Former RaidForums Member Databox Sentenced to 3 Years in Prison
Read also: a cybercriminal charged in connection with LockBit ransomware operation, US offers up to $10 million for info on MOVEit hackers, and more.
Thursday, June 22, 2023
Former RaidForums member Databox sentenced to 3 years in prison
An Amsterdam court has sentenced the former member of the now-defunct RaidForums hacker forum Erkan Sezgin to 36 months in prison, of which 12 months are suspended with a probationary period of 3 years.
Sezgin, who operated on the forum under the alias “Databox,” put up for sale the personal data of almost 9 million Austrian citizens obtained in the 2020 Gebühren Info Service (GIS) tax filing service breach.
The hacker also attempted to sell similar datasets containing personal info of citizens of Italy, Colombia and the Netherlands. Sezgin was also found guilty of launching phishing campaigns and laundering hundreds of thousands of euros in cryptocurrency. Databox was arrested in November 2022 in the Netherlands.
Request your free demo now and talk to our experts.
Polish police shut down a DDoS-for-Hire service active since 2013
Polish law enforcement authorities arrested two individuals suspected of running an unnamed DDoS-for-Hire service that was in operation for nearly ten years. The arrests were part of a long-running international police effort called “Operation Power Off” aimed at disrupting on-demand DDoS attack services.
According to police, the service had more than 35,000 registered accounts and was used to launch more than 320,000 attacks. The service is estimated to have generated more than $400,000 for its operators.
The authorities also seized data from the perpetrators’ servers located in Switzerland and conducted searches at the suspects’ homes. Electronic equipment and a private key for a cryptocurrency wallet containing 1 bitcoin and 1 bitcoin cash (a little over $30,000 in total) were confiscated.
Cybercriminal gang that conned US citizens out of $20M busted in India
In a coordinated effort Delhi Police, the US Federal Bureau of Investigation and Interpol took down a cybercriminal group behind a scam call center that defrauded US citizens out of $20 million.
The scammers duped victims by posing as employees of the US Internal Revenue Service/Social Security Administration, Drug Enforcement Administration (DEA) and other US agencies. The fraudsters would profile their targets based on their social media accounts, mostly choosing wealthy, lonely, and not tech-savvy individuals.
The police arrested six suspects in connection with the case - four in India, one in Uganda and one in Canada - including an alleged leader of the syndicate.
Cybercriminal charged in connection with LockBit ransomware operation
20- year-old Russian national Ruslan Astamirov, of the Chechen Republic, has been accused in the United States of his alleged involvement with the LockBit ransomware gang and conducting attacks against victims in the US, Asia, Europe, and Africa.
Astamirov participated in the LockBit affiliate program from August 2020 to March 2023 and carried out at least five ransomware attacks against victims in the US and elsewhere. Prosecutors allege that he also controlled IP and email addresses, as well as other online accounts used by LockBit to deploy ransomware and contact their victims.
Astamirov is charged with conspiring to commit wire fraud, to intentionally damage protected computers and to transmit ransom demands. If convicted, he faces a maximum penalty of 25 years in prison.
US offers up to $10 million for info on MOVEit hackers
The US State Department announced a reward of up to 10 million for information that would allow linking members of the Clop ransomware group or any other malicious actor targeting US critical infrastructure to a foreign government.
First spotted in 2019 the Clop ransomware operates under a Ransomware-as-service business model and is known for a series of ransomware attacks on multiple high-profile organizations. It is estimated that Clop syndicate has extorted more than $500 million from various organizations.
More recently, Clop claimed responsibility for the massive MOVEit global hack that impacted dozens of organizations worldwide, including US government agencies, oil and gas giant Shell, UK’s media regulator Ofcom, and the British integrated communications provider Adare SEC.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
