Cybercrime activity. PHOTO: Cybercrime Magazine.

Hack Blotter, Vol. 1, No. 1

Q2 2017

Teenager arrested for 1.7 million security breaches against Microsoft and Sony
U.S. federal judge sentences a Russian hacker to 27 years in prison

Brad Casey

Menlo Park, Calif. – Jun. 30, 2017

Arrests and convictions for cyberattacks on citizens, email and social media accounts, banks, retailers, and government websites persisted in the second quarter of 2017. Longer prison sentences are being doled out for tele-fraud scams, identity theft cases, and cyber robberies.

One hacker was arrested for stealing $100 million from both Facebook and Google. Others were arrested for posing as Microsoft tech support employees.

“Socially engineered tele-fraud scams are on the rise” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures. “Cyber theft starts on the phone, and people need to be aware.”

June

Jun. 29.  Russian hotel boss, Olga Komova, is arrested in Thailand for running a cybercrime scheme that targeted largely Americans.  The scheme was primarily conducted through phishing emails and earned approximately $1.2 million.

Jun. 28.  Four people are arrested in London after they’re caught committing tele-fraud scams by posing as Microsoft technical support and randomly calling customers and telling them that they’re computer is running slowly.

Jun. 27.  After Parliament is targeted by cyber attackers, the British Defense Secretary considers air attacks as a response to hackers.

Jun. 26.  In an effort to combat tele-fraud scammers attempting to defraud American taxpayers with fraudulent IRS calls, one grey hat hacker writes a script that continuously calls the tele-fraud scammers, and consequently ties up their phone lines.

Jun. 23.  Two British men are arrested after scheming to hack into information systems owned by Microsoft.  The two are believed to be a part of a larger ring of hackers who have the acquisition of Microsoft data as their main goal.

Jun. 20.  Chinese authorities arrest 20 employees who operate as Apple distributors for the illegal dissemination of customer data.  The accused reportedly received a total of $7 million for the data.

Jun. 17.  The Independence Day hacker in the Philippines defaced several government websites.  Philippine law enforcement authorities claim to know the identity of the hacker, and they further claim that an arrest warrant is pending.

Jun. 14.  A Florida man attempts to find evidence incriminating the Clintons by hacking computers at the Clinton Foundation, but he instead finds himself in handcuffs after getting caught with child porn on his computer.

Jun. 12.  The Latvian hacker known as “Sagade” appeared in Minneapolis court following extradition from Poland.  The hacker, along with his partners, pocketed over $2 million.

Jun. 5.  A Cameroon man is sentenced in an Atlanta federal court to 4 years in prison, after being extradited from France.  Eric Donys Simeu was convicted of victimizing the Global Distribution System company with a rather effective phishing attack.

Jun. 3.  Romania, the 2nd poorest country in the EU is serving as a sort of sanctuary for former hackers, as these former hackers assist legitimate Romanian companies with cyber security.

Jun. 2.  Iraqi hacktivist, Hussein Mahdi, is arrested for hacking the Iraqi National Security Service.  His arrest has reportedly inspired other hacktivists.

Jun. 2.  OneLogin is reporting that much of its data was breached after a hacker stole its Amazon Web Services keys and decrypted sensitive data.  The keys were stolen from a third-party vendor.

May

May. 30.  A Czech judge gave tentative approval for the extradition of an infamous Russian hacker to the U.S.  Apparently, there was a competing extradition request submitted by the Russian government.

May. 24.  In an effort to combat anti-semitism, French native Gregory Chelli, is wanted by French law enforcement for hacking several French websites.  Chelli lives in Israel under Israeli government protection.

May. 23.  A man from Niger admitted in court that he hacked telecommunications provider Safaricom from his prison cell in Nairobi.  The accused was arrested while in possession of $600 million in fake currency.

May. 22.  The Europol’s European Cybercrime Centre coordinates the investigation and the arrest of 27 across Europe who are suspected of involvement with and ATM theft spree.

May. 22.  Four Russian hackers have been arrested by the Russian Ministry of Internal Affairs for allegedly hacking the SMS-banking system, and stealing money from customer bank accounts.

May. 22.  A forward thinking Ukranian man was sentenced to 30 months in prison for hacking into the websites of various financial news publications and stealing their reports before they were published.  He would use information from the reports and make trades before the information was reported.

May. 22.  Russian authorities arrest 20 Russian hackers after the accused stole approximately $892,000 from Russian banks.  Utilizing a Trojan horse, the accused would do their handy work by infecting smart phones.

May. 17.  A Mexican hacker who secretly recorded video of famed Sinaloa cartel boss, Joaquin “Chapo” Guzman, was thought to be in the U.S. under law enforcement protection.  However, it appears as though he’s stuck in Mexico.

May. 11.  The infamous Russian hacker who is thought to have hacked into LinkedIn, among other major U.S. networks, states that he was offered U.S. citizenship if he admitted to hacking into the servers of the Democratic National Committee.

May. 4.  A pedophile is arrested by the FBI even though he was using an anonymizer.  Law enforcement tricked him into clicking on a link that covertly opened a 2nd network connection on the perpetrators box that allowed authorities to determine his true public IP address.

May. 3.  Never ceasing to amaze, the Islamic State has a librarian who was arrested after authorities find files hidden in his cufflinks that outline an anthrax terrorist plot.

May. 1.  A Lithuanian hacker is arrested for stealing $100 million from both Facebook and Google.  The accused sent phishing emails to officials at both companies, and tricked the recipients into wiring the money to a company in Latvia.

May. 1.  Hackers in Nigeria confess to hacking the VPN belonging to the Joint Admissions and Matriculation Board by erecting a radio tower and communicating with the network via the tower.  They claimed to have received N600,000 ($1716.24) for the job.

April

Apr. 28.  An Italian hacker is extradited to the U.S. after being arrested for operating a botnet that resulted in the theft of approximately $325,000.  The malware on victim boxes would scan for other vulnerable boxes, and it would also disguise itself by cloaking itself as a browser and reaching out to other websites and clicking on ads.

Apr. 26.  Teenager, Adam Mudd, is arrested for committing approximately 1.7 million breaches against Sony and Microsoft.  Mudd was the creator of Titanium Stresser.

Apr. 25.  Law enforcement is investigating a hack that victimized computers belonging to the City of Newark.  Several files have been encrypted, and the hackers are demanding a ransom of $30,000.

Apr. 24.  A Russian hacker is arrested for his affiliation with the Kelihos botnet.  He is allegedly involved with harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software

Apr. 21.  A U.S. federal judge sentences a Russian hacker to 27 years in prison.  This was the most severe penalty handed down to a cyber offender to date.

Apr. 21.  According to a study published by the UK’s National Crime Agency, the ease with which children can access free online hacking tools goes a long way toward leading them into a life of cybercrime.

Apr. 17.  A high school student in Spring Branch, TX is arrested for breaking into the school’s computer system and changing grades.  So far, one other student is known to have paid him for his services.

Apr. 13.  U.S. authorities take down a massive botnet, as Spain authorities arrest the perpetrator – Russian hacker, Peter Levashov.

Apr. 13.  A San Francisco man is indicted for hacking Palo Alto Online.  The hacker is believed to be associated with the hacking group Anonymous.

Apr. 13.  Twenty-two University of Professional Studies, Accra students were expelled for paying another individual to hack into the University’s database and change their grades.  The actual hacker turned himself in to police, and was granted bail.

Apr. 11.  In an expose of Anonymous hacker, Marty Gottesfeld, the Miami New Times recounts how Gottesfeld and his bride were arrested after attempting to flee to Cuba.

Apr. 10.  A Russian hacker is arrested in Barcelona, and set for extradition.  U.S. law enforcement frequently attempts to nab Russian cyber criminals abroad due to the difficulty in extraditing them from Russia.

Apr. 10.  Taylor Huddleston is arrested for hacking even though he never did any hacking.  The FBI claims that Huddleston created malware known as NanoCore.

Apr. 10.  Russian social media platform, LiveJournal, is reportedly losing users as they implement new terms of use policies that better align with Russian law.  Critics claim that this is offensive to the LGBT community.

Apr. 8.  Sagar Thakkar, 24, is arrested by Indian authorities at the Mumbai International Airport.  According to authorities, Thakkar was the mastermind behind a rather large telefraud scam that earned approximately $300 million by targeting American taxpayers.

Apr. 5.  The financial details of the case involving the Canadian who hacked Yahoo were revealed in court.  Police found $30,000 in cash at his home.

Apr. 5.  A South Korean hacker has been arrested for allegedly hacking the game Overwatch.  The hacker is 17-years-old and a high school dropout.

Apr. 5.  An Arkansas man is arrested by the FBI for creating malware used by nefarious individuals.  The hacker claims that the purpose of his malware was to help parents track their children’s online activity.

Apr. 3.  Police in Dubai arrest hackers who targeted 5 U.S. White House officials.  According to Dubai officials, the suspects will be extradited to the U.S.

Apr. 2.  A 20-year-old man is arrested in London after being identified as a member of the Turkish Crime Family.  The group claims to have the ability to factory reset 627 million accounts within Apple iCloud, and threatens to do so if a ransom is not paid.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.


Q1 2017

Cybercrime arrests lead to more prison sentences for hackers globally
ATM hacks and cyberpolice takedowns persist

Brad Casey

Menlo Park, Calif. – Mar. 31, 2017

Arrests and convictions for cyberattacks on citizens, email and social media accounts, banks, retailers, and airports persisted in the first quarter of 2017.

Numerous perpetrators were nabbed in connection with ATM hacks, which continue to be a lucrative target for cybercrooks.

“As we noted at the end of last year, local police and government cybercrime squads continue to invest heavily into the pursuit, capture, and arrest of hackers” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures.

March

Mar. 25.  Pakistani woman arrested under Pakistan’s new cybercrime law for blackmailing others via social media.  First female arrested under new law.

Mar. 23.  Israeli police arrest 19-year-old Israeli-American hacker for various bomb threats against Jewish Community Centers nationwide.  Law enforcement won’t comment on motive.

Mar. 21.  Evaldas Rimasauskas arrested for tricking various companies and individuals into wiring over $100 million to numerous bank accounts under his control.  Accused allegedly carried out his attacks via phishing scams.

Mar. 21.  Jamaican activist arrested under Jamaica’s Cybercrime act.  Arrested accused alleged perpetrators of sexual violence on social media.

Mar. 21.  Cybercrime detectives in India arrest 2 members of Hyma Consultancy firm for taking semi-nude videos of another woman at the firm.

Mar. 21.  Computer Science student from Isabela State University arrested in CAUAYAN CITY, Philippines for credit card scam.  Accused allegedly developed fake bank websites to lure victims into giving credit card information.

Mar. 21.  Cybercrime unit of Papua arrests 3 suspected of running an online gambling site.  Gambling apparently illegal in Papua.

Mar. 20.  Twenty-nine Nigerians arrested in Ghana for engaging in cyber fraud.  Group may have diversified their resume by committing murder as well.

Mar. 17.  Dallas police arrest man for sending malicious GIF to journalist Kurt Eichenwald via Twitter.  GIF contained strobe light that induced seizure.

Mar. 15. Two Russian Spies and two hackers arrested due to linkage to the infamous Yahoo intrusion of 2013.  Extradition of spies questionable.

Mar. 15.  “Kolypto” extradited from Norway and arraigned before a U.S. judge.  Accused of developing and maintaining Malware-as-a-Service software, Citadel.

Mar. 10.  Three arrested in Kenya by Cybercrime unit for hacking several banks in country.  Banks fear customers will begin panic withdrawals due to lack of confidence in bank security.

Mar. 9.  Gang of bank hackers arrested in Nairobi.  2 Americans among those arrested.

Mar. 7.  Man from Ft. Myers arrested by FBI for holding San Diego software company ransom.  Many allegedly took company’s website offline and refused to bring it back up until a bribe was paid.

February

Feb. 24.  British hacker, BestBuy, arrested for taking down of sites such as Twitter and Reddit.  Suspect arrested as he was about to board plane in London.

Feb. 24.  Florida man pleads guilty to computer hacking charges.  At the time of arrest, accused claimed he was investigating financial links between various charities and jihadists groups.

Feb. 23.  British hacker of Deutsche Telekom routers arrested.  Approximately 900,000 routers taken off line.  Mirai malware suspected.

Feb. 17.  Ukranian hacker who fraudulently sent heroin to home of Brian Krebs sentenced to 41 months in prison.  Accused called cops after heroin arrived at house.

Feb. 16.  Ukranian hacker receives 41 months in prison for stealing usernames and passwords.  Sentencing was done in federal court in New Jersey.

Feb. 16.  Louisiana man sentenced to 34 months in prison for hacking into former employer’s computer system.  Must also pay back $1 million in damages.

Feb. 10.  Turkish hacker convicted for hacking ATMs around the globe.  Wanted millions in cash, but instead received 8 years in U.S. prison.

Feb. 10.  Alexander Tverdokhlebov arrested in Los Angeles for hacking various bank accounts.  Caught by law enforcement after they began to monitor online chats.  Apparently, Tverdokhlebov was very chatty.

Feb. 9.  American youth from Pittsburgh confesses to computer hacking attempt against Brussels Airport night after airport bombing of March 22, 2016.  Authorities say the hacking attempt was unsuccessful.

Feb. 8. Nine Russians arrested from several different regions across Russia in connection with hacking group Lurk.  Members alleged to have stolen approximately $17 million from bank accounts.

Feb. 4.  British man and woman arrested in London for hacking CCTV cameras in Washington D.C. one day before President Trump’s inauguration.  Couple may have had a problem with making America great again.

Feb. 4.  Mumbai police raid residence in Vasant Kunj.  Accused charged with defrauding city-based event manager through fraudulent online transactions.

Feb. 3.  U.S. Capitol Police investigating activities of several IT contractors who worked for various U.S. Congressmen.  IT access already pulled for 5 individuals.

Feb. 2.  Three Russian cyber security experts charged with treason.  Kremlin will not reveal the basis for said charges.

Feb. 1.  Infamous hacker, Phineas Fisher, may be among 3 arrested by Spanish police for allegedly hacking the Catalan police union.

January

Jan. 31.  Arrested former St. Louis Cardinal’s executive throws curveball into the MLB hacking investigation by claiming that the Houston Astros had previously hacked into the Cardinal’s computer system.

Jan. 27.  Five international cyber criminals arrested for hacking various ATMs around the globe.  Group began the hack by sending spear phishing emails to unsuspecting bank employees.

Jan. 25.  Four hackers arrested at 5-star hotel in India for electronically stealing vouchers from sites such as Amazon, Domino’s Pizza, and Flip Kart.

Jan. 25.  Three European hackers arrested and sentenced to 5 years in Taiwanese prison for hacking ATM network of First Commercial Bank.

Jan. 24.  Celebgate hacker receives 9 months in prison for hacking the iCloud and Gmail accounts of various celebrities, to include Jennifer Lawrence and Kaley Cuoco.

Jan. 21.  Russian hacker arrested in Spain.  Suspected of stealing information to millions of credit and debit cards.

Jan. 19.  Customers at various Popeye’s Chicken restaurants in Houston have credit card information stolen.

Jan. 14.  21-year old hacker Zachary Shames shows off his James Madison University education by selling Keylogger tool to over 3,000 people.  Then gets arrested.

Jan. 10.  Brother and sister duo arrested in Italy for hacking email accounts to various political leaders and financial power brokers.  Motive undetermined.

Jan. 10.  Bitcoin exchange operator sentenced for JP Morgan Chase hack.  Receives 12-and-a-half years.

Jan. 9.  Securities and Exchange Commission granted preliminary injunction and asset freeze against 4 Chinese hackers accused of illegally reaping $4 million from insider knowledge gained after hacking computer systems of New York law firms.  Computer systems contained information pertaining to pending corporate deals.

Jan. 6.  Justin Liverman pleads guilty to hacking AOL account of former CIA Director John Brennan.  Legal team of the accused wonders why Brennan isn’t held accountable for allowing himself to be hacked.

Jan. 3.  Miami college student finds time during her studies to cyberstalk a California woman.  Will have to postpone her studies until she completes 22-month prison sentence.

Jan. 3.  Person who hacked into actress, Kareena Kapoor’s, tax information arrested by Mumbai Cyber Cell.  Accused wanted Kapoor’s number.  Instead receives book thrown at him.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.


Q4 2016

Local law enforcement agencies invest into new cybercrime units and labs

Brad Casey

Menlo Park, Calif. – Jan. 3, 2017

Cyber crooks were caught and convicted for hacks on airports, banks, governments, hospitals, and universities during the last quarter of 2016. The perpetrators included a former Marine, a slew of teenagers, solo hackers and hacktivists, and organized cybercrime groups in the U.S. and internationally.

Millions of dollars were invested into new cybercrime units in Atlanta, Ga. and New York City — which are aiding in investigating and prosecuting cybercriminals.

“We expect to see more cyber combat units opening and expanding across the U.S.” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures. “Street criminals have shifted to the web, and the local police are catching up” adds Morgan.

December

Dec. 29. Former Shelton, Conn. high school student was arrested and charged with computer crimes in the third degree after launching DDoS attacks through a cell phone.

Dec. 27. Nine teenaged hackers associated with Anonymous hacktivism arrested in Thailand.

Dec. 27. Cyber security meets securities fraud as 3 Chinese hackers charged by Manhattan U.S. Attorney’s Office.

Dec. 26. Thai hackers seek revenge for new cybercrime law by hacking government systems.  Thai officials seek revenge by arresting them.

Dec. 21. Saudi hacking group hacks Netflix and Marvels Entertainment Twitter accounts.

Dec. 20. A new Atlanta cybercrime unit will be aiding in prosecuting cybercriminals who hack into private networks and steal proprietary data, according to the U.S Attorney’s Office Northern District of Georgia.

Dec. 19. The U.S. Department of Justice reports 3 Romanian Nationals allegedly infected more than 60,000 computers, sent out over 11 million fraudulent emails and stolen at least $4 million.

Dec. 18. Nigerian hacker arrested for hacking Los Angeles County email system.  Personally identifying information of approximately 750,000 possibly exposed.

Dec. 15. One arrested for hacking applications for Honk Kong toymaker, VTech.  Personally identifying information of approximately 200,000 children possibly exposed.

Dec. 14. Culprit in largest theft of customer bank data arrested at John F. Kennedy Airport as he returns from overseas.

Dec. 13. Thirty-four suspects arrested in 13 countries in massive DDoS-for-hire-scam.  Many suspects were teenagers.

Dec. 13. 17-year-old sentenced to 12 months rehabilitation after hacking British telecom as a 16-year-old.  Hack done with an iPhone.

Dec. 13. Bulgarian man who used GozNym malware as part of a bank fraud scheme brought before U.S. Federal Court in Pittsburgh.

Dec. 12. 5 arrested by FBI and Europol in take down of Avalanche phishing network.  Millions of computers infected prior to take down thanks to double fast flux method.

Dec. 8. 17-year-old evil genius sentenced to four years in Massachusetts state custody for leading a group of villainous hackers.

Dec. 7. Bahamian hacker who stole unreleased celebrity sex tapes sentenced to 5 years in federal prison by judge in U.S. Southern District of New York.

Dec. 5. Aaron Glende, a.k.a. IcyEagle, of Winona, Minn. was sentenced to 4+ years for selling stolen login credentials on the dark web – including usernames and passwords to bank accounts.

Dec. 4. Alleged hackers Office of Personnel Management arrested by Chinese government.  Whether hack was directed by Chinese government still unclear.

Dec. 1. U.S. and European officials put five key suspects in custody as part of a cybercrime takedown involving a group accused of causing hundreds of millions of dollars in losses worldwide.

November

Nov. 28. 19-year-old autistic Australian arrested for hack of air traffic control system at Tullamarine Airport.  One plane forced to abort scheduled landing during the hack.

Nov. 26. Rangers arrest 4 individuals associated with hacking group that commits millions of dollars worth of financial fraud.

Nov. 25. Fifth arrest made in conjunction with TalkTalk hack when police arrest 18-year-old in Wales.

Nov. 25. Hacktivist, Deric Lostutter pleads guilty to illegally accessing a computer without authorization when he attempted to bring attention to sexual assault case involving 2 of Steubenville High School’s athletes.

Nov. 18. 3 hackers arrested for mobile upgrade scam against mobile operator Three customers.  Database containing personally identifying information of 8.8 million customers possibly exposed.

Nov. 17. A $10 million 17,000 square foot cybercrime lab has opened in the Manhattan (NYC) District Attorney’s office. The lab is involved with investigating cybercrime and identity theft.

Nov. 14. 31-year-old man with Aspergers syndrome extradited to U.S. for stealing data from FBI, NASA, and Federal Reserve.

Nov. 10. Former Marine arrested for conducting a man-in-the-middle attack against Google Maps and the FBI.  Recorded private phone conversations in the process.

Nov. 4. Jonathan Powell, 29, was arrested by the FBI for trying to hack approximately 2,000 email accounts at two universities in the New York City area.

Nov. 4. 14 arrested, mostly in London, for conducting massive cyber bank fraud scam.  11 million Euros laundered.

Nov. 2. Arizona man arrested for hacking email accounts at 1 university in New York and another in Pennsylvania.  Also tried to hack 75 other universities.

Nov. 2. Commanding Officer of NYPD’s 10th Precint reports a significant uptick in grand larcenies over the last 28-day period — comprised largely of cyber crime.

Nov. 2. Former teen Canadian hacker serving 4-year prison sentence for hacking U.S. federal agencies.

October

Oct. 31. Ryan Collins sentenced to 18 months in jail after hacking 50 iCloud accounts of celebrities.  Some celebrities included Jennifer Lawrence and Kirsten Dunst.

Oct. 31. Arizona man arrested for DDoS-ing 9-1-1 emergency system by utilizing JavaScript exploit.

Oct. 28. Dwayne Cartouche Hans Jr, of Richland, Washington arrested after stealing $134,000 from a bank.  Utilized Home IP address, and personal e-mail account in scam.

Oct. 26. 29-year-old Russian hacker arrested in Prague after hacking LinkedIn and Dropbox.

Oct. 24. Martin Gottesfeld charged with DDoS-ing Boston Children’s Hospital and Wayside Youth Family Support.  Claims he did it to fight the wrongful treatment of children.

Oct. 19. Russia demands that suspected LinkedIn hacker be returned home to Russia.

Oct. 17. Justice Department charges Ardit Ferizi with stealing personal information of military troops and passing the information along to ISIS.  Believed to be the leader of Kosova Hacker’s Security.

Oct. 14. You could be arrested for bringing a Samsung phone onto an airplane. You can’t even place your phone in checked luggage.

Oct. 13. Chinese hackers arrested at the request of U.S. government for hacking U.S. businesses.

Oct. 11. Perpetrator in world’s largest bank hack arrested in Russia.  Extradition process a little hazy.

Oct. 11. Hacker of Hillary Clinton’s illicit email server transferred from U.S. to Bucharest where he will serve a separate sentence for hacking in Hungary.

Oct. 10. 2 Dutch members of hacking group Lizard Squad charged with hacking in Chicago District Court.  Suspected of hacking Playstation and Xbox Live networks during Christmas 2014.

Oct. 7. After being fired from the IT department of Lucchese Bootmaker, ex-employee hacks into company server and essentially shutsdown network.  Arrested by FBI.

Oct. 5. Indonesian man arrested in Jakarta after displaying porn on digital public billboard.  Accused claims it was an accident.

Hack Blotter Archives

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.