Kevin Mitnick / Novell – OSINT → Pretexting → Phone Social Engineering → Dial-Up Access → NetWare Source Code Theft
While a fugitive living under a false identity in Denver, Kevin Mitnick — the FBI's most wanted hacker — targeted Novell's technical support staff using a technique he called pretexting. By impersonating a Novell employee using authentic corporate lingo, internal knowledge, and manufactured urgency, he convinced support staff to provide credentials and system access. He then used dial-up connections to extract proprietary NetWare source code. Shawn Nunley, a Novell support analyst at the time, was directly targeted by Mitnick and later became the FBI's star witness — before becoming one of Mitnick's closest friends. This entry is notable as a foundational case study in social engineering before the term existed in mainstream security.
Before making a single call, Mitnick invested significant time learning everything publicly available about his target. He gathered employee names from directory listings, understood Novell's internal team structures, and immersed himself in NetWare technical documentation so he could speak fluently about the product — a prerequisite for any convincing pretext. As he wrote in The Art of Deception: "When you know the lingo and terminology, it establishes credibility — you're legit, a coworker slogging in the trenches just like your targets."
Goal: Build enough authentic detail to withstand scrutiny from a real Novell employee
Mitnick's method: "Pretext calls" — low-stakes calls to gather information for higher-stakes calls later
Mitnick called Novell's technical support line — the same line customers and employees used — and presented himself as a legitimate Novell employee or developer with a plausible reason for needing help. He used real employee names, correct internal terminology, and manufactured urgency to make the call feel routine. Shawn Nunley, a support analyst, took the call.
Technique used: Pretexting — a fully constructed scenario with backstory, urgency, and technical credibility
Location: Mitnick was calling from Denver, living as "Eric Weiss" under a fabricated identity
Mitnick's genius was not technical — it was psychological. He assessed his target's willingness to cooperate in the first few seconds, adapting his approach in real time. He used Novell-specific technical language that only an insider would know, referenced real internal projects or colleagues, and framed his request as urgent but routine — something that needed to be resolved quickly to avoid a bigger problem. This is the core of social engineering: making the target feel that compliance is the safe, helpful, professional response.
Mitnick on reading targets: "I'm always on the watch for signs that give me a read on how cooperative a person is"
Why support staff were vulnerable: Helping people quickly was their job — suspicion felt like being unhelpful
Once trust was established, Mitnick steered the conversation toward his actual goal — obtaining credentials, a dial-up number, or system access that would let him connect to Novell's internal network remotely. The request was framed as something mundane: a password reset, a need for a dial-in number to work remotely, or a request to verify account details. The target had no reason to suspect anything unusual.
Federal indictment: Mitnick and DePayne "stole and copied proprietary computer software from Novell" including NetWare source code
Using the credentials or dial-up access obtained from the call, Mitnick connected to Novell's internal systems remotely from his Denver apartment — at night, while working a day job at a law firm under a false identity. To hide his location from both the FBI and the phone company, he used cloned cellular phones, cycling through cloned numbers to avoid detection through call records.
Credentials used: Obtained via social engineering call to support staff
Location obfuscation: Cloned cellular phones — using stolen ESN/MIN pairs to masquerade as other subscribers
When: Nights, while working as "Eric Weiss" at a Denver law firm during the day
With authenticated access to Novell's internal systems, Mitnick copied proprietary NetWare source code — some of the most valuable intellectual property the company owned. The federal indictment confirmed that Mitnick and co-conspirator Lewis DePayne stole and copied this software. Mitnick's motivation, as he repeatedly stated, was not financial — it was intellectual curiosity and the challenge of accessing systems that were supposed to be inaccessible.
Co-conspirator: Lewis DePayne (charged alongside Mitnick)
Motivation: Intellectual curiosity — Mitnick: "simple crimes of trespass... I wanted to know how these systems worked"
No financial use: No evidence source code was ever sold or used commercially
The FBI built their case against Mitnick in part through witness testimony from support staff he had targeted. Shawn Nunley, who had taken Mitnick's call at Novell, became the government's star witness. But the story didn't end there — Shawn grew disillusioned with the government's handling of the case, contacted Mitnick's defence team, and ultimately became one of Mitnick's dearest friends. It's one of the most extraordinary victim-to-friend trajectories in the history of computer crime.
Found with: Cloned cellular phones, 100+ cloned phone codes, multiple pieces of false identification
Sentence: 46 months + 22 months for supervised release violation (5 years total, including 8 months solitary)
Shawn Nunley: FBI star witness → disillusioned with prosecution → contacted defence → lifelong friend of Mitnick