British hacker Zain Qaiser sentenced for blackmailing millions
9 April 2019
A 24-year-old British hacker named Zain Qaiser has been sentenced to six-and-a-half-years in prison for targeting millions of computer users in more than twenty countries with ransomware attacks that locked users out of their devices.
The arrest and subsequent sentencing of Zain Qaiser, who hails from Barking in Essex, is a major victory for cyber-crime prosecution efforts in the UK considering that Qaiser was able to blackmail computer users into paying more than £700,000 between 2012 and 2018 to regain control of their devices.
Nigel Leary, a senior investigating officer at the National Crime Agency (NCA), said that the international cyber crime group that Qaiser belonged to “was one of the most sophisticated, serious and organised cyber crime groups the National Crime Agency has ever investigated”. The NCA believes that based on Qaiser’s lifestyle, he earned a lot more than £700,000 in the years he was active.
Qaiser user ad space in porn sites to inject malware into computers
Qaiser created an online account named K!NG and used fraudulent identities and bogus companies to purchase large amounts of advertising traffic from pornographic websites. Once advertising space was obtained on a pornographic website, Qaiser and his cyber-crime associates hosted and posted advertisements laced with malware.
“When users clicked on the ads they were redirected to another website, hosting highly-sophisticated malware strains including the infamous Angler Exploit Kit (AEK) – believed to have been created, managed and marketed by one of Qaiser’s Russian-speaking associates. Users with any vulnerabilities would subsequently be infected with a malicious payload.
“One of those malicious payloads was a piece of software called Reveton – a type of malware that would lock a user’s browser. Once locked, the infected device would display a message purporting to be from a law enforcement or a government agency, which claimed an offence had been committed and the victim had to pay a fine of anything between $300-$1,000 in order to unlock their device. The campaign infected millions of computers worldwide across multiple jurisdictions,” the NCA noted.
Once targeted users paid ransom in virtual currency to regain control over their devices, Qaiser would reroute the money back to himself through a complex web of pre-loaded credit cards, fraudulent identities, and cryptocurrency to make such transactions difficult to detect.
Even when online advertising agencies caught wind of Qaiser’s criminal activity, he blackmailed them by threatening to destroy their servers and also carried out two DDoS attacks which cost these agencies at least £500,000 through lost revenue and mitigation costs.
Major victory against cross-border cybercrime
According to the NCA, Qaiser used the money obtained through his criminal activities to live a life of luxury. Not only did he spend a lot of money on stays in high-end hotels, prostitutes, gambling, drugs and luxury items, but also spent £68,000 on gambling in a London casino during a 10-month period.
“This was an extremely long-running, complex cyber-crime investigation in which we worked with partners in the US, Canada, Europe and the Crown Prosecution Service. The FBI and the US Secret Service have both arrested people in relation to this global malware campaign,” said senior investigating officer Leary.
“The investigation demonstrates that cyber-criminals cannot operate from behind a veil of anonymity, and that the NCA has the tenacity and specialist skills to catch them and bring them to justice. The international law enforcement community will continue to work together to counter the threat of borderless cyber-crime,” he added.
Image Source: National Crime Agency