Once again we watch a look back at the last year in cybercrime and those we lost… to the law. This year it was no different to last: We’ve seen another round of high-profile arrests, punishments and prison sentences for some of the most prolific cybercriminals in recent years.
Here’s our look at those who were caught or arrested, including: why a Russian accused of ransomware burned his passport, which notorious malware gang reared its ugly head again, and why one country’s hackers targeted a manufacturer of unsuspecting phones.
For a time, Joseph James O’Connor was one of the most sought-after hackers on the Internet, not only by federal authorities investigating the breach, but also by the curious public who watched his hacking unfold in real time.
O’Connor was a member of the hacking group that broke into Twitter to abuse access to an internal administration tool they used to hijack high-profile Twitter accountsincluding Apple, Joe Biden and Elon Musk (who I then bought the site) to spread a crypto scam. Twitter has taken drastic steps to rid its network of hackers by temporarily blocking posts from all of the site’s more than 200 million users.
A New York judge sentenced the 24-year-old hacker to five years in prison, including two years in pretrial detention.
A screenshot of a tweet from Joe Biden’s briefly hacked Twitter account displaying a crypto scam. Image credits: TechCrunch
Federal prosecutors this year charged former Amazon employee hacked cryptocurrency exchange and steal millions of customers’ cryptocurrencies. The case initially appeared to be that of an ethical hacker gone rogue by apparently offering to return the funds in exchange for a bug bounty. But ultimately Shakeeb Ahmed was caught in part by googling his own crimes that prosecutors said were linked to “his own criminal responsibility.”
Ultimately, Ahmed pleaded guilty earlier in December, according to the Ministry of Justiceand faces up to five years in prison – and repaying $5 million to the victims.
Why a Russian is accused by US prosecutors of ransomware attacks burn your passport? According to accused hacker Mikhail Matveev, this is because the US government’s accusations would follow him wherever he went and most countries would extradite him for the crimes he is accused of – crimes he has not denied in itself. but rather externally welcomed. In an interview with TechCrunch, Matveev said the last time he visited Thailand was in 2014, but not since.
Federal prosecutors say Matveev is a “central figure” in the development and deployment of Hive, LockBit and Babuk ransomware variants, which resulted in millions of dollars in ransoms. Matveev is believed to live in the Russian enclave of Kaliningrad, where he remains tantalizingly close but out of reach of authorities.
The FBI’s wanted poster for Mikhail Matveev. Image credits: FBI
Hackers in the Hermit Kingdom have been busier than ever this year, accumulate hacks on popular crypto wallets And major crypto projects with the aim of bringing in as much money as possible to the regime anywhere he can get it to finance its authorized nuclear weapons program.
Some of the North Korea-related cyberattacks may not have made much sense at first glance, but breaking into software companies gave hackers access to the targets they were looking for. Business telephony provider 3CX said that North Korean hackers broke into its systems and planted malware in a corrupted software update that was rolled out to customers as part of a long-running effort to target 3CX’s crypto customers. Software company JumpCloud said it was also hacked by North Korean hackers likely in an attempt to collect data on a handful of its crypto-related clients.
The FBI warned earlier this year that North Korean pirates were about to cash in some of their recent crypto heists.
It took the feds about a decade, but their persistence paid off when they finally identified the mastermind behind Try2Check, a credit card checking operation that allowed criminals to buy credit card numbers in bulk to identify which cards are still active. This scheme netted Russian national Denis Gennadievich Kulkov more than $18 million in illicit proceeds – and a place on the US Secret Service’s most wanted list with a $10 million bounty for information leading to Kulkov’s conviction. It may not be tomorrow, given that Kulkov is still in Russia and out of the hands of American prosecutors.
A prolific hacker and seller of stolen data, the administrator of the cybercrime forum BreachForuns known as Pompompurin, was arrested at his home by the FBI in a leafy town in upstate New York. BreachForums has been involved for some time in the sale of data of millions of people with more than 340,000 active members, to the point where the Department of Justice tried to “disrupt” the site to take it offline. The operation saw the arrest of Conor Brian Fitzpatrick, 20, following a large surveillance operation. Ultimately, it was not just the accusations of hacking and wire fraud that brought down the famous hacking forum administrator, but also the possession of child abuse images. Fitzpatrick subsequently pleaded guilty and will be sentenced at a later date.
Qakbot was one of the oldest and most high-profile hacking groups of the last decade, and was once the malware of choice for delivering ransomware to businesses, organizations and governments around the world, generating tens of millions of dollars in ransoms. At its peak, the FBI said Qakbot compromised more than 700,000 devices as of June 2023, including at least 200,000 hacked devices located in the United States. In a bold effort to take the malware offline permanently, the FBI launched Operation Duck Hunt (do not say that too quickly), which prompted Qakbot-infected computers to download an uninstaller created by the FBI, thereby ridding the malware from the infected device. The operation was hailed as a success. But recent Qakbot infections suggest that removal was little more than a short setback.
This is likely the last cybersecurity conviction of the year: A hacker accused of involvement in the prolific Lapsus$ hacking group will be held until doctors determine he is no longer a a threat to the public. Arion Kurtaj, a teenager from Oxford, was sentenced to indefinite hospitalization in December, reports the BBC. Kurtaj is one of several hackers who attacked Rockstar Games, Uber, Nvidia and telecommunications giant EE and used social engineering and threats to gain access to corporate networks. The judge said the teenager’s skills and desire to continue committing cybercrimes meant he remained a high risk to the public.
Read more on TechCrunch:
