A 24-year-old hacker who used malware-disseminating ads on porn sites to lock millions of computers and extort cryptocurrency ransoms received a six-year prison sentence this week in London, The Register reports.
According to The Birmingham Mail, the accused, Zain Qaiser, “worked for an international Russian crime group.”
The National Crime Agency (NCA) also claimed during the trial that Qaiser used an Angler Exploit Kit, “…created, managed and marketed by one of Qaiser’s Russian-speaking associates,” to deploy Reveton malware.
If an unsuspecting visitor to a porn site clicked on one of Qaiser’s “masses” of malicious ads, malware would be activated to lock that user’s browser.
Thereafter, says the NCA, the malware would, “…display a message purporting to be from a law enforcement or a government agency, which claimed an offence had been committed.”
Qaiser would only unlock affected computers if a ransom of $300-$1,000 in cryptocurrency was paid.
It is believed the accused collected at least £700,000 in ransoms, though The Birmingham Mail reports that, “Prosecutors suspect Qaiser has money stored in offshore accounts but have been unable to directly trace them so far.”
Prosecutors reportedly alleged that Qaiser, an “unemployed student,” spent the proceeds of his crimes on, “luxury hotel stays, gambling and a Rolex watch.”
The young man plead guilty to 11-counts of blackmail, fraud, money laundering and computer misuse relating his exploits not long after his arrest.
According to The Register, the now-convicted hacker:
“…was caught after ad networks realised what they were being used for and tried to stop Qaiser, who responded by DDoSing them.”
The same outlet says that Qaiser directly threatened an ad company director, stating:
“I’ll first kill your server, then send child porn spam abuses.”
Qaiser was set to go to trial in February 2017 but proceedings were delayed for a year after he was, “…sectioned under the Mental Health Act…(and) detained at Goodmaynes Hospital in north London.”
While in hospital, Qaiser allegedly used hospital Wi-Fi, “…to access online advertising websites he had used for his offending.”
The Register reports that, while sentencing the accused, Judge Timothy Lamb QC told Qaiser:
“The harm caused by your offending was extensive – so extensive that there does not appear to be a reported case involving anything comparable.”