This spring, a London court sentenced 24-year-old British citizen Zain Qaiser aka K! NG to six years in prison. The fact is that a few years ago, an attacker managed to “earn” about 915,000 dollars on an interesting fraudulent scheme. According to investigators, he spent these funds on expensive hotels, gambling, drugs, prostitutes and luxury goods (although Kayser was officially unemployed and lived with his parents).
Since 2012, Kayser has been buying ad slots on adult sites, where he posted his ads with malicious code that redirected victims to malicious sites. On such user resources, a set of Angler exploits awaited, detecting and exploiting vulnerabilities in browsers. If Angler coped with its task, a malware, namely the Reveton ransomware, penetrated the victim systems. This ransomware blocked the user's computer and displayed various messages demanding a ransom (from 300 to 1,000 dollars), while for the sake of greater conviction, the victims were scared that what was happening was supposedly the work of law enforcement agencies (for example, the FBI) and for distributing child pornography.
According to the British National Crime Agency, Kaiser was not only distributing the Reveton ransomware, but was also involved in DDoS attacks and blackmail. In particular, he threatened at least two advertising agencies specializing in “adult” content. If they turned out to rent ad slots, Kaiser launched DDoS attacks, threatened to “put” the company's servers, and then fill them with complaints about child porn. Due to DDoS attacks, the attacker lost about $ 655,000.
Interestingly, according to law enforcement agencies, Kayser was tightly connected with the Russian-speaking criminal group Lurk, which was developing the now-idle, and then very popular and effective set of exploits Angler and the equally famous banking Trojan Lurk.
Kayser is now behind bars and has admitted to blackmail, fraud, money laundering and misuse of a computer. But last week a hearing took place on a property confiscation hearing, and the UK National Crime Agency decided to seek Kayser paid 270,864 pounds (355,000 US dollars), since the proceeds and assets acquired from them were obtained through criminal activity. In particular, the hacker was ordered to sell Rolex watches, worth £ 5,000, which are currently at the disposal of law enforcement.
If Kayser fails to pay the full amount within three months, the prison term for him will be extended by two years, and he will still be required to pay the above amount.
“He helped the criminal group to earn millions of pounds in ransom, by blackmailing countless victims, from which he himself made huge profits. Orders on confiscation of property are a key tool that allows us to seek the sale of illegally obtained assets, depriving convicted criminals of the opportunity to provide themselves with a luxurious lifestyle after release, ”representatives of the National Crime Control Agency say.