Guilty pleas for hacking & ID theft trio powered by First Hill man’s wardriving Mercedes

The case against three men accused in a scheme powered by a First Hill man’s high-tech “wardriving” machine has come to a close with all three pleading guilty.

John Griffin was indicted in the wardriving hacking and fraud case last September and pleaded guilty in November. The legal process for the other men in the case, Josh Witt and Brad Lowe, played out over recent months with Witt finally pleading guilty earlier this week. The Seattle PI has an extensive report on the case against the three men and pictures of one of the vehicles seized by federal investigators. All three are yet to be sentenced. The PI reports the men face between six and eight years in prison.


Authorities first came into possession of Griffin’s wardriving-mobile in October 2010 after the 8th Ave resident was arrested for using stolen gift cards at 12th Ave’s The Local Vine.

According to the police report on the incident, police discovered that gift cards stolen in a Bellevue burglary had been used at the Capitol Hill wine bar. An investigator following the wardriving and burglary ring arranged to be contacted by East Precinct if stolen cards were used again. Just two weeks later on a Thursday night, the flag went off. Griffin had returned to The Local Vine with stolen cards in tow. Parked nearby, the investigator found the black 1988 Mercedes Benz and had it impounded. Visible inside the car: a laptop, an antenna, binoculars, a box of memory cards, and a copy of “Real Time Pricing” software. Here is the report’s description of wardriving:

Federal investigators say the trio stole personal information an infiltrated networks at businesses around Seattle and the Eastside eventually turning to more straightforward burglary and break-ins to acquire computer hardware from which network or personal information could be extracted. The stolen information could then be sold to identity thieves who open credit card accounts and cash in on the crime.

For his part in the scheme, the 36-year-old Griffin pleaded guilty to a list of hacking charges and aggravated identity theft.

9 thoughts on “Guilty pleas for hacking & ID theft trio powered by First Hill man’s wardriving Mercedes

  1. You know who else commonly engages in the activity in an activity called “wardriving”? Google. And everyone who uses a mobile phone that’s helping Google or Apple map out wi-fi networks.

    I plan to take a train to southern California for my friends’ wedding in a couple months. I hope to do some “wardriving” in the train on the way down, with use of a locomotive as transportation, a laptop to run software capable of identifying characteristics of deteceted wireless networks, a wireless antenna built into said laptop for receipt/transfer of wireless RF signals, a data storage device for capturing data from my wardriving activity, a power source for the laptop, and a couple “mobile hotspots” so I can extend my “wardriving” beyond wi-fi into the nefarious range of “3G Internet access”. I hope to publish this information so that anyone who wants to know where these wireless RF signals can be found won’t have to subject themselves to whatever some cop used this description of *completely lawful activity* as justification for.

    It’s great that some guy who was defrauding people was stopped from doing further damage.

    The quote from the police report reads like a “load of shit.”

  2. Phil: You are a super highly valued privacy activist. Your exposés of the TSA in particular should be widely disseminated. But I caution you to keep your post headlines succinct and your prose clear and on-point. Remember that your audience may not be as versed in these topics as you’d like. In order to be influential and credible, you gotta utilize more traditional journalistic communication. When reporting on your activities or providing analysis of what’s wrong with the status quo, keep the passion at a minimum and the reasoned persuasiveness at a maximum. And keep up the great work!

  3. Our business was one earliest hit by this gang out of about 53 businesses. Some were hacking based, but many were physical entry based where they stole computer equipment including servers then used information from them to perpetrate identity theft and other crimes. In our case, they were able to gain access to an Office Depot online account and ordered $30,000 worth of laptops. A slight error on an address led to the laptops actually being delivered to our office instead of the bogus address. I was the first to report this criminal activity in August of 2008 which ultimately led to a United States Secret Service Electronic Crime Task Force investigation and subsequent Federal charges. I am SO glad they got nailed.

  4. Will they repay victims for overdraft fees due to their crimes? I had my info stolen (most likely from Broadway Grille but not for sure). I was sound asleep when the fraud detection service called me at 6am to ask if I was buying $250 worth of merch from a convenience store in Philadelphia, and then immediately making another $250 purchase at the same store.

    The first charge went through, the second charge overdrew my account and I was hit with a $22 fee. Did anyone else get hit with an overdraft fee from being a victim of these people?

  5. Thanks for the kind words, D.

    What I wrote was mostly a quote from the police report. I suspect it was used to justify action that the U.S. Constitution protects us from. Mapping wi-fi networks isn’t an indication of criminal activity. Many people are doing just what this cop described as nefarious activity simply by walking around with their smartphones running.

  6. I got hit with $200.00 purchase and $8.00 fee from Greece. Bank refunded $200.00 after much investigation but I ate the $8 fee. I guess I got off easy but it still burns as I did nothing wrong.