European security analyst Chris John Riley is a well known and legitimate security professional who co-hosts the Eurotrash Security Podcast and writes on the Catch22 Insecurity blog. Gregory Evans is a convicted felon (federal conspiracy and wire fraud against AT&T and MCI for stealing 125 toll free telephone lines) who paid $9 million in restitution, was sentenced to 24 months in federal prison, and runs a dubious company that makes great commercials but also claims a client list they don’t actually have, plagiarizes to write books, and performs press release ping pong with a penny stock. So how did one of these men come to threaten the lives of the other and his family?
The Buildup, The Book
Book/plagiarism.
As mentioned, Riley is part of the Eurotrash Security Podcast, and as with many podcasts, interviews of information security professionals and personalities come with the territory. In that role, Riley sought to have Evans do an interview on the most recent charges that his book How To Become The Worlds No. 1 Hacker is largely a work of plagiarism.
So Riley called the LIGATT office in Atlanta, was eventually put through to Evans, and after discussing some preliminaries on the book agreed to an interview the following evening. Riley provided his blog URL and LIGATT’s secretary provided Evan’s Skype ID (ligattsecurity) for the interview.
15 Minutes Later…
Within fifteen minutes of the phone call, the following comment was submitted to the book review section of Riley’s blog:
Comment received 15 minutes after phone call.
So what would cause the CEO of a publicly traded company to fly off the handle in such an unreasonable way? The answer may be a case of mistaken identity. The 20Plus reference in the beginning of Evan’s written rant makes no sense when applied to Chris John Riley. But there is a user on the forums of advfn.com, an investment web site, with that handle. And this is a user who continually expresses dissatisfaction with the LIGATT stock (LGTT) and the management of the company.
Maybe Its Not Evans
We can allow for that possibility, but a preponderance of evidence shows otherwise. The whois for the IP address shows BellSouth, Atlanta GA, right where the LIGATT offices are. That combined with the specific references to the phone call and references to an Evan’s nemesis on investment boards of ADVFN suggest this was in fact Evans.
IP points to Atlanta, GA
Put up the money and challenge me!
One of the lines in the comment references Mr. Evans’ repeated call to “challenge him” to some manner of hacker competition.
LIGATT, ostensibly Evans, challenges the hackers of the world.
A credible response to this challenge was made by Chris Nickerson, formerly of Tiger Team fame (a TruTV show demonstrating actual social engineering and hacking).
Nickerson's unambiguous response.
Thus far Evans continues to repeat the original challenge, while refusing to acknowledge that Mr. Nickerson has already accepted it.
Finally
This nonsense with Evans and this company has been far too much for far too long. It is a free country, and people can form firms and make a living, even reformed criminals. But the evidence suggests, as it has for a while, to steer clear of Ligatt and its volatile CEO. Far too many, especially in the media (Fox News, CNN, The History Channel), have been taken in by the wild claims of this outfit.
Update
The Student Hacker IT cast has posted their LIGATT Interview, which is fairly instructive of the issues discussed.
Related Posts:
- Asian Men Prefer LIGATT
- NationalCyberSecurity.com has all “Original Content”
- LIGATT’s Evans Strikes Back
- A Loss of SecurityFocus
[...] Evans starts by going after security professionals Ben Rothke, who performed a careful analysis of the plagiarized material in “How to Become the World’s Number 1 Hacker”, and Chris Riley who played a part in a fairly respectful interview of Evans on a podcast released yesterday, and whom Evans threatened harm to for some reason, potentially identity confusion. [...]
The $5,000,000 (five million) dollar lawsuits were filed in Gwinnett County Georgia. It consists of a number of charges including stock manipulation and slander. The offenders have already been reported to the Security Examiners Commission, also known as the SEC. Some people might want to control their tongue.
As far as I know Securities and Exchange Commission don’t have the power to override the 1st amendment, so tongues can remain uncontrolled. The lawsuit is way in excess of the company’s value, good luck suing John Doe.
[...] much as he plagiarised most of it (see here for more data on that). Greg may also have threatened Chris John Riley (an awesome guy and good company at HAR btw). Like I say, Greg is a douche. Matthew Hughes at [...]
This is bias. You know Chris so that mean Greg is a douche? Do you know him? I don’t know all three sides to this story so I don’t feel like this is fair. I just see Chris John Riley friends making his blogs and stories interesting Mr. Hughes. But with the media I guess controversy sells.
We’re hardly the media, just another infosec blog. Yeah, we’re a little bias, but that bias is against nonsense. We can assure you though that we are not in league with Mr. Riley (there goes the conspiracy theory).
The two sides to the story are: a bizarre comment on a blog and Mr. Riley’s response.
Mr. Hughes?
Mr Shoes?
He must think you wrote this Matthew.
Actually Matthew didn’t make that comment – I did. I do know Chris (I met him at a con, unlike Greg who I’ve never seen anywhere but on the Internet proclaiming his l33tness; I guess because I don’t go to the same places as Greg’s “celebrity friends”). As stipulated I don’t know if Greg made threats against an infosec professional, but what I do know is that his constant braggadacio is annoying, and the attempts at influencing opinion are only being done to impact upon what I can only assume is a pump and dump scam. LIGATT seem to be everything that is wrong with the industry (sound and fury signifying naught). As to Greg being a douche, I’ll stand by that opinion until proved otherwise (and hey, shouting foul everytime someone disagrees with you is really not going to disavow me of that opinion).
I’m not shouting foul. lol… I’m actually just a passing by pedestrian that noticed all this stuff recently. And coming from an unbias view just giving my thoughts and opinion. That’s what this is for right?
CJ… That’s fine. I fully admit to being bias. I know Chris (not well as we have met once) and I think Greg and LIGATT are pretty much everything that is wrong with the industry (e.g. placing greater emphasis on company valuation than on technical research, hyper-inflating claims, duping the mass meja, constant self publicity, etc.) You are of course welcome to your opinion (whereby the world is ganging on on poor Greg for no reason) I am entitled to mine (that Greg is a douche). Just ensure that you are actually accusing the right people (as far as I know Matthew has never been anything other than polite and impartial with Greg). And on that note I’m off to eat ice cream as I’m officially bored and refuse to provide LIGATT with any more free publicity. BTW, Prefect, my apologies for filling up your comments section with this incredibly redundant crap.
That is what this is for Mr. Riley, yes.
You’ll excuse me if I think it is strange that you are submitting comments under the name of one of the protagonists of the story from an IP owned by BellSouth.net, the same ISP of the comments submitted to Mr. Riley’s blog with the same location of Norcross Georgia.
What else is in Norcross? Ligatt Security LLC 6991 Peachtree Industrial Boulevard, Norcross, GA 30092-4357
That’s an unusual amount of coincidences. Do you have any insight into this?
Some of you answered you have said it yourself, If Greg is so busy how in the world would he have time to make threats?
I said Hughes because that’s who comment I was replying to. And surely he is friends with Chris John Riley, “he is an awesome guy”, you don’t make comments like that about someone you don’t know right? And 3 sides, not 2, Greg side, Chris side, and then there is the truth.
CJ, are you high? I ask, because I wrote that Chris is an awesome guy here (http://lowfisecurity.com/) which is weirdly my blog and absolutely nothing to do with Matthew Hughes. You’re right though, there are three sides to every story, two of which exist, and one you can only see when suitably stoned… Cheers PS: I still maintain that LIGATT is a scam, and that’s pretty much all I have to say on the matter, as it is now getting beyond dull
well whoever I replied to the first message too. I just seen Matthew Hughes @…so I assumed it was Mr. Hughes. Sorry Mr. Hughes. And you are entitled to your opinion as well as I am.
CJ, you say that your last name is Riley. Now, I know Mr. Chris John Riley personally.
If you are Chris John Riley, I’m sure you wouldn’t mind telling me which cell phones you own. And trust me, my memory is rather clear in that respect.
You seem to know alot about Chris John Riley. I don’t know why you keep asking him bout me though. But why are you worried about me? I prefer to stick on topic if you don’t mind.
Wow! what is all this mess really about. There is much more to this mess than meets the eye.Really, how many of you are actually exposing this information for a living? Let’s just be nice and not judge what others have or have not done. The truth seems to always come out through the cracks sooner or later. Why so much energy on Gregory Evans or Chris. I think he’s paid his dues. What is really going on?
I’m not sold. The case presented here has some light circumstantial evidence, but ultimately the only thing they’re able to prove is that someone in Atlanta made the comment. There are millions of people living in Atlanta and working in Bellsouth – the former building there was HUGE before it was taken over by AT&T.
I’ve been the victim of someone using mechanical voice distorters and calling my phone claiming to be different people – for no reason other than to punk me. I used to run a professional blog and we got 1-17 spam comments a day. The idea of someone posting threats or spam online through some new tech is not crazy.
Rather weak case, if you ask me.
You’re right, an intelligent person who wanted to post fake comments to a blog as different people would use different IP addresses and would never make it so obvious as to post comments with an IP located in the same small area in Georgia as the company headquarters he is writing from, the company featured in the blog post.
Mechanical voice distorters? You should start using SPOOFEM to prevent people from knowing your actual phone number perhaps.
Mr. Evans, or his representative, (aka CJ Riley, aka Rico Daniels, aka dom_filmingo), we can see your IP address, your location, notice the patterns in your comments, and know what you’re doing.
If you want to comment on these blog entries, use your own name, and stop posting comments as multiple different fictitious people.
You never answered my question – what proof is there that Evans was the one who made the comments? As I said, the only proof is that it came from a computer in Atlanta. Since Atlanta has 3 million people that isn’t really controversial. The fact that it came from a building means little.
And yes, I actually was a victim of voice distorters. I used to work for a cell phone company and one of my co-workers decided to prank me. He called posing as several different people.
I can’t attest to SPOOFEM because I personally have never used it.
Comment: I agree, with what you said about proof of that accusation against Evans. People really need to research before speaking and tearing another person down. A mind is a terrible thing to waste.
Hi again Joshua… always good to see stock accounts being used to fake actual support for Evans/LIGATT. Keep up the sterling work on distracting people. I’m sure it will help in the long-run ;)
For additional information and evidence connecting the threats directly to Evans, feel free to checkout :
http://www.thetechherald.com/article.php/201028/5873/New-details-offer-link-to-security-firm-and-threats-against-researcher
or
http://attrition.org/errata/charlatan/gregory_evans/evans17.html
or you can call the local FBI offices and ask them about the connection. I’m sure they can also confirm that they’ve met with Evans to discuss the claims.
Have a great day, and don’t be a stranger… your comments make my day feel special after all!
Gregory Evans and LIGATT SECURITY INTERNATIONAL has an awesome website full of cyber security information. Apparently the haters have not stopped him
Yeah, and I have learned a great deal already. This guy is really going straight to the top. They can’t keep him down…Go Ahead Mr Evans!!!
Greg Evans has a shit website filled with third-rate security tools and regurgitated information.
Haters can no more stop Greg from being a douche than we can stop that strange homeless guy from arguing with pigeons in the park.
Greg, like his stock price is headed down. The only ups Ligatt will see follow reverse splits.
Greg Evans you will FAIL, but sadly not before you damage the credibility of this industry with your showboating.
tl;dr Go write cheques Mr Evans.