A man who broke the prison system to change the release date of an associate was taken to prison today. Konrads Voits, a hacker from Michigan, will have to serve seven years and three months.
As the Bleeping Computer says, Voits tried to reach records of detainees to release a partner earlier.
27 will also have to pay 235.488 dollars as a fine for the full cost of investigating and coping with the violation.
According to the Voits indictment, issued in December of 2017, from January to March of the same year, the hacker was trying to release a prisoner.
Voits started with social engineering προσπαθώντας να προσελκύσει προσωπικό της φυλακής να επισκεφτεί το domain ewashtenavv.org, αλλάζοντας το “w” στο πραγματικό domain της by clicking hereof ewashtenaw.org prisons in an effort to make it seem like normal.
The malicious domain was a complete copy of the actual prison website, but contained malware. The hacker was talking to the prison staff, disguised as "Daniel Greene" and asking for help with the "court records", demanding that the staff visit the fake website.
Spear-phishing aimed to lure prison staff to visit the malicious domain and download malicious applications on the booking shop computers, but it failed.
Viots was not discouraged. He later emailed the prison, pretending to be IT staff upgrading prison systems. Voits again asked prison staff to visit the malicious domain and download executable "upgrade" files containing malware.
This time he succeeded: He was able to install malware on prison systems and was able to collect information such as credentials connections, the emails and personal information of 1600 employees.
Voits also managed to gain access to the XJail system, an internal application for prisoners' records. In March, through XJail he changed the records of at least one prisoner.
However, the hacker underestimated the prison staff. The breach was detected almost immediately, and the teased file fixed immediately. At the same time, the FBI was notified to track down the attacker.
“Voit's infiltration forced the county to hire a company αντιμετώπισης τέτοιων περιστατικών για να προσδιορίσει την πλήρη έκταση της παραβίασης, να επαναφέρει αρχεία, να επαληθεύσει την ακρίβεια των ηλεκτρονικών αρχείων σχεδόν όλων των κρατουμένων στη φυλακή και να προσπαθήσει να καθησυχάσει τους 1600 υπαλλήλους των οποίων τα προσωπικά data had leaked", says the indictment.
"Hopefully, after his release, Voits will be able to use his tremendous skills to make our society a better place."
- Yahoo: fine 35 million dollars to hide the hack
- Fake News: No political intervention, to solve those who created it