French hacker from ‘ShinyHunters’ group sentenced to three years in US prison

Avatar

A 22-year-old Frenchman was sentenced on Tuesday to three years in U.S. federal prison for his participation in the ShinyHunters hacking group.

Sebastien Raoult, also known as “Sezyo Kaizen,” was extradited to the U.S. in January 2023 after his arrest in Morocco the year before. He pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft and is also required to pay $5 million in restitution.

According to an indictment from prosecutors in the Western District of Washington, Raoult and two co-conspirators hacked more than 60 companies around the world and posted stolen data on dark web forums like RaidForums, EmpireMarket and Exploit. In some cases, they threatened to leak data if a ransom was not paid.

In 2020 and 2021, ShinyHunters perpetrated a series of hacks on well-known entities, including breaches of the clothing retailer Bonobos, the photo app Pixlr and Microsoft’s GitHub account. It also claimed to have information from 70 million AT&T accounts, although the company denied it had been breached.

According to the DOJ, Raoult and accomplices created spoof websites pretending to be the login pages of legitimate businesses, and sent phishing emails to company employees. When the victims entered their credentials, the hackers were able to gain access to their accounts. They stole “hundreds of millions of customer records” and inflicted an estimated $6 million in losses.

“This is an extraordinarily serious offense. We’re talking about him robbing people of millions of dollars,” said U.S. District Judge Robert S. Lasnik at the sentencing hearing, according to a Department of Justice release.

Raoult’s father told DataBreaches.net that the sentence includes served time in Morocco and Seattle, meaning that he only has another 11 months to serve in prison.

According to the DOJ, Raoult told the court: “I understand my mistakes and I want to put that part behind me. No more hacking. I don’t want to disappoint my family again.”

CybercrimeBriefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

X blames SEC for account takeover as commission begins investigation

Next Post

FBI Director: More countries interested in 2024 election interference

Related Posts

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,"
Avatar
Read More

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The
Avatar
Read More