Featured Article

Meet the cybercriminals of 2023

Indicted, but not forgotten

Comment

dark prison room with window bars and light
Image Credits: StarLine Arts / Getty Images

Once again we look back at the past year in cybercrime and those who we lost… to the law. This year was no different to last: We saw another round of high-profile busts, arrests, sanctions and prison time for some of the most prolific cybercriminals in recent years.

This is our look back at who got nabbed or otherwise busted, featuring: why a Russian accused of ransomware burned his passport, which notorious malware gang reared its ugly head again and why one country’s hackers targeted an unsuspecting phone maker.

Hacker responsible for 2020 Twitter breach sentenced to prison

For a time, Joseph James O’Connor was one of the internet’s most wanted hackers, not just by the feds investigating the breach, but for the curious public who watched his hack play out in real time.

O’Connor was a member of the hacking group that broke into Twitter to abuse access to an internal admin tool they used to hijack high-profile Twitter accounts, including Apple, Joe Biden and Elon Musk (who went on to buy the site) to spread a crypto scam. Twitter took drastic measures to rid the hackers from its network by temporarily blocking all of the site’s 200-million-plus users from posting.

A New York judge sentenced the 24-year-old hacker to five years in prison, two of which O’Connor already served in pre-trial custody.

A background of blue verified Twitter checks with an overlaid tweet from a hacked Joe Biden account spreading a cryptocurrency scam
A screenshot of a tweet from Joe Biden’s briefly hacked Twitter account displaying a crypto scam. Image Credits: TechCrunch

Ex-Amazon engineer pleads guilty to crypto exchange hacks

Federal prosecutors this year accused a former Amazon employee of hacking into a cryptocurrency exchange and stealing millions’ worth of customers’ crypto. The case appeared at first as an ethical hacker turning rogue by apparently offering to return the funds in return for a bug bounty. But ultimately Shakeeb Ahmed was caught out in part by Googling his own crimes that prosecutors say related to “his own criminal liability.”

In the end, Ahmed pleaded guilty earlier in December, according to the Justice Department, and faces up to five years in prison — and paying back $5 million to victims.

Feds accuse Mikhail Matveev of being ‘central figure’ in ransomware gang

Why did a Russian man accused by U.S. prosecutors of ransomware attacks burn his passport? According to the accused hacker, Mikhail Matveev, it’s because U.S. government charges would follow him anywhere he went and most countries would extradite him for the crimes he’s accused of — crimes he hasn’t denied, per se, but rather outwardly embraced. In an interview with TechCrunch, Matveev said the last time he traveled was to Thailand in 2014, but not since.

Federal prosecutors say Matveev is a “central figure” in developing and deploying the Hive, LockBit and Babuk ransomware variants, which have resulted in millions of dollars’ worth of ransom payments. Matveev is believed to live in the Russian enclave of Kaliningrad, where he remains tantalizingly close yet just out of reach of the authorities.

The FBI's wanted poster for Mikhail Matveev.
The FBI’s wanted poster for Mikhail Matveev. Image Credits: FBI

North Korean hackers had a busy year stealing crypto for nukes

Hackers for the hermit kingdom were busier than ever this year, racking up hacks on popular crypto wallets and major crypto projects with the aim of making as much money for the regime from anywhere it can get it to fund its sanctioned nuclear weapons program.

Some of the cyberattacks linked to North Korea might not have made much sense on the face of it, but breaking into software companies gave the hackers access to the targets they were after. Enterprise phone provider 3CX said that North Korean hackers broke into its systems and planted malware in a tainted software update that rolled out to customers in a long-game effort to target 3CX’s crypto customers. Software company JumpCloud said it too was hacked by North Korean hackers, likely in an effort to gather data on a handful of its crypto-related customers.

The FBI warned earlier this year that North Korean hackers were readying to cash out some of their recent crypto heists.

Meet the card checker blamed for massive credit card fraud scheme

It took the feds about a decade but their persistence paid off when they finally identified the mastermind behind Try2Check, a credit card checking operation that allowed criminals who buy credit card numbers in bulk to identify which cards are still active. The scheme earned the Russian national, Denis Gennadievich Kulkov, more than $18 million in illicit proceeds — and a place on the U.S. Secret Service’s most wanted list with a $10 million bounty for information leading to Kulkov’s conviction. That might not be any time soon, given Kulkov remains in Russia and squarely out of the hands of U.S. prosecutors.

How the feds caught a notorious credit card fraudster

Cybercrime forum boss busted for hacking, fraud — and child abuse

A prolific hacker and seller of stolen data, the administrator of the cybercrime forum BreachForums known as Pompompurin, was busted on home turf by the FBI in a leafy town in upstate New York. BreachForums for a time was involved in the sale of millions of people’s data with more than 340,000 active members, to the point where the Justice Department sought to “disrupt” the site to knock it offline. The operation saw the arrest of Conor Brian Fitzpatrick, 20, following an extensive surveillance operation. In the end it wasn’t just charges of computer hacking and wire fraud that brought down the notorious hacking forum administrator, but also possession of child abuse imagery. Fitzpatrick subsequently pleaded guilty and will be sentenced at a later date.

FBI took a bite out of Qakbot, a mere setback for the prolific malware gang

Qakbot was one of the longest-running and high-profile hacking groups of the past decade, and once the malware-of-choice for delivering ransomware to companies, organizations and governments around the world, generating tens of millions of dollars in ransom payments. At its peak, the FBI said Qakbot had compromised more than 700,000 devices as of June 2023, with at least 200,000 hacked devices located in the United States. In a daring effort to knock the malware offline for good, the FBI launched Operation Duck Hunt (don’t say that too quickly), which tricked Qakbot-infected computers into downloading an FBI-made uninstaller, ridding the malware from the infected device. The operation was hailed as a success. But recent Qakbot infections suggest that the takedown was little more than a short setback.

Teen hacker detained indefinitely due to ongoing risk to the public

In what is likely the last cyber-related conviction of the year: A hacker accused of involvement with the prolific Lapsus$ hacking group will be detained until doctors determine he no longer poses a threat to the public. Arion Kurtaj, a teenager from Oxford, was sentenced to an indefinite hospital order in December, reports the BBC. Kurtaj is one of several hackers who raided Rockstar Games, Uber, Nvidia and telecom giant EE who used social engineering and threats to score access to corporate networks. The judge said the teenager’s skills and desire to continue committing cybercrime meant he remains a high risk to the public.

Read more on TechCrunch:

The convicts of Silicon Valley, 2023 edition

More TechCrunch

What a wild week for transportation news! It was a smorgasbord of news that seemed to touch every sector and theme in transportation.

Tesla keeps cutting jobs and the feds probe Waymo

Sony Music Group has sent letters to more than 700 tech companies and music streaming services to warn them not to use its music to train AI without explicit permission.…

Sony Music warns tech companies over ‘unauthorized’ use of its content to train AI

Winston Chi, Butter’s founder and CEO, told TechCrunch that “most parties, including our investors and us, are making money” from the exit.

GrubMarket buys Butter to give its food distribution tech an AI boost

The investor lawsuit is related to Bolt securing a $30 million personal loan to Ryan Breslow, which was later defaulted on.

Bolt founder Ryan Beslow wants to settle an investor lawsuit by returning $37 million worth of shares

Meta, the parent company of Facebook, launched an enterprise version of the prominent social network in 2015. It always seemed like a stretch for a company built on a consumer…

With the end of Workspace, it’s fair to wonder if Meta was ever serious about the enterprise

X, formerly Twitter, turned TweetDeck into X Pro and pushed it behind a paywall. But there is a new column-based social media tool in the town, and it’s from Instagram…

Meta Threads is testing pinned columns on the web, similar to the old TweetDeck

As part of 2024’s Accessibility Awareness Day, Google is showing off some updates to Android that should be useful to folks with mobility or vision impairments. Project Gameface allows gamers…

Google expands hands-free and eyes-free interfaces on Android

A hacker listed the data allegedly breached from Samco on a known cybercrime forum.

Hacker claims theft of India’s Samco account data

A top European privacy watchdog is investigating following the recent breaches of Dell customers’ personal information, TechCrunch has learned.  Ireland’s Data Protection Commission (DPC) deputy commissioner Graham Doyle confirmed to…

Ireland privacy watchdog confirms Dell data breach investigation

Ampere and Qualcomm aren’t the most obvious of partners. Both, after all, offer Arm-based chips for running data center servers (though Qualcomm’s largest market remains mobile). But as the two…

Ampere teams up with Qualcomm to launch an Arm-based AI server

At Google’s I/O developer conference, the company made its case to developers – and to some extent, consumers –  why its bets on AI are ahead of rivals. At the…

Google I/O was an AI evolution, not a revolution

TechCrunch Disrupt has always been the ultimate convergence point for all things startup and tech. In the bustling world of innovation, it serves as the “big top” tent, where entrepreneurs,…

Meet the Magnificent Six: A tour of the stages at Disrupt 2024

There’s apparently a lot of demand for an on-demand handyperson. Khosla Ventures and Pear VC have just tripled down on their investment in Honey Homes, which offers up a dedicated…

Khosla Ventures, Pear VC triple down on Honey Homes, a smart way to hire a handyman

TikTok is testing the ability for users to upload 60-minute videos, the company confirmed to TechCrunch on Thursday. The feature is available to a limited group of users in select…

TikTok tests 60-minute video uploads as it continues to take on YouTube

Flock Safety is a multibillion-dollar startup that’s got eyes everywhere. As of Wednesday, with the company’s new Solar Condor cameras, those eyes are solar-powered and using wireless 5G networks to…

Flock Safety’s solar-powered cameras could make surveillance more widespread

Since he was very young, Bar Mor knew that he would inevitably do something with real estate. His family was involved in all types of real estate projects, from ground-up…

Agora raises $34M Series B to keep building the Carta for real estate

Poshmark, the social commerce site that lets people buy and sell new and used items to each other, launched a paid marketing tool on Thursday, giving sellers the ability to…

Poshmark’s ‘Promoted Closet’ tool lets sellers boost all their listings at once

Google is launching a Gemini add-on for educational institutes through Google Workspace.

Google adds Gemini to its Education suite

More money for the generative AI boom: Y Combinator-backed developer infrastructure startup Recall.ai announced Thursday it has raised a $10 million Series A funding round, bringing its total raised to over…

YC-backed Recall.ai gets $10M Series A to help companies use virtual meeting data

Engineers Adam Keating and Jeremy Andrews were tired of using spreadsheets and screenshots to collab with teammates — so they launched a startup, CoLab, to build a better way. The…

CoLab’s collaborative tools for engineers line up $21M in new funding

Reddit announced on Wednesday that it is reintroducing its awards system after shutting down the program last year. The company said that most of the mechanisms related to awards will…

Reddit reintroduces its awards system

Sigma Computing, a startup building a range of data analytics and business intelligence tools, has raised $200 million in a fresh VC round.

Sigma is building a suite of collaborative data analytics tools

European Union enforcers of the bloc’s online governance regime, the Digital Services Act (DSA), said Thursday they’re closely monitoring disinformation campaigns on the Elon Musk-owned social network X (formerly Twitter)…

EU ‘closely’ monitoring X in wake of Fico shooting as DSA disinfo probe rumbles on

Wind is the largest source of renewable energy in the U.S., according to the U.S. Energy Information Administration, but wind farms come with an environmental cost as wind turbines can…

Spoor uses AI to save birds from wind turbines

The key to taking on legacy players in the financial technology industry may be to go where they have not gone before. That’s what Chicago-based Aeropay is doing. The provider…

Cannabis industry and gaming payments startup Aeropay is now offering an alternative to Mastercard and Visa

Facebook and Instagram are under formal investigation in the European Union over child protection concerns, the Commission announced Thursday. The proceedings follow a raft of requests for information to parent…

EU opens child safety probes of Facebook and Instagram, citing addictive design concerns

Bedrock Materials is developing a new type of sodium-ion battery, which promises to be dramatically cheaper than lithium-ion.

Forget EVs: Why Bedrock Materials is targeting gas-powered cars for its first sodium-ion batteries

Private equity giant Thoma Bravo has announced that its security information and event management (SIEM) company LogRhythm will be merging with Exabeam, a rival cybersecurity company backed by the likes…

Thoma Bravo’s LogRhythm merges with Exabeam in more cybersecurity consolidation

Consumer protection groups around the European Union have filed coordinated complaints against Temu, accusing the Chinese-owned, ultra low-cost e-commerce platform of a raft of breaches related to the bloc’s Digital…

Temu accused of breaching EU’s DSA in bundle of consumer complaints

Here are quick hits of the biggest news from the keynote as they are announced.

Google I/O 2024: Here’s everything Google just announced