Security News

A 22-year-old man has been sentenced to more than a year in prison for developing Mirai botnet variants that compromised hundreds of thousands of devices worldwide. The man, Kenneth Currin Schuchman, of Vancouver, Wash., was sentenced to 13 months in prison after pleading guilty to creating and operating the Satori/Okiru, Masuta and Tsunami/Fbot botnets.

A man who developed distributed denial of service botnets based on the source code of Mirai was sentenced to 13 months in federal prison. Initially based on the publicly available Mirai source code, the botnets received additional capabilities over time, which increased their complexity and efficiency, the DoJ says.

The United States Department of Justice yesterday sentenced a 22-year-old Washington-based hacker to 13 months in federal prison for his role in creating botnet malware, infecting a large number of systems with it, and then abusing those systems to carry out large scale distributed denial-of-service attacks against various online service and targets. According to court documents, Kenneth Currin Schuchman, a resident of Vancouver, and his criminal associates-Aaron Sterritt and Logan Shwydiuk-created multiple DDoS botnet malware since at least August 2017 and used them to enslave hundreds of thousands of home routers and other Internet-connected devices worldwide.

A former analyst for the U.S. Defense Intelligence Agency has been sentenced to more than two years in prison after sharing highly classified, national defense intelligence with two reporters. According to the Department of Justice on Thursday, Frese held a "Top Secret/Sensitive Compartmented Information" security clearance at the DIA. He leveraged these privileges to search for the classified data - stored in secure, classified government information systems - at least 30 times in 2018.

Rakhshan was sentenced to five years in federal prison and ordered to pay more than $520,000 in restitution. He admitted to conspiring to launch a DDoS attack in January 2015, targeting Leagle.com, a legal aggregation site that had published information about Rakhshan's prior criminal conviction in Canada, and which was hosted by a provider located in Dallas, Texas.

Literal locked-down market biz Securus Technologies has settled a class-action lawsuit over illegally recorded prison phone calls, promising to improve its systems while avoiding a massive damages bill stretching to tens of millions of dollars. Two former prisoners and a criminal defense attorney sued the Texan company after it was revealed the prison communications provider had recorded more than 14,000 legally protected conversations between inmates and their lawyers in California.

Literal locked-down market biz Securus Technologies has settled a class-action lawsuit over illegally recorded prison phone calls, promising to improve its systems while avoiding a massive damages bill stretching to tens of millions of dollars. Two former prisoners and a criminal defense attorney sued the Texan company after it was revealed the prison communications provider had recorded more than 14,000 legally protected conversations between inmates and their lawyers in California.

A California man has been sentenced to more than seven years in prison for hacking an Atlanta-based company and trying to extort money in exchange for the return of the company's intellectual property. Kight accessed computer networks and servers of multiple companies and organizations in Georgia without authorization, prosecutors said.

The leaky bucket belongs to JailCore, a cloud-based app meant to manage correctional facilities, including by helping to ensure better compliance with insurance standards by doing things like tracking inmates' medications and activities. JailCore closed down the data leak between 15 and 16 January: 10 or 11 days after vpnMentor notified it about the breach.

A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images. As part of the police caution he agreed not to access any IT system within the hospital, not to enter the hospital unless he was ill or visiting a patient, and not to contact hospital staff unless asked to by the HR department.