He explained that he wanted to “help people protect themselves on the web”. This young thirty-year-old at the RSA wishing to launch his own IT security consulting company also claimed in police custody, according to information from ZDNET.fr, that he wanted to warn his targets, an online gaming influencer and his father, that they were “not sufficiently protected”. Before asking for a check for 100,000 euros, a sum increased twice to end at 200,000 euros, for “doing nothing” with the confidential data to which he had been able to access.
This amazing way of being of service has just ended abruptly. As Ouest-France reported, the young thirty-year-old behind this extortion attempt preceded by computer hacking was in fact sentenced on Friday October 13 by the Rennes judicial court. At the end of this guilty plea procedure, he received a ten-month suspended prison sentence. A sentence accompanied by 10,000 euros in damages to be paid to the two victims, a sum revised downwards – 60,000 euros had been requested – to the relief of the defendant’s lawyer, Me Pierre-Yves Launay.
Messages relating to his account
According to the police investigation, it all started at the end of July. The influencer’s father then receives several messages relating to resetting his password and managing his account with his host. He doesn’t really pay attention to it. But a few days later, on August 2, it was impossible to connect to any of the hosted mailboxes. Contacted, his host then explained to him that he had changed his contact email address after receiving an email request supported by a copy of his identity card, in fact a fake.
The mishap does not end with the rapid regaining of control of his account. An hour later, the victim received a phone call from the hacker, who explained that he had access to a Dropbox account used to store the family’s administrative paperwork. “More than 35,000 personal documents, data which has great value”, explained to the judges in Rennes his lawyer, Me Romain Chilly, cited by Ouest-France. This is no joke: the influencer’s father actually noticed that there was a connection to Dropbox, two hours earlier, from an IP address located in Monaco.
Box in Val-de-Marne
The hacker had taken care to connect to the Dropbox account with a VPN, this virtual private network which allows his real IP address to be hidden. Likewise, investigations into the telephone number reach a dead end. But the hacker had not hidden all his traces. The email address created to take control of the message from the influencer’s father thus referred to the box of a family in Val-de-Marne. While the Skype nickname – the messaging service was used to communicate with its target – almost corresponded to the contact address left when subscribing to the box by one of the family members.
So many elements which will lead the investigations of the judicial police of Rennes to arrest their suspect at the time of the milkman at the end of September. Good pick: the young thirty-year-old actually admits to being at the origin of the hacking, while minimizing the extortion attempt. It would be the family of the influencer who offered him this payment. Without really surprising that if relations with the influencer were “friendly”, those with his father, “not happy” and wishing to file a complaint, were more tense. We understand why.