Tag Archive for: sentenced

Former Amazon Security Engineer Sentenced to Three Years in Crypto Hacking Case

/in


U.S. District Judge Victor Marrero of the Southern District of New York on Friday sentenced former Amazon security engineer Shakeeb Ahmed to three years in prison in connection with a cryptocurrency hacking scheme.

Ahmed, 34, pleaded guilty to one count of computer fraud in December, acknowledging that he hacked two crypto exchanges and stole more than $12 million in cryptocurrency in the summer of 2022. He was ordered to forfeit about $12.3 million and pay more than $5 million in restitution.

Source…

Administrator of Darkode Hacking Forum Sentenced to Prison

/in


The US Justice Department announced on Wednesday that a man who admitted being an administrator of a now-defunct cybercrime forum named Darkode has been sentenced to prison.

Thomas Kennedy McCormick, aka ‘Fubar’, a 30-year-old from Cambridge, Massachusetts, has been sentenced to 18 years in prison for his role in running Darkode. The sentence also includes three years of supervised release.

McCormick, who joined the site as a member in 2009, ended up being one of multiple administrators. Authorities said he was one the last admins of Darkode, before the cybercrime forum was shut down by law enforcement in 2015. The law enforcement operation resulted in 70 people being arrested, searched, or charged. 

Investigators said Fubar was involved in the distribution of malware, hacking websites, as well as the theft and sale of personally identifiable information, payment cards, and bank account credentials. 

When they searched his residence, law enforcement found the stolen credit card information of nearly 30,000 people in his possession. 

The Justice Department said in 2022 that McCormick had agreed to assist law enforcement in the prosecution of other Darkode members.  

McCormick’s 18-month prison sentence is for RICO conspiracy (12 months) and aggravated identity theft (6 months) charges, to which the man pleaded guilty. He admitted that his involvement in the operation caused financial losses totaling nearly $680,000. 

There have been a few unsuccessful attempts to resurrect Darkode after the takedown. 

Advertisement. Scroll to continue reading.

Related: Nigerian Man Sentenced to 8 Years in US Prison for $8 Million BEC Scheme

Related: Russian Man Who Laundered Money for Ryuk Ransomware Gang Sentenced

Related: Former Ubiquiti Employee Who Posed as Hacker Sentenced to Prison

Source…

A security researcher has been sentenced for hacking into Nintendo and Microsoft’s servers

/in


A former security researcher at MalwareBytes, Zammis Clark, was sentenced earlier this week for breaching into Microsoft and Nintendo network servers and stealing confidential data, as well as usernames and passwords, according to The Verge. The attacker had also uploaded malware to the servers.

Clark, who was still working for MalwareBytes at the time of the Microsoft attack in January of 2017, had stolen around 43,000 files from the Redmond company’s servers thanks to the attack. After gaining access to the servers, he shared that access with other users on the internet as well, including Thomas Hounsell, who is known for running the now-defunct BuildFeed website. Hounsell used this route to gain information on Microsoft’s products through nearly 1,000 queries over a period of 17 days.

Clark was eventually arrested for his actions in June of 2017, but was released without any restrictions on computer use, so in March of last year, Nintendo also came under attack by the hacker. Clark gained access to the company’s game development servers and stole 2,365 usernames and passwords until he was caught in May. Between the Nintendo and Microsoft breaches, Clark caused damages anywhere between $2.9 and $3.8 million.

Clark had also been involved in a previous security breach around Vtech’s children toys in 2015, but hadn’t been accused since the company didn’t collaborate with the prosecution on the case and Clark walked free.

Clark will at least avoid any prison time, provided that no additional crimes are committed. Due to his autism and face blindness, in addition to the fact that Clark pleaded guilty to the attacks, Judge Alexander Miller decided that prison would be disproportionally harsh for the hacker. He was sentenced to 15 months of imprisonment, suspended for 18 months. He was also granted a Serious Crime Prevention Order which will mean an unlimited fine and up to five years of prison time should he commit any serious offenses for the next five years.

Thomas Hounsell, on the other hand, was sentenced to just six months of imprisonment, but the sentence…

Source…

Hacker responsible for 2020 Twitter breach sentenced to prison

/in


Three years after one of the most visible hacks in recent history played out in real-time in front of millions of Twitter users, one of the hackers responsible for the breach will now serve time in federal prison.

Joseph James O’Connor, 24, was sentenced Friday in a New York federal court to five years in prison after pleading guilty in May to four counts of computer hacking, wire fraud and cyberstalking. O’Connor also agreed to forfeit at least $794,000 to the victims of his crimes.

O’Connor, a U.K. citizen, was extradited from Spain at the request of U.S. prosecutors earlier this year and has remained in custody since.

In the hearing, Judge Jed S. Rakoff said O’Connor will likely serve about half of his sentence after spending more than two years in pre-trial custody.

O’Connor faced a maximum of 77 years in prison, according to Reuters. Justice Department prosecutors called for O’Connor to serve at least seven years in prison.

In court, O’Connor said his crimes were “stupid and pointless,” apologized to his victims, and asked the judge for leniency.

According to prosecutors, O’Connor “used his sophisticated technological abilities for malicious purposes — conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim.”

The government said O’Connor, known by his online handle PlugWalkJoe, was part of a group that broke into dozens of high-profile Twitter accounts, including Apple, Binance, Bill Gates, Joe Biden and Elon Musk, to spread cryptocurrency get-rich-quick scams in July 2020.

O’Connor used phone-based social engineering techniques to trick Twitter employees into granting the group of hackers access to Twitter’s network. One of the other hackers convicted of the Twitter breach, Graham Ivan Clark, also known as Kirk, used the access to Twitter’s network to abuse an internal admin tool to hijack and reassign Twitter user accounts.

A screenshot of the Twitter admin panel that the hackers breached in order to reassign access to Twitter user accounts.

A screenshot of the Twitter admin panel that the hackers breached in order to reassign access to Twitter user accounts. Image Credits: TechCrunch…

Source…