If You Can't Change the Time, Don't Do The .....
A 27-year-old Michigan man who tried to hack a “Get out of jail early” card for his friend is now going to be in jail himself for 87 months – 7 years 3 months.
On Thursday, US Attorney Matthew Schneider’s office announced that besides the jail term and 3 years of supervised release to follow, Konrads Voits is giving up all his bitcoins, some of his electronics—including a laptop—an integrated circuit component, and several mobile phones.
In total, Voits has been ordered to pay restitution in the amount of $238,517.
That will be going to Washtenaw County, whose jail network Voits hacked in an attempt to alter his buddy’s prison record. In December, Voits pleaded guilty to damaging a protected computer.
The Attorney General’s office says Voits used a classic phishing scheme laced with typosquatting. According to his guilty plea, in January 2017, Voits set up a phishing domain. It looked just like a legitimate county domain name for Washtenaw, except Voits swapped the final W for a double V.
Then, he called and emailed employees of Washtenaw County, claiming that he was “Daniel Greene” and that he needed help with court records. Over the phone, he pretended to be “T.L.” or “A.B.”, a county IT employee. The emails tried to entice employees into clicking on a hyperlink so they’d be whisked off to Voits’s malware-poisoned site, while the object of the phone calls was to get his victims to type that phishing site domain into their browsers so as to download an executable malware file.
It was to “upgrade the county’s jail system,” Voits claimed.
Voits hit the jackpot when he called county jail employees, posing as members of the jail’s IT staff, and tricked workers into installing a fake update package for the county jail’s application.
Voits got full access to the county network, including to the XJail system—which is a program used to monitor and track county prison inmates—as well as to search warrant affidavits, internal discipline records, and personal information of county employees. Voits managed to steal passwords, user names, email addresses and other personal information of more than 1,600 county employees.
Once he had full access to the county’s network, he accessed jail records for several inmates and altered the record of at least one of them to try to get him out early.
@ https://nakedsecurity.sophos.com/201...y-for-7-years/
Social Networking Bookmarks