An American teenager who spent weeks ripping off a Montreal porn site using stolen account numbers could serve as a warning to ISPs and university networks alike.

The 15-year-old, whose name has not been released, was finally apprehended on Valentine’s Day, Feb. 14, by campus police at Xavier University in Cincinnati, Ohio. He was caught using one of the school’s computers, in the middle of a chat session.

The youth had been visiting livecamnetwork.com, a site that offers adult chat with streaming video of models undressing, for several weeks prior, said Mark Prince. Prince owns and operates the site and the company that hosts it, 2Much Internet Services Inc. There were as many as 30 sessions before foul play was suspected.

In one chat session, the youth said that he was 15, and was promptly bounced off the site, said Prince. “”Around two to three weeks or so of just watching what he was doing, where he was connecting from, we recorded it and made notes and kept a log of the conversations.””

Further investigation revealed that the youth had been using a separate stolen chequing account number for each chat session, which he said were appropriated from a bank in Louisville, Ky. Prince traced the IP addresses the youth logged in from to Xavier University and called the campus police.

“”We needed to build up a couple of instances to realize that all of these are coming from the same area or the same range of IP addresses. That’s one of the things that our software does, but if anything this guy just showed us that we need to tighten the filter a little bit more,”” said Prince.

The engine that runs livecamnetwork.com is a piece of software of the same name and Prince has sold it to about a dozen similar sites. He has since notified those sites of his predicament, as well as Verotel, the Amsterdam-based billing company that handles user payments and charges them to a credit card or chequing account number.

Xavier University spokesperson Kelly Leon said the 15-year-old is currently being held by authorities in Hamilton County, Ohio, but wasn’t sure how the network abuse could have been prevented in the first place.

“”What do you do, you know what I mean? It’s a situation where it’s the Internet provider that needs to be alert,”” said Leon. “”There are computers in every building in every room.””

There may not be much universities can do, said the University of Waterloo‘s associate provost, information systems and technology, Jay Black. Campus computer labs require identification and passwords in order to log on, which would prevent non-students from using them, but there are no restrictions on how the terminal is used after that.

The university relies on an ethics user policy that states what is acceptable computer use and what isn’t, but “”we don’t do anything th

Share on LinkedIn Share with Google+