Man gets 6 years for hacking victims' computers to extort photos
Luis Mijangos would hack his victims computers and then spy on them using their own webcams and microphones
IDG News Service - A 32-year-old paraplegic was sentenced to six years in prison for infecting more than 100 computers in a quest for financial information, nude photographs and thrills.
Luis Mijangos worked as a freelance computer consultant in Santa Ana, California, earning about $1,000 per week writing programs and building websites. But he lived a double life, also earning as much as $3,000 per day hacking and stealing financial information from his victims.
He built virtually undetectable malware and used a variety of techniques to trick his victims into installing it on their computers. Then, he did more than just steal bank account numbers. "He read victims' e-mails and IMs, watched them through their webcams, and listened to them through the microphones on their computers," prosecutors said in court filings. "Often, he then used the information he obtained to play psychological games with his victims."
One victim, a juvenile identified by prosecutors only as S.G., sent Mijangos pornographic photos after he hacked into her computer and tricked her over instant message into believing he was her boyfriend. Mijangos then threatened to post the photos online if she didn't send him more pictures.
"It made me untrusting and paranoid to this day," S.G. wrote in a victim impact statement. "I didn't know who this man was, why he was doing it or [if] he would come back. Not knowing is the worst, most dreaded feeling."
Mijangos stole nude photos from the laptop of another victim -- a college student identified as A.V. -- and then listened in on her computer's microphone when the scared girl reported the incident to campus police. He then sent threatening e-mails to A.V. and her boyfriend to punish them for contacting authorities. According to court filings, "She reported feeling 'terrorized' by [Mijangos], was afraid for her safety, and did not leave her dorm room for a week after the episode."
As part of his criminal hacking life, Mijangos told police that he used open-source cryptor software to make malicious programs undetectable by antivirus programs. He worked with other criminals he met in an international online IRC (Internet Relay Chat) forum for identity thieves called CC Power.
He spread his malware -- often remote access tools such as Poison Ivy or SpyNet - by disguising it as a song on peer-to-peer networks or e-mailing or instant messaging it to victims disguised as a video.
Mijangos pleaded guilty to hacking and wiretapping in March. He was sentenced Thursday in Los Angeles at the U.S. District Court for the Central District of California.
He's the latest in a string of hackers to be accused of "sextortion" -- breaking into computers or e-mail accounts and then threatening to post compromising photographs unless his victims provide him with more pictures.
In January, George Bronk of Sacramento, Calif., pleaded guilty to charges that he broke into more than 3,200 e-mail accounts looking for sexy photos, which he then threatened to post to the Internet. He was sentenced to four years in prison. In February, James Dale Brown of Fremont, Calif., admitted that he tried to coerce a 14-year-old girl into sending him a pornographic video by threatening to post explicit pictures of her online.
The FBI has seen a rise in this type of case, said Steven Martiniez, the assistant director of the FBI's Los Angeles field office, in a statement.
- Kicking the stool out from under the cybercrime economy
- Chinese man indicted over theft of Boeing C-17 secrets
- The making of a cybercrime market
- Arrests made after international cyber-ring targets StubHub
- International police operation disrupts Shylock banking Trojan
- Spamhaus pushes for arrests of alleged DDoS participants
- Accused Russian point-of-sale hacker arrested, will face U.S. charges
- No-IP regains control of some domains wrested by Microsoft
- Microsoft legal action cramping other hacking campaigns, Kaspersky says
- Microsoft admits technical error in IP takeover, but No-IP still down
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts