Thursday, June 13, 2024
HomeCyber SecurityMan Who Mass-Extorted Psychotherapy Sufferers Will get Six Years – Krebs on...

Man Who Mass-Extorted Psychotherapy Sufferers Will get Six Years – Krebs on Safety

A 26-year-old Finnish man was sentenced to greater than six years in jail at the moment after being convicted of hacking into an internet psychotherapy clinic, leaking tens of 1000’s of affected person remedy data, and trying to extort the clinic and sufferers.

On October 21, 2020, the Vastaamo Psychotherapy Heart in Finland turned the goal of blackmail when a tormentor recognized as “ransom_man” demanded fee of 40 bitcoins (~450,000 euros on the time) in return for a promise to not publish extremely delicate remedy session notes Vastaamo had uncovered on-line.

Ransom_man introduced on the darkish internet that he would begin publishing 100 affected person profiles each 24 hours. When Vastaamo declined to pay, ransom_man shifted to extorting particular person sufferers. In accordance with Finnish police, some 22,000 victims reported extortion makes an attempt focusing on them personally, focused emails that threatened to publish their remedy notes on-line except paid a 500 euro ransom.

Finnish prosecutors rapidly zeroed in on a suspect: Julius “Zeekill” Kivimäki, a infamous legal hacker convicted of committing tens of 1000’s of cybercrimes earlier than he turned an grownup. After being charged with the assault in October 2022, Kivimäki fled the nation. He was arrested 4 months later in France, hiding out beneath an assumed identify and passport.

Antti Kurittu is a former legal investigator who labored on an investigation involving Kivimäki’s use of the Zbot botnet, amongst different actions Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).

Kurittu stated the prosecution had demanded at the least seven years in jail, and that the sentence handed down was six years and three months. Kurittu stated prosecutors knocked just a few months off of Kivimäki’s sentence as a result of he agreed to pay compensation to his victims, and that Kivimäki will stay in jail throughout any attraction course of.

“I believe the sentencing was as anticipated, realizing the Finnish judicial system,” Kurittu instructed KrebsOnSecurity. “As Kivimäki has not been sentenced to a non-suspended jail sentence over the last 5 years, he will likely be handled as a first-timer, his earlier convictions however.”

However as a result of juvenile convictions in Finland don’t depend in the direction of figuring out whether or not any individual is a first-time offender, Kivimäki will find yourself serving roughly half of his sentence.

“This looks like a brief sentence when bearing in mind the gravity of his actions and the life-altering penalties to 1000’s of individuals, nevertheless it’s virtually the utmost the regulation permits for,” Kurittu stated.

Kivimäki initially gained notoriety as a self-professed member of the Lizard Squad, a primarily low-skilled hacker group that specialised in DDoS assaults. However American and Finnish investigators say Kivimäki’s involvement in cybercrime dates again to at the least 2008, when he was launched to a founding member of what would quickly turn out to be HTP.

Finnish police stated Kivimäki additionally used the nicknames “Ryan”, “RyanC” and “Ryan Cleary” (Ryan Cleary was really a member of a rival hacker group — LulzSec — who was sentenced to jail for hacking).

Kivimäki and different HTP members have been concerned in mass-compromising internet servers utilizing recognized vulnerabilities, and by 2012 Kivimäki’s alias Ryan Cleary was promoting entry to these servers within the type of a DDoS-for-hire service. Kivimäki was 15 years outdated on the time.

In 2013, investigators going by way of gadgets seized from Kivimäki discovered pc code that had been used to crack greater than 60,000 internet servers utilizing a beforehand unknown vulnerability in Adobe’s ColdFusion software program. KrebsOnSecurity detailed the work of HTP in September 2013, after the group compromised servers inside information brokers LexisNexis, Kroll, and Dun & Bradstreet.

The group used the identical ColdFusion flaws to interrupt into the Nationwide White Collar Crime Heart (NWC3), a non-profit that gives analysis and investigative help to the U.S. Federal Bureau of Investigation (FBI).

As KrebsOnSecurity reported on the time, this small ColdFusion botnet of knowledge dealer servers was being managed by the identical cybercriminals who’d assumed management over SSNDOB, which operated one of many underground’s most dependable companies for acquiring Social Safety Quantity, dates of beginning and credit score file data on U.S. residents.

Kivimäki was accountable for making an August 2014 bomb risk towards former Sony On-line Leisure President John Smedley that grounded an American Airways airplane. Kivimäki additionally was concerned in calling in a number of pretend bomb threats and “swatting” incidents — reporting pretend hostage conditions at an handle to immediate a closely armed police response to that location.

Ville Tapio, the previous CEO of Vastaamo, was fired and in addition prosecuted following the breach. Ransom_man bragged about Vastaamo’s sloppy safety, noting the corporate had used the laughably weak username and password “root/root” to guard delicate affected person data.

Investigators later discovered Vastaamo had initially been hacked in 2018 and once more in 2019. In April 2023, a Finnish court docket handed down a three-month sentence for Tapio, however that sentence was suspended as a result of he had no earlier legal document.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments