zimmerman that he would destroy the attacker’s ability ever to harm her again. And after dismissing his helpers from Laguna Beach, he set about doing so. Hiding his tracks through proxy servers, Dunne inserted his own malware into Malek’s computer accounts and froze them so
that they couldn’t be used to send or receive messages. He didn’t wipe the data; he wanted it preserved, in case Zimmerman decided later that she wanted to prosecute.
From behind an impenetrable wall, Dunne sent Malek a final message before he froze the system, written in hacker jargon:
Hi Anwar. You have been pwned. If you ever touch PZ again, your system will be Eternal Blue. It was signed, Partisans of Internet Security and Safety Offensive Forensic Force, with a glowing acronym.
* * *
The fake photographs were a harder problem. They were masterful. They were like the false images Dunne had come across during his ill-fated pursuit of the Quark Team and Fallen Empire. But this version was two years better. It wasn’t a head spliced onto a body, but a new image that was seamless.
Dunne took extra time on the fakes, even after he had neutralized Malek. He analyzed the images digitally over and over, deconstructing the electronic signature and the technique. The imperfections were subtle, but they could be found with the right tools. Dunne recognized the technology too well. How had Anwar Malek obtained access to it?
Dunne and his helpers posted some questions on cybersecurity forums, and they tested pieces of code against tools that had been used in other hacks. They got a break after several days of quiet exchanges with master computer sleuths, including Vijay Prakash and Rick Bogdanovich. It emerged that some of the code was part of a hacking suite called Bariq that was sold by a firm in the United Arab Emirates, through a partner firm in Saudi Arabia. Bariq meant “lightning” in Arabic.
Dunne dug a little further. A thread on a hacking forum said that Bariq’s suite of tools had been adapted from an Italian hacking group that had mastered deepfakes and then disappeared. The Italian software engineers, whoever they were, were the common ancestor of a dozen hacking packages that were being sold around the world by different vendors. Cyber consultants were so busy monitoring the outcroppings that nobody had bothered to go back and look for the original seed.
The Italian software engineers had insisted on encrypted messages, so it was hard to follow their tracks. The only readable message Dunne could find was in the very beginning: Anwar, contact me on Viber. Ciao. Lorenzo.
Dunne had planned to leave Anwar Malek alone and let Pia Zimmerman decide what she wanted to do. But as he gathered the forensic details, he wanted to meet Malek. Ask him where he made his contacts. Look him in the eye. He had been taught in the agency, years before, that asking a person stressful ques- tions and then gauging his reactions was nearly as reliable as hooking him up to a polygraph.
Malek lived in Studio City in a small detached house. Dunne pressed the buzzer, but there was no answer. A week’s mail was stuffed inside the screen door. Malek had evidently been away for a while. Dunne rang the doorbell at the next house down the block; an old man answered the door; he was unshaven in the late afternoon. Dunne said he had a message for Anwar Malek next door. “He’s gone, nearly a week. He’s sick. An ambulance came. They took him out on a stretcher.”
“Shit,” muttered Dunne.
“Say what?” asked the man, offended that someone would ring his bell and then utter a curse.
“Nothing,” said Dunne. “Nothing at all. Sorry to bother you.” He wrapped his coat tight around his shoulders and pulled a cap over his red hair, so that it would be harder to identify him if he was photographed as he walked away.
* * *
Dunne returned to Montecito with a folder and a disk drive for Pia Zimmer- man that contained all the information her lawyers would need if they wanted to pursue the matter in court. He explained that he had done what he prom- ised. He had identified her tormentor and destroyed his ability ever to hurt her again. She had closure.
When he gave her the packet, she looked bewildered at first, and then she began to cry. That’s the strange thing about revenge. Once people have cornered their enemies and gained the opportunity to take an eye for the one that was lost, they aren’t sure what to do. She didn’t want to take the packet, at first, so Dunne left it resting on the table.
“The name of your attacker was Anwar Malek,” Dunne said quietly. “He used to work for you. He was an angry, sick man. He had help from others. But he won’t bother you anymore. It’s over.”
Zimmerman tearfully said she would wire the $150,000 that afternoon, and tried to offer a bonus, which Dunne refused. His only request was that he be able to keep his own copy of the forensic materials he had compiled, for use in future cases.
“There’s one more thing I should tell you about Anwar Malek,” said Dunne. “He’s disappeared. I don’t think he’ll be back.”
* * *
As Dunne left her beautiful mansion in Montecito and headed south on the 101, he thought once more, as he had over the last several days, about the anomalies he had discovered in the Partisans of Freedom operation.
Malek had used a particular piece of malware hidden in a graphics driver. Dunne had seen that code before. And the attacker’s messages had been masked by proxy servers from three disparate sites: a Polish import-export company; a university in Thailand; and a virtual private network exit point in Italy. All three were familiar IP addresses. And then there were the masterful fakes, and the anti-Semitic screeds.
Anwar Malek had accessed a market, operated by far cleverer people than he, where he purchased his tools of character assassination. On Dunne’s first case, he had encountered traces of a network whose provenance he thought he knew. These were devils for hire. Dunne could see their shadows, but not yet their faces. He thought he knew, but that wasn’t the same as knowing.
In this flush of his first success as a private businessman, Dunne had a powerful urge to contact his ex-wife, Alicia. Maybe she would be proud of him for protecting this woman, he imagined for a moment, but the thought darkened.
__________________________________
