FBI arrested 20-year-old Timothy Justin French from Tennessee on charges of computer hacking. He is believed to be associated with the NullCrew hacking group.
The group of hackers is best known for penetrating the systems of the World Health Organization and releasing hundreds of usernames and passwords in plain text, but also for breaching systems managed by the US Department of Homeland Security (DHS).
According to the DoJ, Timothy Justin French is also known as “Orbit,” “@Orbit,” “@Orbit_g1rl,” “crysis,” “rootcrysis,” and “c0rps3,” and the complaint charges him with involvement in five hacking attacks conducted by NullCrew in 2013 and 2014 against two universities and three companies.
As a result of the hacks, thousands of usernames and passwords were exposed on publicly accessible channels, Pastebin in this case.
It appears that the FBI were able to arrest French thanks to a confidential witness that approached various NullCrew members on Skype, Twitter, and CryptoCat messaging services, which provide client-side encryption.
After establishing contact with the members of the group and gaining their trust, the witness engaged them in conversations about “past, present, and future computer hacks, shared current computer vulnerabilities and planned target, and discussed releases of their victims’ information.”
“Hackers who think they can anonymously steal private business and personal information from computer systems should be aware that we are determined to find them, to prosecute pernicious online activity, and to protect cyber victims,” said Zachary Fardon, United States Attorney for the Northern District of Illinois.
Based on the details obtained by the witness, the FBI were able to determine the involvement of computer user “Orbit” in all of the aforementioned attacks. Furthermore, the records from the targeted computers showed they were accessed by a system with the same IP address as the one assigned to French’s home.
“Cyber crime sometimes involves new-age technology but age-old criminal activity ― unlawful intrusion, theft of confidential information, and financial harm to victims,” Fardon added.
The maximum sentence faced by Timothy French in this case is 10 years in prison and a $250,000/184,310 EUR fine.
The FBI seems to have arrested the right person, as NullCrew recently made an announcement on Pastebin saying that French had been warned that authorities would issue a subpoena for Skype to release details about the conversation between him and the informant.
The announcement mentions another arrest, of a member called Dominik who was acting under the handles “thebinkyp”, “zer0pwn”, “phlex”, “nop_nc”, “docofcocks” and “theindigator.”
An arrest of an underage offender, also believed to be part of NullCrew, was made on Friday in Quebec, Canada, for a hacking incident recorded in February 2014 against Bell telecommunications company.
This coincides with DoJ’s statement, which mentions that French was involved in an attack on “a large Canadian telecommunications company,” conducted on February 1, 2014.
Both French and Dominik are called “skids” in the Pastebin message, an abbreviation for “script kiddie,” a term generally used for someone who is not skilled in deploying computer attacks and relies on ready-made tools.