Tag Archive for: sentence

Ransomware sentence indicative of cross-border cooperation in enforcement of white-collar crimes

/in


A United States court recently sentenced a Canadian citizen to 20 years in prison for his participation in the NetWalker ransomware attacks. The case displays the coordination of law enforcement units across borders in response to the threat of attacks that similarly transcend borders.

Background

Following a request from the U.S. Federal Bureau of Investigation for assistance identifying a Canadian suspect in their investigation into NetWalker, the RCMP arrested Sebastien Vachon-Desjardins, a former Government of Canada employee, in January 2021. After his arrest, the RCMP searched his home and seized 719 bitcoin (worth approximately $35 million at the time of the seizure) and $790,000 cash. He was charged in Canada with mischief in relation to computer data, unauthorized use of a computer, extortion and participating in a criminal organization. In January 2022, he pleaded guilty to three of the four charges, and was sentenced by an Ontario court to seven years in prison. In addition, he was ordered to forfeit the bitcoin, most of his seized computing devices and all of the cash seized by the RCMP, as well as to pay more than $2.6 million in restitution to the businesses affected by the attacks.

Following his Canadian sentencing, Vachon-Desjardins was extradited to the United States, where he was charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, intentional damage to a protected computer and transmitting a demand in relation to damaging a protected computer. Vachon-Desjardins pleaded guilty to all four charges. On October 4, 2022, a U.S. District Judge in Florida sentenced him to 20 years in prison, and ordered him to forfeit US$21.5 million. Restitution will be ordered by the U.S. court at a later date.

Ransomware attacks

As discussed in a previous post, ransomware is a form of malicious software designed to block access to data or a computer system. Ransomware often encrypts data or programs on information technology systems in an effort to extort ransom payments from victims in exchange for decrypting the information and restoring system access. These types of attacks have increased in frequency, severity and sophistication in recent years —…

Source…

Nintendo says thank you after hacker Gary Bowser is given 40-month sentence

/in


What just happened? The long-running saga of unfortunately-named Nintendo hacker Gary Bowser has come to an end with a 40-month prison sentence. The Team Xecuter member, who isn’t related to Nintendo of America president Doug Bowser or the Mario antagonist, was charged with two piracy-related federal felonies, for which Nintendo has publicly thanked authorities.

Bowser had been a member of the Team Xecuter hacking group—the DOJ called him a “prominent leader”—that had been creating and selling Nintendo hacking devices since at least 2013. The tools allowed buyers to circumvent security measures, enabling them to play illegal ROMs on consoles/handhelds such as the Switch, 3DS, and Nintendo Wii.

Bowser was arrested in 2020 along with fellow Team Xecuter member Max Louarn on 11 felony counts of piracy. In April last year, Nintendo of America launched a lawsuit against Bowser, asking for $2,500 for each trafficked device and $150,000 for each copyright violation. He initially denied the charges but changed his plea to guilty a few months later and was ordered to pay Nintendo $4.5 million.

A Team-Xecuter rCM Loader for the Nintendo Switch

Bowser was also facing a civil suit from Nintendo. Given that he had already pleaded guilty to the criminal case, he ended up settling with the company in December for $10 million. In court documents, Bowser said he was paid $1,000 a month to market and distribute the hacking devices to retailers.

The US government’s prosecution argued that Team Xecuter’s actions resulted in $65 million in losses for Nintendo and asked for five years imprisonment for Bowser. His defense said he was the “least culpable” of the three arrested members and asked for 19 months, which would have seen him spend 3 months in prison given his time served. The US District Court for the Western District of Washington sentenced him to 40 months.

The DOJ also charged the other Team Xecuter members, Louarn (of France) and Yuanning Chen (of China), but neither are in custody.

Nintendo gave the following statement in response to the sentence.

Nintendo appreciates the hard work and tireless efforts of federal prosecutors and law enforcement…

Source…

Bomb Threat Hacker Gets 8-Year Prison Sentence

/in


An American hacker has been sent to prison for carrying out a series of cyber and swatting attacks, including sending bogus threats of shootings and bombings to schools in the United Kingdom and the United States.

North Carolina resident Timothy Dalton Vaughn also called in a false report of an airplane hijacking involving a jetliner traveling from London to San Francisco.

The 22-year-old, known online by the handles “WantedbyFeds” and “Hacker_R_US,” was arrested in February 2019 by special agents with the FBI. 

Authorities found that Vaughn had in his possession 200 sexually explicit images and videos depicting children, including at least one toddler.

Vaughn was a member of a worldwide collective of computer hackers and swatters who call themselves the “Apophis Squad.” 

The squad caused disruptions by making threatening phone calls, sending false reports of violent school attacks via email, and launching distributed denial-of-service (DDoS) attacks on websites.

“Vaughn and others sent emails to at least 86 school districts threatening armed students and explosives,” said the Department of Justice. 

“The threatened attacks included the imminent detonation of a bomb made with ammonium nitrate and fuel oil, rocket-propelled grenade heads placed under school buses, and the placement of land mines on sports fields.”

Squad members sometimes reported threats using “spoofed” email addresses to make it appear as though the reports had been sent by innocent parties, including the mayor of London.

Among the squad’s victims was a Long Beach motorsport company whose website hoonigan.com was knocked offline for three days by a DDoS attack. The business received an email demanding a ransom of 1.5 Bitcoin (worth approximately $20,000) to cease the attack.

The Apophis Squad also hacked and defaced the website of a university in Colombia so that site visitors were greeted with the image of Adolf Hitler clutching a sign that read “YOU ARE HACKED.”

In November 2019, Vaughn pleaded guilty to one count of conspiracy to convey threats to injure, convey false information concerning use of explosive device, and intentionally damage a computer; one count of computer…

Source…

Hacker closing out prison sentence in Chicago halfway house

/in


Hacker Jeremy Hammond, who is serving a 10-year prison sentence for breaking into computer systems of security firms and law-enforcement agencies, will serve out the remainder of his term in a Chicago halfway house

November 19, 2020, 3:42 AM

3 min read

CHICAGO — Computer hacker Jeremy Hammond, who is serving a 10-year prison sentence for breaking into computer systems of security firms and law-enforcement agencies, will serve out the remainder of his term in a Chicago halfway house, a U.S. Bureau of Prison spokesman said Wednesday.

Hammond, who has gained mythic status among his supporters, was released Tuesday from the Memphis Federal Correctional Institution in Tennessee to community confinement, said Bureau of Prisons spokesman Emery Nelson. Citing privacy and security reasons, Nelson refused to release information on the conditions of Hammond’s confinement. He is scheduled for release in March.

The FBI arrested Hammond, who prosecutors called a hacking “recidivist,” during a 2012 raid on his Chicago home after getting the cooperation of Hector Xavier Monsegur, a hacker who helped law enforcement infiltrate the hacking movement ”Anonymous,” which led to the conviction of eight hackers.

The raid came after Hammond penetrated the Texas-based security think tank Strategic Forecasting Inc., known as Stratfor. The company’s clients include the U.S. Department of Homeland Security and the Defense Department. He was also accused of hacking the FBI’s Virtual Academy, the Arizona Department of Public Safety, the Boston Police Patrolmen’s Association, and the Jefferson County, Alabama, Sheriff’s Office.

He’d been working with a subgroup of “Anonymous” to disrupt the networks of Sony Pictures, the Public Broadcasting Service, the Arizona Department of Public Safety and others when a member of the group enlisted him to help break into Stratfor’s systems.

The hackers posted emails between Stratfor employees and clients on the WikiLeaks website, along with credit card data from a client list that included Northrop Grumman, the Marine Corps and Time Warner Cable. They used some of the…

Source…