A 24-year-old cyber criminal, who blackmailed computer users worldwide has been jailed for six years for his role with what U.K. investigators described as one of most sophisticated cyber crime groups they have ever investigated.
An investigation by the National Crime Agency (NCA), the UK’s agency to stop serious organized crime, found that Zain Qaiser, was member of an international, Russian-speaking crime group that made huge profits from victims in more than 20 countries. Qaiser, a computer science student from London, received at least $900,00 from the group for his role.
The crime agency worked with its partners in the US, Canada and Europe in this “extremely long-running, complex cyber-crime investigation.” The F.B.I. and the U.S. Secret Service also arrested people in relation to the campaign. Nigel Leary, NCA Senior Investigating Officer, said: “This was one of the most sophisticated, serious and organized cyber crime groups the National Crime Agency has ever investigated.”
Under the guise of fake identities and made-up companies, Qaiser managed to buy huge amounts of advertising traffic from pornographic websites. Users who clicked on his ads became targets for the malware. They were redirected to another website, containing highly-sophisticated malware strains including the infamous Angler Exploit Kit (AEK) – thought to have been created by one of Qaiser’s Russian-speaking associates.
One type of malware used, called ‘reveton’ would lock a user’s browser. Once locked, the infected device would display a message pretending to be from law enforcement or a government agency, which claimed an offense had been committed and the victim had to pay a fine of between $300-$1,000 to unlock their device. The message hit millions of computers worldwide.
Qaiser also blackmailed users through virtual and crypto-currency money laundering. Some online ad agencies that sold Qaiser the advertising traffic realized what he was doing and tried to stop him. But Qaiser then blackmailed them, telling one company director: “I’ll first kill your server, then send child porn spam abuses.” The companies lost at least £500,000 in revenue losses and mitigation costs.
The student’s work is believed to have started in September 2012 when he was 17 years-old and lasted until he was put in custody in December 2018. The NCA found that he spent the money on gambling, luxury hotels and a Rolex watch.
Leary said this investigation shows that cyber-criminals can’t “operate from behind a veil of anonymity.” The NCA has the “tenacity and specialist skills to catch them and bring them to justice.”