On the account of the guy 60 thousand hacked accounts and 600 thousand stolen conventional units.
19-year-old Joseph Garrison from Wisconsin, USA, finally pleaded guilty to organizing a large-scale attack on a betting site. For the first time, the teenager became widely known in May of this year, when it was reported that he managed to hack 60 thousand accounts of the DraftKings betting service using the "Credential Stuffing" method.
After gaining access to user accounts, Garrison and his accomplices linked a new payment method in their personal account, adding $ 5 to the account for verification, and then withdrawing all funds deposited to the user's balance through it.
According to the court, the attackers stole about 600 thousand dollars from about 1,600 accounts in this way. During a search of Garrison's computer, the police found about 40 million credentials that could be used in attacks by the method of selection.
In addition, analysis of Garrison's phone revealed correspondence between him and his accomplices, where participants in the scheme discussed potential ways to hack the target site and possible monetization of this procedure.
The final decision of the court is yet to be heard, but the maximum penalty that the teenager faces is up to five years in prison.
This incident clearly demonstrates that the unreliable protection of accounts on popular sites, especially those related to finance, can lead to real damage to its users.: both in the form of loss of funds, and in the form of leakage of confidential data.
Unique complex passwords and two-factor authentication are the security methods that in modern reality should be integrated by default on absolutely all sites with the ability to log in. This is the only way to avoid the risks associated with hacking accounts.
19-year-old Joseph Garrison from Wisconsin, USA, finally pleaded guilty to organizing a large-scale attack on a betting site. For the first time, the teenager became widely known in May of this year, when it was reported that he managed to hack 60 thousand accounts of the DraftKings betting service using the "Credential Stuffing" method.
After gaining access to user accounts, Garrison and his accomplices linked a new payment method in their personal account, adding $ 5 to the account for verification, and then withdrawing all funds deposited to the user's balance through it.
According to the court, the attackers stole about 600 thousand dollars from about 1,600 accounts in this way. During a search of Garrison's computer, the police found about 40 million credentials that could be used in attacks by the method of selection.
In addition, analysis of Garrison's phone revealed correspondence between him and his accomplices, where participants in the scheme discussed potential ways to hack the target site and possible monetization of this procedure.
The final decision of the court is yet to be heard, but the maximum penalty that the teenager faces is up to five years in prison.
This incident clearly demonstrates that the unreliable protection of accounts on popular sites, especially those related to finance, can lead to real damage to its users.: both in the form of loss of funds, and in the form of leakage of confidential data.
Unique complex passwords and two-factor authentication are the security methods that in modern reality should be integrated by default on absolutely all sites with the ability to log in. This is the only way to avoid the risks associated with hacking accounts.
