DraftKings cyber hacking scheme – two additional defendants charged

Lea Hogg January 31, 2024
DraftKings cyber hacking scheme – two additional defendants charged

The Southern District of New York has recently charged Nathan Austad and Kamerin Stokes in connection with a cyber-attack on DraftKings user accounts.

This comes as the FBI intensifies its efforts to dismantle the intricate web of cybercriminals involved in the scheme.

The criminal complaint, unsealed earlier this week, reveals that the illicit plan unfolded during an “18 November credential stuffing attack,” resulting in the theft of $600,000 from 1,600 accounts. Both defendants now face the prospect of a maximum 57-year prison sentence for their involvement.

Intricate mechanics and fallout

Austad and Joseph Garrison, who was previously charged, executed the scheme by collecting username-password pairs acquired from data breaches, available for purchase on the dark web. The stolen credentials were systematically applied to gain unauthorized access to DraftKings accounts. Subsequently, the attackers aimed to either sell access to the compromised accounts or directly pilfer the deposited funds.

The modus operandi involved a “credential stuffing” method, where Austad and Garrison successfully infiltrated a staggering 60,000 DraftKings accounts. Once inside, the duo manipulated the accounts by adding a new payment method and depositing a small sum, enabling them to verify and withdraw funds using the newly added method.

Prosecutors highlighted that the duo sold access to the compromised accounts on various websites, commonly referred to as ‘shops,’ where stolen accounts are traded. Austad and Garrison also operated their own shops, with Austad’s shop named after the iconic comic strip character, Snoopy.

In a chilling revelation, Austad messaged his co-conspirators about the ongoing FBI investigation, displaying a brazen attitude towards the criminal activity. Despite the looming threat, he asserted, “lol fbi can’t do shit,” underscoring the audacity of the cybercriminals involved.

The charges against Austad include his use of artificial intelligence tools to generate incriminating images. These images, prompted by phrases like “snoopy hacking,” showcase the defendants’ sophisticated approach to their illicit activities.

Joseph Garrison, a co-conspirator, had previously pleaded guilty on 15 November, 2023. His sentencing is scheduled for 1 February 2024, in front of US District Judge Lewis A. Kaplan.

The FBI, represented by Assistant Director James Smith, emphasized the increasing sophistication of cyberattacks, stating that the agency will relentlessly pursue those who compromise economic security through cybercrime.

Austad and Stokes, having allegedly played a pivotal role in this cyber intrusion, now face the prospect of justice as the FBI continues its crackdown on cybercriminals.

Related topics:

Stop Press: the next Eurasia Summit takes place in Dubai between 25 – 27 February!

DraftKings Q3 2023: Revenue surges by 57% (sigma.world)

US sports betting expansion – Flutter’s strategic move (sigma.world)

Recommended for you
David Gravel
2024-11-04 15:14:18