Reported by: Zack Whittaker, Carly Page
Arrested, seized, doxed and detained. These are just some of the ways police and prosecutors around the world took down the biggest cybercrime operations of the year, even if it meant resorting to new and unconventional eyebrow-raising methods. From stashing billions of bitcoin under the floorboards to teenage hackers gatecrashing Fortune 500 networks, this year saw some of the most jaw-dropping breaches — and the highest-profile apprehensions.
As we close out 2022, we look back at the cybercriminals we lost this year … to the law.
Sanctions and seizures hit the crypto scene
U.S. officials scored some major wins against crypto-laundering in 2022. At the beginning of the year, the Justice Department said it had seized more than $3.6 billion worth of bitcoins allegedly stolen in the 2016 hack of crypto exchange Bitfinex and that it had arrested a married couple suspected of laundering the money.
U.S. doxes alleged Conti ransomware member
In August, the U.S government shared an image of a suspected Conti ransomware operator known as “Target,” the first time it has outed a major ransomware actor. The program also offered up to $10 million for information leading to the identification and location of Target, along with four other alleged Conti members known as “Tramp,” “Dandis,” “Professor” and “Reshaev.”
James Zhong, the hacker who stole billions of Silk Road’s bitcoin
In a surprising yet anticlimactic conclusion to one of the government’s longest-running cyber cases, the mystery of the notorious dark web drugs marketplace Silk Road’s missing billions was solved. In November, U.S. federal agents said it found $3.36 billion worth of bitcoin that had been stashed in a popcorn can under the bathroom closet floorboards in the home of the hacker nearly a decade earlier. Prosecutors brought charges against the hacker, a Georgia resident named James Zhong, whose plea agreement with the feds saw him forfeit the huge cache of cryptocurrency, along with $600,000 in cash and other precious metals.
Raccoon Stealer operator charged over mass password theft
U.S. officials in October charged a Ukrainian national over his alleged role in the Raccoon Infostealer malware-as-a-service operation that infected millions of computers worldwide. Mark Sokolovsky, who goes by the online handle “raccoonstealer,” is accused of having a major role as a key administrator of the malware, which prosecutors say was used to steal more than 50 million unique credentials and forms of identification from victims around the world since February 2019.
Seller of WhatsApp-hacking tech pleads guilty
Signal jammers, Wi-Fi interception tools and WhatsApp hacking tools. These are some of the things that one Mexican businessman admitted in federal court to selling for both commercial and personal reasons. The Justice Department accused Carlos Guerrero of, among other things, arranging the sale of hacking tools to Mexican politicians.
Lapsus$ rounded up once, twice
The Lapsus$ gang rose to notoriety in 2022. The data extortion group, which first emerged a year earlier, quickly claimed a number of high-profile victims, including Okta, Microsoft, Nvidia and Samsung.
While the gang once seemed invincible, a number of its members were arrested in March this year. In a statement given to TechCrunch at the time, City of London Police confirmed that seven people between the ages of 16 and 21 had been arrested in connection with Lapsus$.
SSNDOB, a marketplace for stolen Social Security numbers, is no more
U.S. officials in June announced the takedown of SSNDOB, a notorious marketplace used for trading the personal information — including Social Security numbers, or SSNs — of millions of Americans.
Ex-Amazon engineer convicted of Capital One data heist
Also in June, Paige Thompson, a former engineer in Amazon’s cloud division, was convicted of a breach that compromised the personal and financial information of 100 million CapitalOne customers in 2019. The breach was one of the biggest bank heists in U.S. history, which included the theft of credit scores, limits and balances, and also affected a million Canadians. Thompson was accused of using her knowledge as an Amazon software engineer to breach CapitalOne’s online cloud storage, hosted on Amazon’s servers, and compromising the cloud storage of several other companies.
A major REvil operator was extradited to the United States
With a $10 million bounty on their heads after a brazen ransomware attack on Kaseya that spread to hundreds of its downstream customers, it was only a matter of time before the REvil ransomware group’s luck would run out. That’s what happened with Yaroslav Vasinskyi, a 22-year-old Ukrainian national, who was arrested in Poland in October and later arraigned and extradited to Dallas, Texas to face accusations of computer hacking and fraud by way of his alleged involvement with REvil.
U.K. arrest teenagers linked to Uber and GTA hacks
In September, police in London confirmed that a 17-year-old teenager suspected of involvement in high-profile breaches at ride-hailing giant Uber and Rockstar Games had been charged with multiple counts of computer misuse and breaches of bail.
Financial Crime News Briefs 