The BBC News has reported that a 24-year-old student has been jailed for six years and five months for a string of porn ransomware attacks.
Zain Qaisar, from Barking, London, made nearly a million dollars as a result of a scam which targeted embarrassed porn viewers. According to the UK’s National Crime Agency (NCA) the hacker made at least $914,000 threatening to expose people’s porn habits. However, the government agency believes his actual earnings may have gone into the millions.
The student is believed to be working as part of a Russian-backed organized crime group, which infiltrated porn sites as a company seeking to buy advertising space. These misleading ads would redirect unsuspecting viewers to sites that contained malicious software. Currently, it is estimated that there were victims from 20 different countries.
These malicious sites would lock on to the victim’s computer and display messages claiming to be government authorities. From here, they said that they had recorded webcam evidence of the user and demanded a ransom of between $300 and $1,000 to unlock the computer.
This technology relied on the Angler Exploit Kit, a powerful piece of malware designed and developed by Russian hackers. Qaiser is believed to have shared his profits with his Russian associate. From this point, Angler was set up to insert further malicious software, which suggests that the victim was responsible for the shutdown.
Qaiser was apprehended in July 2014 after an advertising agency he used reported him to the police. In retaliation, Qaiser conducted a DDoS against the agency and said: “We can make some serious money together. It’s my way or no way. The K!NG is back.” Today, the company is thought to have suffered over $650,000 in damages.
Since the incident, the NCA continued to monitor Qaiser’s activity, even after his arrest in mid-2014. After the student was referred to a mental health facility in late 2017, a British local newspaper reported that his hospital WiFi account was used to access the advertising agency he used whilst committing these crimes. According to the NCA, Qaiser continued to offend right up until December of last year.
After initially pleading innocent, Qaier had admitted to 11 separate incidents of cyber felony, including blackmail, fraud, money laundering, and misuse of a computer. When passing the sentence last week, Judge Timothy Lamb said:
“The harm caused by your offending was extensive – so extensive that there does not appear to be a reported case involving anything comparable. Whatever your motivation for mounting these attacks on the internet you took the opportunity to spend large sums of ill-gotten money in casinos, on an expensive watch and luxury hotel services.”
