Maryland Man Pleads Guilty in Hacker-for-Hire Extortion Case
In one of several ongoing cases around the globe cracking down on online attackers and extortionists, a Maryland man has pled guilty in an Illinois federal courtroom to operating a hacker-for-hire service that targeted victims for as little as $20. Zachary Buchta, now 20, pled gulity on Tuesday to a single count of conspiracy to commit damage to protected computers.
That charge cold have carried as much as a ten-year prison sentence, though Buchta is expected to be sentenced to two and a half years under the terms of the plea deal. Buchta and another defendant, Bradley Jan Willem van Rooy, of the Netherlands, were both 19 when they were arrested in October of 2016 in connection with paid attacks on all sorts of victims, ranging from individuals to online-gaming giants. Van Roy is awaiting trial on similar charges in the Europe, following an investigation that began in 2015 and resulted in inter-agency cooperation between US and Netherlands cyber-authorities.
The investigation centered on noted cyber-attack groups Lizard Squad and PoodleCorp, which Buchta admitted founding or co-founding; several other online hackers were identified in connection with the groups as well, but were not charged in connection with this case. Buchta and van Rooy were also connected via the investigations to a DDoS attack “business” site, Shenron, which sold various attack packages to any buyer.
Another domain, stresser.ru, was also included among several domains targeted for seizure by authorities. The pair also marketed stolen credit-card numbers and related ID.
Whether or not Buchta, van Rooy, or other Lizard Squad members are connected to any of the recent-years attacks on prominent online-poker and online-gambling sites remains unclear. A long-running series of attacks targeting the Winning Poker Network generated plenty of headlines when the attacker outed himself as such a hacker for hire, stating “It’s my job,” to WPN players when queried in the network’s chat.
Despite Buchta and van Rooy being clipped for some of their online-gaming-targeting attacks, it was actually a personal attack that helped launch the initial investigation, conducted by the US’s FBI. One of the services offered was a basic harassment package, in which a threatening call and message could be sent to a victim’s phone, hourly, for up to 30 days.
These attacks were sold through yet another site run by the pair, PhoneBomber.net. According the court complaint, the site claimed that, “Your target will be left with only 3 options: Change their number, Bend to your whim, deal with a ringing phone for the length of our attack :\”
The calls were sent out from randomized and spoofed numbers, rendering useless any call-blocking efforts. The service even included one-click disabling of the attacks “for the extortionists among us.”
A resident of Northern Illinois, described in court documents as Victim A,” was the first such known victim of the group’s personal harassment attacks, which began in 2015. The court records include a sample of the harassment text, which went as follows:
“When you walk the fucking streets, MotherFucker, you better look over your fucking back because I don’t flying fuck if we have to burn your fucking house down. If we have to fucking track your goddamned family down, we will fuck your shit up motherfuck.”
Court records also indicated Buchta had been investigated by the FBI as early as 2014 in connection with other cyber-attacks and with “swatting” calls, the making of fake emergency calls to such services. Among several screen names and online handles he used was the Twitter name “@fbiarelosers”.