$1.1 Million in Cryptocurrency to Be Seized From HackerUK Authorities Want to Compensate Grant West's Victims
U.K. authorities are attempting to seize more than £900,000 ($1.1 million) in cryptocurrency from a notorious British hacker who carried out attacks that targeted more than 100 companies over a two-year period, according to the Metropolitan Police Service. The currency will be sold, with the proceeds used to compensate his victims.
See Also: 2020 Cyberthreat Defense Report
The hacker, Grant West, pleaded guilty in 2017 to several charges, including conspiracy to defraud, and is currently serving a 10-year prison sentence in the U.K. On Friday, British authorities announced they had ordered West to pay back the cryptocurrency he had stashed away and said that he had agreed not to contest the confiscation order, according to the Met Police.
It took investigators over two years to account for most of the cryptocurrency that West collected during his hacking career, authorities say.
"The confiscation of the cryptocurrency follows a lengthy police investigation, code named 'Operation Draba,' into the criminal activities of West, who was operating on the dark web under the moniker of 'Courvoisier,'" according to the Met.
When West was sentenced in September 2018, British Judge Michael Gledhill called him a "one man cybercrime wave." At the time of the sentencing, the cryptocurrency he collected was not fully accounted for (see: Hacker Who Sold Financial Data Receives 10-Year Sentence).
History of Cybercrime
After West's arrest in 2017 following a two-year investigation, British authorities accused him of carrying out an extensive criminal campaign, including hacking into more than a dozen businesses, stealing payment card information, running phishing schemes that spoofed businesses, selling individuals' financial details as well as publishing "how to" guides for hackers and fraudsters.
Overall, police believe that West hacked or attacked more than 100 companies, authorities say. These included the websites of Sainsbury's, Nectar, Groupon, AO.com, Ladbrokes, Coral Betting, Uber, Vitality, RS Feva Class Association 2017, Asda, the British Cardiovascular Society, Mighty Deals Limited, Truly Experiences Ltd, T Mobile, M R Porter, a Finnish bitcoin exchange and Argos, authorities say.
As part of these attacks, West used phishing emails to trick employees into giving up their passwords and credentials and then used this information to obtain the financial data of tens of thousands of customers, investigators says. After obtaining the data, he would sell the information on darknet markets. Later, West would convert his profits into cryptocurrency and stash it in accounts, according to authorities.
During the raid of West's residence and rented storage units, police recovered a storage device card containing 63,000 credit and debit card details, 78 million email addresses with passwords and information stolen from more than 500 businesses, authorities say. Police also seized half a kilogram (1.1 pounds) of cannabis, £25,000 ($33,000) in cash, and more than £500,000 ($611,000) worth of bitcoins. At the time of West's arrest, police said it was the first case in which they had seized cryptocurrency during the course of a criminal investigation.
Cryptocurrency and Criminals
After West's arrest, police worked for several months to piece together the various accounts he used to control his cryptocurrency, authorities say.
In this way, West is not different than many other cybercriminals who have increasingly turned to cryptocurrency to help hide money, says Brian Honan, a cybersecurity expert and consultant. This can be seen in other types of cybercrime, such as ransomware attacks that have targeted businesses, individuals and governments, Honan adds (see: More US Cities Battered by Ransomware).
"In essence, cryptocurrencies are like virtual cash, so they can be exchanged between parties in a relatively anonymous fashion; this enables people to buy and sell goods or services online without it being tracked, similarly to how credit card or banking transactions can be tracked," Honan says. "So it is a very useful tool for those who wish to remain anonymous on the internet or who wish to protect their privacy. However, like many tools, it can also be used by criminals, and they can use cryptocurrencies to buy and sell goods or services in an anonymous fashion, making it harder for law enforcement to track them down."
Growing Concern: Phishing Emails
Phishing emails, like those West used during his hacking career, continue to be a major concern for police in the U.K. and the U.S.
For instance, on Thursday, the Justice Department unveiled an indictment involving 80 suspects who are charged with running a massive scheme that involved phishing attacks as well as business email compromise scams (see: 80 Indicted for Scams, Including Business Email Compromises).