Carding 4 Carders
Professional
A 25-year-old Finn has been charged with extorting money from a once-popular but now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects during the investigation, but they were willing to make an exception for Aleksanteri Kivimyaki (aka Zeekill), a well-known hacker who at 17 was charged with more than 50,000 cyber crimes, including bank card theft, harassment using telecommunications and various data leaks. For all this, he was punished rather mildly – only two years in prison on probation.
At the end of October 2022, Kivimaki was charged (according to the Finnish authorities, he was also arrested in absentia, as he is abroad) with attempting to extort money from the Vastaamo psychotherapy center. On October 21, 2020, Vastaamo became the target of blackmail when an attacker under the nickname "ransom_man" demanded to pay 40 bitcoins (~450,000 euros at that time) in exchange for a promise not to publish confidential recordings of therapeutic sessions.
In messages posted on a Finnish-language platform in the dark web, ransom_man said that Vastaamo does not want to negotiate a ransom payment, which is why he will start publishing 100 patient data sets every 24 hours so that the company wants to continue communicating with him.
But when the company refused to pay, ransom_man started extorting money from individual patients. According to Finnish police, about 22,000 victims reported extortion attempts directed at them personally. The attacker demanded 500 euros from each victim.
On October 23, 2020, ransom_man uploaded a large archive containing therapeutic records of all Vastaamo patients to the dark web. But the archive also contained a copy of the ransom_man home folder, which helped investigators find a number of clues that point to Kiwimaki. And even if the attacker quickly deleted the archive (accompanied by the note “oops”), several users managed to download it.
Among the lucky ones was Antti Curittu, a team leader at Nixu Corporation and a former criminologist. In 2013, Curittu worked on other crimes that Kivimaki committed as part of the Hack the Planet group. According to him, such a mistake on the part of a hacker is a huge failure in the field of operational security. In that folder, experts found a lot of useful information and databases.
According to Curittu, all the people who investigated Kivimyaka's crimes say that a notorious cybercriminal is also behind the extortion of money from Vastaamo.
In turn, Kivimyaki denies all the accusations on Twitter and believes that the Finnish authorities made the case public in order to influence the decision on his old cases.
*****
One of the most notorious cybercrimes in the country's history is being tried in Finland. 26-year-old Aleksanteri Kivimyaki, formerly known as Julius Kivimyaki, is accused of violating the confidentiality of patients in private psychotherapy centers in Helsinki.
According to the prosecutor's office, the fact that the young man not only hacked the clinic's client databases, but also made an extortion attempt will seriously weigh down the punishment. If convicted, Kiwimaki faces up to seven years in prison.
It is known that in 2018, the hacker penetrated the systems of Vastaamo, which manages dozens of psychotherapy centers across the country. He stole confidential medical records of about 33,000 patients. More than 21,000 victims subsequently contacted the police.
Kiwimaki demanded $ 380,000 in bitcoins from Vastaamo, but the company was reluctant to make contact, so he tried to enter from the other side. The hacker began sending emails to clients demanding different amounts, from 200 to 500 euros, and promising in return not to disclose the details of their sessions with psychologists.
When the management of Vastaamo finally refused to pay the ransom, Kivimaki published some of the stolen information on the darknet.
The compromised files contained social security numbers, phone numbers, email addresses of patients, as well as audio recordings of consultations and notes from specialists.
Finnish media noted that the upcoming hearing will be "extremely large-scale", as about 500 victims expressed their desire to participate in the process.
As a teenager, Aleksanteri Kivimyaki was a member of the Lizard Squad group, which was most active at the end of 2014. Then the hackers were accused of organizing DDoS attacks on the PlayStation and Xbox game services, as well as threatening to blow up the plane with the president of Sony Online Entertainment on board.
In 2015, Kiwimaki was already convicted of more than 50,000 computer crimes.
But Vastaamo itself made a lot of mistakes. The company first became aware of the incident in October 2020. Immediately after, the board of directors fired CEO Ville Tapio, accusing him of hiding information about the hack for a year and a half.
The owners of Vastaamo, Tapio and his relatives, sold their majority stake to a private investment fund before the breach became known. Tax data showed that the sale made the family members real millionaires.
The company grappled with the fallout from the scandal for several months before declaring bankruptcy in February 2021.
In April of this year, Tapio was sentenced to a suspended three-month sentence for violating the law on personal data protection.
At the end of October 2022, Kivimaki was charged (according to the Finnish authorities, he was also arrested in absentia, as he is abroad) with attempting to extort money from the Vastaamo psychotherapy center. On October 21, 2020, Vastaamo became the target of blackmail when an attacker under the nickname "ransom_man" demanded to pay 40 bitcoins (~450,000 euros at that time) in exchange for a promise not to publish confidential recordings of therapeutic sessions.
In messages posted on a Finnish-language platform in the dark web, ransom_man said that Vastaamo does not want to negotiate a ransom payment, which is why he will start publishing 100 patient data sets every 24 hours so that the company wants to continue communicating with him.
But when the company refused to pay, ransom_man started extorting money from individual patients. According to Finnish police, about 22,000 victims reported extortion attempts directed at them personally. The attacker demanded 500 euros from each victim.
On October 23, 2020, ransom_man uploaded a large archive containing therapeutic records of all Vastaamo patients to the dark web. But the archive also contained a copy of the ransom_man home folder, which helped investigators find a number of clues that point to Kiwimaki. And even if the attacker quickly deleted the archive (accompanied by the note “oops”), several users managed to download it.
Among the lucky ones was Antti Curittu, a team leader at Nixu Corporation and a former criminologist. In 2013, Curittu worked on other crimes that Kivimaki committed as part of the Hack the Planet group. According to him, such a mistake on the part of a hacker is a huge failure in the field of operational security. In that folder, experts found a lot of useful information and databases.
According to Curittu, all the people who investigated Kivimyaka's crimes say that a notorious cybercriminal is also behind the extortion of money from Vastaamo.
In turn, Kivimyaki denies all the accusations on Twitter and believes that the Finnish authorities made the case public in order to influence the decision on his old cases.
*****
One of the most notorious cybercrimes in the country's history is being tried in Finland. 26-year-old Aleksanteri Kivimyaki, formerly known as Julius Kivimyaki, is accused of violating the confidentiality of patients in private psychotherapy centers in Helsinki.
According to the prosecutor's office, the fact that the young man not only hacked the clinic's client databases, but also made an extortion attempt will seriously weigh down the punishment. If convicted, Kiwimaki faces up to seven years in prison.
It is known that in 2018, the hacker penetrated the systems of Vastaamo, which manages dozens of psychotherapy centers across the country. He stole confidential medical records of about 33,000 patients. More than 21,000 victims subsequently contacted the police.
Kiwimaki demanded $ 380,000 in bitcoins from Vastaamo, but the company was reluctant to make contact, so he tried to enter from the other side. The hacker began sending emails to clients demanding different amounts, from 200 to 500 euros, and promising in return not to disclose the details of their sessions with psychologists.
When the management of Vastaamo finally refused to pay the ransom, Kivimaki published some of the stolen information on the darknet.
The compromised files contained social security numbers, phone numbers, email addresses of patients, as well as audio recordings of consultations and notes from specialists.
Finnish media noted that the upcoming hearing will be "extremely large-scale", as about 500 victims expressed their desire to participate in the process.
As a teenager, Aleksanteri Kivimyaki was a member of the Lizard Squad group, which was most active at the end of 2014. Then the hackers were accused of organizing DDoS attacks on the PlayStation and Xbox game services, as well as threatening to blow up the plane with the president of Sony Online Entertainment on board.
In 2015, Kiwimaki was already convicted of more than 50,000 computer crimes.
But Vastaamo itself made a lot of mistakes. The company first became aware of the incident in October 2020. Immediately after, the board of directors fired CEO Ville Tapio, accusing him of hiding information about the hack for a year and a half.
The owners of Vastaamo, Tapio and his relatives, sold their majority stake to a private investment fund before the breach became known. Tax data showed that the sale made the family members real millionaires.
The company grappled with the fallout from the scandal for several months before declaring bankruptcy in February 2021.
In April of this year, Tapio was sentenced to a suspended three-month sentence for violating the law on personal data protection.
