Jail for man who launched DDoS attacks against Skype, Google, and Pokemon Go

A British man has been sentenced to two years in jail after admitting to a series of computer crime offences, which included over 100 attempts to knock the likes of Google, Skype and Nintendo’s popular video game Pokemon Go offline.

21-year-old Alex Bessell pleaded guilty to charges at Birmingham Crown Court that he had accessed computers without authorisation, disrupted computer operations, made and supplied malware, as well as been involved in money laundering.

Operating from his bedroom in Toxteth, Liverpool, Bessell not only had a zombie army of over 9000 hijacked computers under his control to launch distributed denial-of-service (DDoS) attacks. He also ran an underground online criminal business called Aiobuy, that earned more than US $700,000 by selling malware code to malicious hackers.

On Aiobuy, Bessell offered 9,077 products for sale, including remote access trojans, crypters (designed to hide malware from anti-virus software), botnet code. and other malicious tools. Law enforcement agencies uncovered evidence of more than 35,000 purchases through the site which had recorded over a million visitors.

DC Mark Bird of the West Midlands Regional Cybercrime Unit, which investigated the case, described Bessell’s conviction as important:

“This is one of the most significant cybercrime prosecutions we’ve seen: he was offering an online service for anyone wanting to carry out a web attack.”

“It meant anyone who had a grudge against an individual or company, or who simply wanted to conduct a cyber-attack, didn’t need the technical know-how themselves. They simply needed to pick a piece of malware, pay the fee, and Bessell would do the rest.”

When police raided Bessell’s home they discovered banking trojans on his computers, designed to steal login credentials. In addition, 750 stolen usernames and passwords were recovered from the computers’ hard drives.

Bessell, who is believed to have been involved in cybercrime since the age of 14, was said by prosecutors to have processed more than US $3 million through PayPal and anonymous cryptocurrencies, retaining a percentage for himself. And yet, until late 2017, he also held down a legitimate job as a driver for the takeaway delivery firm Deliveroo.

From the sound of things, it will be some time before Bessell enjoys the luxury of calling out for a takeaway. His unscrupulous actions helped others to commit thousands of hacking attacks against innocent internet users and businesses.

Bessell will have plenty of time to reflect on how he has screwed up his own life, and inflicted pain and hardship on others, as he tucks into his prison meals for the next couple of years.

This is a Security Bloggers Network syndicated blog post authored by Graham Cluley. Read the original post at: HOTforSecurity