Belfast Telegraph

Home News UK

Hacker who blackmailed porn site users jailed for more than six years

Zain Qaiser targeted millions of computers in what investigators said is the UK’s most serious cyber crime.

Zain Qaiser (National Crime Agency/PA)
Zain Qaiser (National Crime Agency/PA)

A hacker who blackmailed porn website users in what is said to be the UK’s most serious cyber crime case has been jailed for six years and five months.

Zain Qaiser, 24, targeted millions of computers with browser-locking software which demanded payment of up to 1,000 US dollars (£767) to unfreeze the screens, Kingston Crown Court heard.

The former computer science student began conducting online scams from his parents’ house in Barking, east London, before he graduated to working with an international Russian crime group.

bpanews_5dba828b-6327-480b-a193-2210b2410efd_embedded2110247
The lock screen used by Qaiser (National Crime Agency/PA)

Using the online name “K!NG”, Qaiser received more than £500,000 through the multimillion-pound global scheme, spending tens of thousands on high-end hotel stays, gambling and a Rolex watch.

The National Crime Agency (NCA) considers it to be the most serious case of cyber crime it has investigated and says he likely collected much more money.

Qaiser, who committed most of his crimes aged between 18 and 19, was “hugely useful” to the Russian-speaking gang owing to his fluency in English and knowledge of the online advertising industry, the NCA said.

One cyber criminal known as “JP Morgan” even shared access to his powerful ransomware tool in return for a split of the profits from the mass blackmail.

Judge Timothy Lamb QC told Qaiser on Tuesday: “In the course of your offending you encountered more experienced, international cyber criminals with whose assistance, not direction, you were able to conduct your criminal activity in a more sophisticated manner.”

bpanews_5dba828b-6327-480b-a193-2210b2410efd_embedded242234444
Qaiser was jailed for a total of six years and five months at Kingston Crown Court (CPS/PA)

Using fake identities, Qaiser opened dozens of accounts with advertisers by masquerading as a legitimate customer.

He then bought masses of advertising space on legal pornography websites.

But when users clicked on the corrupted links, their computers were exposed to highly sophisticated “Angler” software.

Infected computers showed a message impersonating law enforcement in the user’s country saying an offence had been committed and demanding payment.

The crime group collected massive multimillion-pound profits from victims in more than 20 countries, although the total number of people who paid the fee is unknown, the NCA said.

The money was paid through an online currency which could then be put onto pre-loaded credit cards.

It was then withdrawn in cash abroad by others in the network and redirected through online currency services.

Some advertisers were “happy to turn a blind eye” to Qaiser’s actions – but those who tried to stop him “became the subject of the defendant’s anger”, prosecutor Joel Smith told the court.

Qaiser then flooded their servers with DDoS (distributed denial of service) attacks, putting the sites out of action and costing several businesses hundreds of thousands of pounds, he added.

He even threatened to fill their sites with child pornography.

Passing sentence on Tuesday, the judge said: “The harm caused by your offending was extensive – so extensive that there does not appear to be a reported case involving anything comparable.

“All the constituent offences were part and parcel of your role as the self-styled ‘K!NG’ of the internet.

“It has been asserted on your behalf you are remorseful. I have seen no outward expression of that.”

Qaiser, who initially denied the crimes and claimed he had been hacked himself, remained expressionless as he was sentenced.

Nigel Leary, a senior NCA investigating officer, said: “Zain Qaiser was an integral part of this organised crime group generating millions of pounds in ransom payments by blackmailing countless victims and threatening them with bogus police investigations.

“The FBI and the US Secret Service have both arrested people in relation to this global malware campaign.

“The investigation demonstrates that cyber criminals cannot operate from behind a veil of anonymity and that the NCA has the tenacity and specialist skills to catch them and bring them to justice.”

Qaiser entered guilty pleas to an 11-count indictment, admitting three counts of blackmail; three counts of fraud by false representation; four counts of doing an unauthorised act with intent to impair the operation of a computer; and one count of possessing criminal property.

The ransomware offences were committed between 2012 and 2014, while the money laundering offence was committed between 2015 and 2018.

Qaiser was charged in February 2017, but a trial set for February 2018 was abandoned when he was sectioned under the Mental Health Act.

While he was detained at Goodmayes Hospital in north London, the hospital Wi-Fi was used to access online advertising websites Qaiser had used for his offending, the court heard.

In December, he was arrested over laundering around £120,000 while on bail and charged and remanded in custody.

PA

Popular

From Belfast Telegraph