Disgusting Hacker Gets 6 Years in Prison

Seytonic
6 May 202408:26

TLDRIn a significant cybercrime case, Julius Kivimäki, the hacker responsible for a severe attack on Vastaamo, Finland's largest psychotherapy company, has been sentenced to six years in prison. Kivimäki stole and leaked sensitive patient records, demanding a ransom and causing a national crisis with a surge in police reports and suicides. Despite his extensive criminal history, including cyber crimes and bomb threats, Finnish law treated him as a first-time offender, resulting in a lighter sentence. Additionally, four major US cell networks have been fined nearly $200 million for selling real-time customer location data to data brokers without consent. Lastly, white hat hackers have intervened in the PlugX botnet, once controlled by China's Ministry of State Security, which has been dormant and at risk of being reactivated by malicious actors. The researchers have taken control of the botnet's command server to prevent misuse and have handed the issue over to law enforcement.

Takeaways

  • 👨‍💻 Julius Kivimäki, a hacker, was sentenced to 6 years in prison for a cyber attack on Vastaamo, Finland's largest psychotherapy company, where he stole and attempted to ransom sensitive patient records.
  • 🗑️ When Vastaamo refused to pay the ransom, Kivimäki began leaking patient records and demanded payment in bitcoin from individuals, causing a significant societal impact including a spike in police reports and suicides.
  • 🔑 Kivimäki made a critical error by including his '/home' folder in the data leak, which contained his SSH keys and other sensitive information, leading to his identification.
  • 🧳 After being identified, Kivimäki fled and was pursued internationally, living a lavish lifestyle and taunting his victims on social media.
  • 🇫🇷 Kivimäki was eventually arrested in France and, despite his extensive criminal history, received a relatively light sentence due to Finnish law treating him as a first-time offender.
  • 📱 Four major US cell networks were fined nearly $200 million for selling access to real-time customer locations without proper consent.
  • 💸 The selling of location data was facilitated by companies like Securus Technologies and Location Smart, which exploited the lack of verification and consent from cell carriers.
  • 🔍 The FTC's investigation into the sale of location data began in 2018 and led to the recent fines, though the carriers plan to appeal.
  • 🤖 The PlugX botnet, once controlled by China's Ministry of State security, has been left dormant after its command server went silent, leaving infected computers without direction.
  • 🏛️ Researchers at Sekoia bought the dormant command server IP for $7 and sinkholed it to prevent future malicious use.
  • 🌐 To their surprise, the researchers discovered that the botnet was much larger than expected, with nearly 2.5 million unique IPs attempting to connect to the server.
  • ⚖️ The researchers decided to hand over the botnet issue to law enforcement instead of attempting a self-deletion command, which could have caused unintended harm and legal issues.

Q & A

  • What crime did Julius Kivimäki commit in relation to the Vastaamo psychotherapy company?

    -Julius Kivimäki hacked into the server of Finland's largest psychotherapy company, Vastaamo, and stole tens of thousands of patient records, including highly sensitive therapy session notes.

  • What was Julius Kivimäki's ransom demand to Vastaamo, and what did he do when they refused to pay?

    -Julius demanded approximately 500 thousand dollars from Vastaamo. When they refused, he began leaking the therapy records of 100 people daily and later tried to extort money directly from the patients.

  • What significant mistake did Julius make that led to his identification and arrest?

    -While uploading the stolen data, Julius included a copy of his '/home' folder in the archive by mistake. This folder contained his SSH keys, details of his other projects, and various log files, which led to his identification.

  • How long was Julius sentenced to prison, and why is the sentence considered light?

    -Julius was sentenced to 6 years in prison. The sentence is considered light because Finnish law treated him as a first-time offender due to his previous crimes occurring over 5 years ago, and Finnish prisons are known for being comfortable.

  • What major privacy breach involved four major US cell carriers, and what was the outcome?

    -Four major US cell carriers were fined almost $200 million for selling access to the real-time locations of their customers without consent. This led to a long investigation by the FTC, resulting in significant fines.

  • What security issues did the 'Location Smart' service expose?

    -Location Smart had a demo page that allowed anyone to track the real-time location of any phone number. Although consent via SMS was required, the API was insecure and lacked proper authentication, posing a major privacy risk.

  • Describe the PlugX botnet and its original purpose.

    -The PlugX botnet, created by China's Ministry of State Security in 2008, allowed Chinese hackers to perform activities like screen capturing and keylogging. It was extensively used in various cyber campaigns for 15 years.

  • What did researchers at Sekoia do when they discovered the abandoned PlugX botnet?

    -Researchers at Sekoia bought and sinkholed the controlling IP of the abandoned PlugX botnet for just $7, preventing it from being used maliciously and observed connections from nearly 2.5 million unique IPs.

  • Why did the Chinese creators abandon the PlugX botnet?

    -The Chinese creators likely abandoned the PlugX botnet because its management interface wasn't designed to handle the large number of bots, particularly after worm capabilities were added, causing it to spiral out of control.

  • What challenges did the researchers face in potentially erasing the PlugX botnet?

    -The researchers considered using a self-deletion command to erase the botnet, but this posed risks of accidentally causing damage to victim PCs, which could lead to legal repercussions. They ultimately handed the task over to law enforcement.

Outlines

00:00

🔒 Julius Kivimäki's Cyber Attack and Prison Sentence

Julius Kivimäki, the perpetrator of a severe cyber attack on Finland's largest psychotherapy company, Vastaamo, has been sentenced to six years in prison. In 2018, he stole sensitive patient records and demanded a ransom of $500,000. When Vastaamo refused, he began leaking records and directly blackmailed patients. The fallout was significant, with a surge in police reports and cases of suicide. Kivimäki's operational security (OPSEC) error led to his identification, but he evaded capture for a time. Despite his extensive criminal history, Finnish law treated him as a first-time offender, resulting in a relatively light sentence.

05:04

📱 Major US Cell Carriers Fined for Selling Location Data

Four major US cell carriers have been fined nearly $200 million for selling access to customers' real-time locations without consent. The carriers' actions were exposed in 2018 by a US senator, leading to an FTC investigation. Securus Technologies, a company that purchased location data, was found to have misused it for unauthorized tracking, including by a US Marshall tracking his ex's phone. The investigation revealed that AT&T alone sold location data to 88 companies. One such company, Location Smart, had a public demo page that could be exploited to find any phone's real-time location in the US. The carriers have suspended their location selling programs and plan to appeal the fine.

🛡️ White Hat Hackers Target Abandoned Chinese Botnet

The PlugX botnet, created by China's Ministry of State Security, has been neutralized by white hat hackers after its command and control IP went silent in 2023. The botnet, which has been used in numerous campaigns over 15 years, was left dormant with infected computers waiting for instructions that never came. Researchers at Sekoia bought the IP for $7 to prevent it from being misused. Surprisingly, they discovered that nearly 2.5 million unique IPs were still trying to connect to the server. The botnet's scale and a worm feature added in 2020 may have been reasons for its abandonment. The researchers decided to hand over the botnet issue to law enforcement to avoid potential legal issues and the risk of reinfection via infected USB sticks.

Mindmap

Keywords

💡Hacker

A person who uses computer systems and networks to gain unauthorized access to information, often with malicious intent. In the video, Julius Kivimäki is described as a hacker who stole sensitive patient records and demanded a ransom, illustrating the negative impact of hacking on individuals and organizations.

💡Cyber attack

An offensive action taken against computer systems, infrastructure, or data. The video discusses a particularly harmful cyber attack where a hacker infiltrated a psychotherapy company's server, highlighting the severity and invasiveness of such attacks.

💡Patient records

Confidential documents containing personal health information about patients. The script mentions the theft of tens of thousands of patient records, emphasizing the sensitivity and potential harm caused by unauthorized access to such data.

💡Ransom

A demand for payment in exchange for not causing harm or for stopping an action already initiated, typically used in criminal contexts. Julius Kivimäki attempted to extort money from Vastaamo by threatening to leak patient records if not paid a ransom, demonstrating a common tactic used by cybercriminals.

💡OPSEC

Operational security; measures taken to protect sensitive information from being accessed, used, or disclosed in an unauthorized manner. The video details a critical OPSEC mistake made by the hacker, which led to his identification and capture, underscoring the importance of maintaining good security practices.

💡SSH keys

Secure Shell (SSH) keys are cryptographic network protocol keys used to authenticate a user on a remote machine. In the script, the hacker inadvertently included his SSH keys in the data dump, which was a significant oversight that aided in his eventual identification.

💡FCC

The Federal Communications Commission, an independent agency of the US government responsible for regulating interstate and international communications. The FCC fined major cell carriers for selling location data, as detailed in the video, showcasing the role of regulatory bodies in protecting consumer privacy.

💡Data brokers

Entities that collect and sell personal information about consumers. The script discusses how major US cell networks sold access to customer locations to data brokers, which raises concerns about privacy and the ethical use of personal data.

💡Botnet

A network of private computers infected with malicious software and controlled as a group without the owners' knowledge. The video mentions the PlugX botnet, which was abandoned by its creators and later targeted by white hat hackers to prevent potential misuse.

💡White hat hackers

Ethical hackers who use their skills to identify and fix security vulnerabilities, often with the goal of improving system security. In the video, white hat hackers intervene to secure an abandoned botnet, illustrating the positive role that skilled individuals can play in cyber security.

💡Sinkholing

A technique used to take control of a botnet by redirecting its command and control traffic to a sinkhole operated by security researchers. The script describes how researchers bought the IP address of the PlugX botnet and used sinkholing to prevent it from being used maliciously.

Highlights

Julius Kivimäki, the hacker behind a major cyber attack, has been sentenced to 6 years in prison.

Kivimäki accessed and stole tens of thousands of patient records from Finland's largest psychotherapy company, Vastaamo.

He demanded a ransom of $500,000 from Vastaamo, and when refused, began leaking patient records.

Kivimäki targeted 33,000 individuals, threatening to leak their therapy notes unless they paid in bitcoin.

The fallout from the data leak led to a significant increase in police reports and some patients committing suicide.

Kivimäki accidentally included his '/home' folder in the data dump, which led to his identification.

Despite his extensive criminal history, Finnish law treated Kivimäki as a first-time offender, resulting in a light sentence.

Four major US cell networks have been fined nearly $200 million for selling access to customers' real-time locations.

The fine is a result of a 4-year long FCC investigation that began after a US senator exposed potentially unlawful practices.

Securus Technologies was found to have purchased and misused real-time location data for law enforcement purposes.

A US Marshall pleaded guilty for abusing the Securus service to track his ex's phone without proper authorization.

AT&T was discovered to have sold location data to 88 companies, including 'Location Smart' which had a public demo page.

The selling of data has since been halted, and the carriers intend to appeal the $200 million fine.

White hat hackers targeted the abandoned PlugX botnet, which was created by China's Ministry of State Security.

Researchers at Sekoia bought the hosting IP for $7 to prevent it from being used maliciously.

The PlugX botnet was believed to be inactive, but researchers observed 2.5 million unique IPs attempting to connect.

The researchers considered a self-deletion command for the botnet but decided to hand the issue over to law enforcement.

Casual Browsing

SIEGE'S COOLEST HACKER

2024-04-27 14:15:01

Disgusting AI Music App

2024-05-17 18:00:03

I entered World's Highest Tech Prison.

2024-03-29 22:30:01

A Hacker Shares His Biggest Fears | Informer

2024-04-05 21:50:05

Trump Gets VERY BAD NEWS in DC Civil Lawsuit

2024-04-21 19:35:01

Why AI Art users will quit in 1-2 years

2024-04-06 03:10:01