Home » World News »
Hacker who blackmailed porn users is jailed for more than six years
Hacker, 24, who worked with a Russian crime group to blackmail porn users out of £500k he spent on luxury hotels and a Rolex is jailed for more than six years over multi-million pound global conspiracy
- Zain Qaiser put adverts with malware on porn sites so he could hack computers
- Message would follow urging user to pay £767 to avoid criminal proceedings
- He worked with an Russian crime group, in UK’s most serious cyber crime case
- Spent £500,000 earnings on luxury hotel stays, gambling and a Rolex watch
- Qaiser initially denied crimes but entered guilty pleas to 11-count indictment
Zain Qaiser, 24, pictured at the Old Bailey in 2017, has been jailed for more than six years
A 24-year-old cyber criminal known as the ‘K!NG of the internet’ who made £500,000 by threatening porn website users with bogus criminal charges was today jailed for more than six years.
Zain Qaiser, of Barking, Essex, launched a scam to plant adverts infected with malware on porn sites which allowed him to hack into his victim’s computers and demand a payment of up to $1,000 (£767) to unfreeze the screens.
The computer science student, who worked with an international Russian crime group, installed browser locking software to freeze the user’s screen.
This was followed by a message telling them criminal proceedings would be initiated if they refused to pay a fee.
Qaiser raked in cash from users terrified they had broken the law – and when he was being treated for mental health problems in hospital, he even used the wi-fi there to get more money pouring in.
He received more than £500,000 in the scheme, which he spent on luxury hotel stays, gambling and a Rolex watch.
The National Crime Agency said it was the most serious cyber crime case it has investigated, Kingston Crown Court heard.
Judge Timothy Lamb QC said: ‘The harm caused by your offending was extensive, so extensive that there does not appear to be a reported case involving anything comparable.
The student installed browser locking software to freeze the user’s screen, followed by a message telling them criminal proceedings would be initiated if they refused to pay a fee
‘Whatever your motivation for mounting these attacks on the internet, you took the opportunity to spend large sums of ill-gotten money in casinos, on an expensive watch and luxury hotel services.
‘All the constituent offences were part and parcel of your role as the self-styled ‘K!NG’ of the internet. It has been asserted on your behalf you are remorseful. I have seen no outward expression of that.’
Qaiser, wearing a blue jumper and with his hair cut short, remained expressionless as he was sentenced to a total of six years and five months in prison. He committed most of his crimes between the age of 18 and 19,
He had also targeted advertising companies operating on porn sites to blackmail them into letting him place malware infected adverts to snare his victims.
Qaiser, pictured in a photograph released by prosecutors today, raked in cash from users terrified they had broken the law
The hacker then blew a fortune on luxury goods and spent £68,000 gambling in one casino.
He originally denied the charges, but his trial but his trial was adjourned twice due to him being sectioned under the Mental Health Act.
But while he was on bail, he set up three bank accounts which received approximately £134,000 in proceeds of crime.
On one occasion, he used the wi-fi of Goodmayes Hospital in North London, where he was being treated for his mental condition.
Previously, prosecutor Joel Smith told the court: ‘Mr Qaiser was involved in online criminality which falls into four categories.
‘The first is that the defendant was involved in infecting advertisements on pornographic software known as ‘ransomware’.
‘The defendant would contact online advertiser brokers who would sell advertising space on websites.’
Mr Smith told the court the brokers would sell advertising space, and were paid an agreed fee volume of ‘traffic’, namely number of people who clicked on the ads.
‘In this case, the defendant was advertising space on pornographic websites and selling further pornography.
How Zain ‘K!NG’ Qaiser use malware in attacks
Zain Qaiser using the online name K!NG, bought masses of advertising on porn sites using fake identities.
But when users clicked the corrupted links, their computers were exposed to highly sophisticated ‘Angler’ software.
Infected computers showed a message impersonating law enforcement in the user’s country saying an offence had been committed and demanding payment of up to $1,000 (£767), the court heard.
The crime group collected massive multimillion-pound profits from victims in more than 20 countries, although the total number of people who paid the fee is unknown.
Some advertisers were ‘happy to turn a blind eye’ to Qaiser’s actions – but those who tried to stop him ‘became the subject of the defendant’s anger’, the prosecutor told the court.
Qaiser then blackmailed them and tried to flood their servers with DDoS (distributed denial of service) attacks, putting the sites out of action and costing several businesses hundreds of thousands of pounds, he added.
He even threatened to spam their sites with child pornography, the court heard.
‘However, when a user clicked on these advertisements they were taken to a ‘landing page’, or website, infected by a malicious piece of software known as an exploit kit,’ he added.
‘This software scanned the user’s computer looking for vulnerability and, if found, infected the computer with a further piece of software known as ransomware.’
Once the computer had been infected with that ransomware the browser, or sometimes the who computer, would lock.
A message would appear onscreen saying that the user had committed an illegal act, and to pay the ransom to avoid police action.
Millions of computers around the world are believed to have been targeted.
‘Whether for reasons of fear and embarrassment, because they were looking at pornography, or for simple expedience, many persons infected by the malware paid the ransom.
‘The monies were most often paid by way of online currency, which could be loaded onto pre-paid credit cards,’ he added.
Some online advertisers became aware that the advertisements were infected with malware and tried to cut ties with Qaisir or refuse or to refund him for the adverts.
‘Companies that sought to stop the defendant from making money through malware became the subject of the defendant’s anger,’ he added.
‘He responded with blackmail and online attacks. The blackmail took the form of contacting the brokers online and threatening to attack the servers used by the companies and even place child pornography on their sites.
‘This would have an obvious impact on their reputation within the industry and indeed their business.’
Adopting the alias ‘The King’, he sent messages saying he would ‘f*** up’ the advertisers’ sites if they didn’t approve his ads.
The hacker would often follow through on his threats, subjecting the company computers, and on one occasion a director’s home computer, to a Distributed Denial of Service, or DDoS attack.
This involves a large number of computers attempting to access a website at once, overloading it and crashing it.
The court heard that to carry out this complicated scam, Qaisir used a number of fake identities, on two occasions stealing the contact details of two real women.
He used the money to fund an extravagant lifestyle and bought a £4,900 Rolex watch and gambling over £68,000 at Aspers casino.
His previous convictions include common assault, assaulting a police officer and a public order offence.
Qaiser, who initially denied the crimes and claimed he had been hacked himself, entered guilty pleas to an 11-count indictment.
He has admitted three counts of blackmail; three counts of fraud by false representation; four counts of doing an unauthorised act with intent to impair the operation of a computer; and one count of possessing criminal property.
The ransomware offences were committed between 2012 and 2014, while the money laundering offence was committed between 2015 and 2018.
Qaiser was charged in February 2017, but a trial set for February 2018 was abandoned when he was sectioned under the Mental Health Act.
In December, he was arrested over laundering around £120,000 while on bail and charged and remanded in custody.
Prosecutors suspect Qaiser has money stored in offshore accounts but have been unable to directly trace them so far, Mr Smith said.
Source: Read Full Article