Football Leaks Hacker Charged in Portugal for Leaking 70 Million Documents
Read also: Vulnerability in Revolut’s payment system leads to $20M theft, former contractor accused of sabotaging a water treatment facility, and more
Thursday, July 13, 2023
Football Leaks hacker charged in Portugal with 377 offenses
Portuguese prosecutors have finally charged Rui Pinto, a man behind the infamous Football Leaks website, which exposed corruption and some of the dirtiest practices in the global soccer industry.
Between 2015-2018, Pinto leaked about 70 million documents and 3.4 TB of data to news media, leading to the opening of legal proceedings in France, Spain, Belgium and Switzerland. Pinto allegedly obtained the information by hacking into the computers of host clubs, agents, lawyers, and investment funds.
The Football Leaks mastermind was arrested in Hungary in 2019 and extradited to Portugal. Pinto was charged with 377 offenses mostly related to the unauthorized accessing of confidential data, aggravated violation of correspondence and computer damage.
Request your free demo now and talk to our experts.
Two Lapsus$ hackers stand trial for the Nvidia, Rockstar, and Uber breaches
The UK authorities have formally charged two teens, who prosecutors claim were key players in the infamous Lapsus$ extortion group, for their involvement in the compromise and blackmailing of some of the biggest players in the technology sector, including Nvidia, Rockstar Games, and Uber Technologies.
18- year-old Arion Kurtaj and an unnamed 17-year-old teen were charged with hacking and blackmailing US chipmaker Nvidia and British telecommunications company BT Group (British Telecom).
Kurtaj was also separately accused of breaches at ride-hailing company Uber, Rockstar Games’ Grand Theft Auto video game, and fintech firm Revolut. Both teens were arrested in March 2022.
OpenSea spoofer charged with $450,000 NFT theft
Federal prosecutors in the US unsealed charges against a Moroccan man accused of creating a website spoofing the popular OpenSea marketplace to steal cryptocurrency and NFTs (non-fungible tokens).
Soufiane Oulahyane, 25, allegedly used paid ads to boost his fake site on search engine results. This page was designed to look like a login page of the legitimate OpenSea website to trick people into handing over their credentials. The spoofer, who is currently in custody in Morocco, has been charged in the US with wire fraud, the use of an unauthorized access device, and aggravated identity theft. He could be facing up to 45 years in prison if found guilty.
In related news, the US Department of Justice has charged a security engineer with the theft of about $9 million in cryptocurrency from the Solana blockchain. The authorities allege that the defendant, Shakeeb Ahmed, used his expertise to defraud the exchange and then laundered the stolen funds through a series of complex transfers.
A vulnerability in Revolut’s payment systems leads to a $20M theft
An unknown threat actor has exploited an undisclosed flaw in fintech firm Revolut’s payment processing service and stole roughly $23 million from the company.
As per Financial Times, the issue was related to discrepancies between Revolut’s European and US payment systems, which led to Revolut mistakenly refunding the accounts with its funds when transactions were declined.
The criminals behind this massive fraud scheme have been taking advantage of the bug from late 2021 to early 2022 when the problem was discovered and addressed. Revolut had managed to recover only a fraction of the stolen funds, resulting in a net loss of about $20 million.
A former contractor accused of sabotaging a water treatment facility
A former contractor was charged with hacking a water treatment facility in California, the US.
The authorities allege that Rambler Gallo, 53, breached the systems of a water treatment plant in an attempt to delete an operational and monitoring system and shut down servers running critical software. As this system was responsible for monitoring water pressure, filtration, and chemical levels, the intrusion caused a threat to public health and safety, officials said.
If convicted, Gallo faces up to 10 years in prison and a fine of $250,000.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
