Home / English News / US hacker stole cryptocurrency, scammed influencers and avoided the feds — until he crossed his partners

US hacker stole cryptocurrency, scammed influencers and avoided the feds — until he crossed his partners

In the summer of 2019, the father of 20-year-old Jordan K. Milleson got a phone call. The person on the other line told him that his son was a hacker named “Chikri” who had stolen US$20,000 (RM83,150) from the caller.

Soon after, someone called Baltimore County Police and said he’d shot someone at the Milleson home, and that he was armed and would shoot police if confronted.

There was no such crisis unfolding — the call what was is known as “swatting,” deceiving law enforcement to send a SWAT team by calling in an emergency. And federal prosecutors say it came about because Milleson, who had been hacking the social media pages and cryptocurrency accounts of influencers and others for years through phishing e-mails, also was ripping off his co-conspirators.

Milleson, 22, pleaded guilty to federal identity theft charges in May and was sentenced to two years in prison; on Tuesday, Kyelle Bryan, a 20-year-old Brooklyn, New York-based hacker who sent police to Milleson’s home, also pleaded guilty, to a charge that will send him to prison for two years as well.

According to their plea agreements, investigators said Bryan determined that Milleson went by the hacking name of “Chrikri.” The indictment and plea deal list a handful of anonymous victims, some they described as influential or with large followings.

Milleson was charged with hacking two unidentified prominent social media accounts in September 2017, which each had “hundreds of thousands of followers,” his plea agreement says. Milleson’s attorney, federal public defender Brendan Hurson, declined to comment Tuesday.

Prosecutors say that on June 14, 2019, someone working for a cryptocurrency investment firm lost access to their phone as a result of what’s known as a SIM swapping attack. Milleson was able to access the person’s digital currency account, and transferred US$2,182 (RM9,071) out of the account, according to his plea agreement.

SIM swapping allows a “scammer who knows your account password (to) call customer care and ask to have the SIM card linked to your phone number changed to a new SIM card and device, effectively taking over your phone number,” according to the technology news website CNET.

Three days later, Milleson registered a fraudulent Internet domain to deceive others to believe it was associated with a wireless telephone provider, in order to steal login credentials, prosecutors said. Milleson, Bryan and others were able to gain access to the wireless provider’s computer network through a victim who worked for the provider. The men then took control of three people’s phones.

One of the victims, who is not identified in court documents, was the owner of a digital currency investment and social media marketing company. The hackers divided up tasks and took control of his digital currency exchange account, and took US$16,847 (RM70,041).

But Milleson didn’t follow through on sharing the proceeds.

“You better hope no one has info on you,” Bryan warned in a chat among the co-conspirators, then asked others if they “had Chikri’s ‘dox’” information, referring to having personal information about someone.

Milleson was arrested in July 2020, and was interviewed and admitted to taking part in numerous SIM swaps and cryptocurrency thefts, which he believed aggregated to about US$200,000 (RM831,500) worth of cryptocurrency. Investigators weren’t able to confirm that amount.

Bryan faced several counts related to the hacking and swatting incidents, but pleaded guilty to an aggravated identity theft charge, which carries a mandatory penalty of two years in prison, which is also the maximum penalty.

Prosecutors read details of the swatting incidents into the statement of facts.

US District Court Judge James K. Bredar expressed disdain over the sentence.

“Do you really think two years in prison is appropriate for what you just described?” he asked Assistant US Attorney Christopher Rigali, saying that police officers and others had been put in danger by the swatting incidents.

“I don’t agree with it, but it’s not up to me,” Bredar said later.

Bryan’s attorney, Richard Bardos, told Bredar that his client had matured and grown since the hacking incidents. He’s been on pre-trial home detention since his arrest, and restricted from using any device that can connect to the Internet. Bryan declined to comment after Tuesday’s hearing. – Baltimore Sun/Tribune News Service



Source link

Leave a Reply