Friday, 15 Nov 2024

FBI arrest alleged US accomplice of northern beaches Netflix bootlegger

The US Federal Bureau of Investigation has arrested the alleged American accomplice of a Sydney man over a scheme that provided tens of thousands of people with cheap access to Netflix and other streaming services using vast troves of stolen login details.

Samuel Joyner, 30, from Beaverton in Oregon, has been indicted for his alleged role in the conspiracy alongside Evan McMahon, 23, of Dee Why on Sydney’s northern beaches. McMahon pleaded guilty and was sentenced in April to serve two years and two months on an intensive corrections order.

A sophisticated bootlegging scheme gave people cheap access to streaming services using stolen login details. Credit:AP

Mr Joyner, also going by online aliases such as “FamousCracker”, has been charged with conspiracy to commit computer and access device fraud, trafficking and the use of unauthorised access devices, and possession of 15 or more unauthorised access devices.

He is accused of running an online platform called “AccountBot” with McMahon between February 2018 and March 2019. The pirate subscription service offered access to Netflix, Spotify Premium, Hulu, HBO Max and other streaming platforms for very small fees, including $US10.97 for “lifetime access”. Customers were able to pay using cryptocurrency.

Customers of the account generator platform were able to access the legitimate streaming services using login credentials sourced from troves leaked in large data breaches. A process of “credential stuffing” was used to conduct large, automated tests of the login details to check if they were current.

The US Department of Justice said that Mr Joyner and McMahon were equal partners but performed different roles in the scheme. They allege McMahon was responsible for coding and Mr Joyner allegedly acquired the stolen login details and handled customer service.

Evan McMahon, 23, pleaded guilty to two offences over his online bootlegging scheme. Credit:Linkedin

Skype communications between the pair allegedly show they agreed on a 50-50 split of the profits. They also allegedly agreed to maintain control of the stolen login credentials by banning users from sharing the details with others.

By March 2019, AccountBot had more than 52,000 registered customers and more than 217,000 sets of login credentials.

Mr Joyner was arrested by FBI agents on Wednesday, local time, and pleaded not guilty in the US District Court of Oregon.

“Cyber crime shows how small of a world we live in these days. The subjects and the victims can live next door or half a world away,” Kieran Ramsey, Special Agent in Charge of the FBI in Oregon, said.

“In this instance, FBI agents in Omaha, Nebraska, launched an investigation that would stretch all the way to Australia and back to Oregon.”

McMahon, a self-described “computer nerd”, made about $680,000 from the pirate subscription services, winnings that went on to generate an unexpectedly large windfall for authorities.

Cryptocurrency held by McMahon was worth $460,000 when it was transferred to Australian Federal Police control in June 2020 but, thanks to a boom in the digital assets, grew to more than $1.3 million.

McMahon, a graduate of Mosman High School, worked as a web developer at Finder.com.au until his arrest in March 2019.

He received a discounted sentence following his conviction and the sentencing judge encouraged McMahon to use to his technical skills for the good of society rather than criminal behaviour.

The Australian Federal Police’s cybercrime operations commander Chris Goldsmid said the scheme relied upon hacked credentials of millions of people worldwide and urged people to protect their online data.

“The harvesting and selling of personal details online was not a ‘victimless crime’ – these were the personal details of everyday people being used for someone’s greed,” Commander Goldsmid said.

Mr Joyner faces up to 10 years in US prison for his alleged offences.

People can protect their accounts from breaches by using long and difficult to guess passwords and employing different passwords across accounts. Password manager software can help. People can check if their data has been compromised using websites such as Have I Been Pwned?

Get our Morning & Evening Edition newsletters

The most important news, analysis and insights delivered to your inbox at the start and end of each day. Sign up to The Sydney Morning Herald’s newsletter here, The Age’s newsletter here, Brisbane Times‘ here and WAtoday‘s here.

Most Viewed in National

From our partners

Source: Read Full Article

Related Posts