Once again we look Let's go back to last year on cybercrime and those we lost… to the law. This year was no different than last: we saw another round of high-profile raids, arrests, sanctions and prison sentences for some of the most prolific cybercriminals of recent years.
This is our look back at who was caught or arrested, featuring: why a Russian accused of ransomware burned his passport, which notorious malware gang reared its ugly head again, and why one country's hackers targeted a manufacturer of unsuspecting phones.
For a time, Joseph James O'Connor was one of the most wanted hackers on the Internet, not only by the feds investigating the breach, but also by the curious public who watched his attack unfold in real time.
O'Connor was a member of the hacking group that broke into Twitter to abuse access to an internal administration tool that they used to hijack high-profile Twitter accounts, including Apple, Joe Biden, and Elon Musk (who later bought the site). ) to spread a crypto scam. Twitter took drastic measures to rid its network of hackers by temporarily blocking posts from the site's more than 200 million users.
A New York judge sentenced the 24-year-old hacker to five years in prison, two of which O'Connor has already served in pretrial detention.
A screenshot of a tweet from Joe Biden's briefly hacked Twitter account showing a crypto scam. Image credits: TechCrunch
This year, federal prosecutors charged a former Amazon employee with hacking into a cryptocurrency exchange and stealing millions of cryptocurrency from customers. The case initially appeared as an ethical hacker who went rogue by apparently offering to return funds in exchange for a bug bounty. But Shakeeb Ahmed was ultimately discovered in part by Googling his own crimes that prosecutors said were related to his “own criminal liability.”
Ultimately, Ahmed pleaded guilty in early December. technology-company-pleads-guilty-hacking-two” target=”_blank” rel=”noopener”>according to the Department of Justiceand faces up to five years in prison and the return of five million dollars to the victims.
Why did a Russian accused by US prosecutors of ransomware attacks burn his passport? According to accused hacker Mikhail Matveev, this is because the US government would chase him anywhere he went and most countries would extradite him for the crimes he is accused of, crimes he has not denied, per se, but rather has openly accepted. In an interview with TechCrunch, Matveev said the last time he traveled was to Thailand in 2014, but not since.
Federal prosecutors say Matveev is a “central figure” in the development and implementation of the Hive, LockBit and Babuk ransomware variants, which have resulted in ransom payments worth millions of dollars. Matveev is believed to live in the Russian enclave of Kaliningrad, where he remains tantalizingly close but out of reach of the authorities.
The FBI wanted poster for Mikhail Matveev. Image credits: FBI
Hermit kingdom hackers were busier than ever this year, racking up attacks on popular crypto wallets and crypto-heists” target=”_blank” rel=”noopener”>top crypto projects with the aim of earning as much money as possible for the regime anywhere can get it to fund its authorized nuclear weapons program.
Some of the cyberattacks linked to North Korea may not have made much sense at first glance, but breaking into software companies gave hackers access to the targets they sought. Business phone provider 3CX said North Korean hackers broke into its systems and planted malware in a tainted software update that was distributed to customers in a long-term effort to attack 3CX crypto customers. Software company JumpCloud said it was also hacked by North Korean hackers, likely in an effort to collect data on a handful of its cryptocurrency-related clients.
The FBI warned earlier this year that North Korean hackers were preparing to withdraw some of their recent cryptocurrency thefts.
It took the feds about a decade, but their persistence paid off when they finally identified the mastermind behind Try2Check, a credit card verification operation that allowed criminals who buy credit card numbers in bulk to identify what cards are still active. The scheme earned Russian national Denis Gennadievich Kulkov more than $18 million in illicit profits, and a place on the U.S. Secret Service's most wanted list with a $10 million reward for information leading to to Kulkov's conviction. That may not happen anytime soon, given that Kulkov remains in Russia and completely out of the reach of U.S. prosecutors.
A prolific hacker and seller of stolen data, the administrator of the BreachForuns cybercrime forum known as Pompompurin, was arrested on his own turf by the FBI in a leafy upstate New York town. BreachForums was for a time involved in selling the data of millions of people with more than 340,000 active members, to the point that the Department of Justice attempted to “discontinue” the site to take it offline. The operation saw the arrest of Conor Brian Fitzpatrick, 20, following an extensive surveillance operation. In the end, it wasn't just the hacking and wire fraud charges that brought down the famous hacking forum administrator, but also the possession of child abuse images. Fitzpatrick later pleaded guilty and will be sentenced at a later date.
Qakbot was one of the longest-running and high-profile hacking groups of the last decade, and was once the malware of choice for delivering ransomware to companies, organizations and governments around the world, generating tens of millions of dollars in ransom payments. rescue. At its peak, the FBI said Qakbot had compromised more than 700,000 devices as of June 2023, with at least 200,000 hacked devices located in the United States. In a bold effort to permanently eliminate malware, the FBI launched Operation Duck Hunt (don't say that Too Fast), which tricked Qakbot-infected computers into downloading an uninstaller created by the FBI, removing the malware from the infected device. The operation was hailed as a success. But recent Qakbot infections suggest that removal It was little more than a brief setback.
In what is likely to be the last cyber-related conviction of the year: a hacker accused of involvement with the prolific hacking group Lapsus$ will be detained until doctors determine he no longer poses a threat to the public. Arion Kurtaj, a teenager from Oxford, was sentenced to an indefinite hospital order in December. technology-67663128″ target=”_blank” rel=”noopener”>reports the BBC. Kurtaj is one of several hackers who attacked Rockstar Games, Uber, Nvidia and telecom giant EE who used social engineering and threats to gain access to corporate networks. The judge said the teenager's abilities and his desire to continue committing cybercrimes meant he remained a high risk to the public.
Read more on TechCrunch:
