Euro Security Watch with Mathew J. Schwartz

Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management

Suspected NASA Hacker Busted After Boasting About Exploits

Suspect Allegedly Led Team of Self-Styled 'Master Italian Hackers'
Suspected NASA Hacker Busted After Boasting About Exploits
Source: Polizia di Stato

Memo to hackers: Boasting about your exploits on social media channels is a good way to get caught.

See Also: The Cybersecurity Swiss Army Knife for Info Guardians: ISO/IEC 27001

Police in Italy say such bragging helped them bust a 25-year-old suspect who allegedly participated in a series of online attacks that targeted more than 60 government agency websites in Italy, including sites run by the Penitentiary Police, RAI - Radio Audizioni Italiane, the national public broadcasting company - as well as the local government of Tuscany.

He's also been tied network intrusions against eight National Aeronautics and Space Administration domains in the U.S., as well as a 2013 defacement of the NASA website's home page.

Police say they identiied the suspect, a 25-year-old man from Salò, Italy, that they have not publicly named, thanks to information that he shared with others online. They also say that after having been presented with evidence of his attacks, the suspect confessed.

"The hacker has been betrayed by having boasted about his hacking exploits on various social networks," according to Polizia di Stato, one of Italy's national police forces.

Police says the suspect not only boasted about his attacks, but also claimed to be a member of a hacking group calling itself the "Master Italian Hackers Team," which police have tied to dozens of attacks.

The suspect was identified after a year-long investigation by the Polizia Postale - Italy's postal police - via its CNAIPIC group, which since 2008 has served as the national anti-crime computer center for the protection of critical infrastructure. It regularly investigates cybercrime.

After identifying the suspect, police say they executed a search that resulted in the seizure of computing devices, which have tied the suspect to attacks against at least 60 Italian websites. In addition, rather than just being a member of the "Master Italian Hackers," the suspect appears to have been one of its leaders, authorities say.

Evidence of Boasting

The Italian suspect is the latest in a long list of admitted hackers whose "too much information sharing" habits got them in trouble (see DDoS Attacker Receives 15-Year Sentence).

To pick just one example: Last year, Russian-born Alexander Konstantinovich Tverdokhlebov, who emigrated to the U.S. in 2007, later becoming a naturalized citizen, pleaded guilty in U.S. federal court to having been "an active member of several highly exclusive Russian-speaking cybercrime forums."

It's not clear how investigators first began studying Tverdokhlebov's activities. But the evidence they produced against him was substantial, and often self-reported.

Tverdokhlebov boasted on multiple cybercrime forums between 2009 and 2013 that he had built botnets, controlling up to 500,000 malware-infected PCs at a time, which he used to harvest online bank account credentials, among other sensitive data, according to court documents. He also claimed to have possessed or trafficked 40,000 credit card numbers. The defendant said via forums that he would sell "dumps" of stolen payment card data information in batches of 1,000 cards, guaranteeing that 90 percent of them would be valid, court documents show.

After pleading guilty, Tverdokhlebov was sentenced to serve 110 months in prison (see Russian-Born Botnet Herder Hit With 9-Year Sentence).

Ill-Considered Snaps

Of course, written boasts are not the only "TMI" habit that's helped to out hackers.

Roman Valeryevich Seleznev. (Photo: FBI)

Some now-incarcerated hackers, such as Roman Valeryevich Seleznev, have either taken selfies or posed for photographs that became evidence used against them in court (see Russian Credit Card Fraudster Hit With Two More Sentences).

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.