Zain Qaiser, a 24-year old student from London, has been jailed for six years and five months for his role in a porn ransomware attack, BBC News reports. Qaiser made at least £700,000 ($914,000) as a result of the scam, although the UK’s National Crime Agency (NCA) believes his actual earnings may have numbered in the millions.
Working as part of a Russian-speaking organized crime group, Qaiser would pose as a legitimate company seeking to buy advertising space on legal porn sites. These ads would redirect users to sites containing malware, which would lock a victim’s computer and display messages claiming to be from law enforcement. These messages claimed to have recorded webcam evidence of the victim, and demanded a ransom of between $300 and $1,000 in order to unlock the machine.
The NCA discovered £700,000 of Qaiser’s profits, but his network may have made as much as £4 million in total based on the amount of money that he laundered through a series of cryptocurrency platforms. The NCA calculated that his ads appeared on as many as 21 million web pages each month, with Qaiser making as much as £11,000 in July 2014 alone. He had victims across 20 different countries.
The attacks relied on the Angler Exploit Kit, a powerful piece of malware developed and managed by one of his Russian associates. Qaiser split his profits with this associate. Angler was used to insert further malware, such as Reveton, into a victim’s computer that was responsible for locking their browser.
Qaiser was eventually caught in July 2014 after one of the advertising agencies he used to place ads reported him to the police. Qaiser had conducted a DDoS attack against the company and said, “We can make some serious money together. It’s my way or no way. The K!NG is back.” The company is estimated to have suffered around £500,000 in damages as a result of the attack, and later reported him to the police.
The NCA says Qaiser continued to be active, even after his arrest in 2014. After he was sectioned in late 2017, the Birmingham Mail reports that his hospital Wi-Fi was used to access the online ad sites used during his offending. The NCA says that his offending continued up until December 2018.
After initially claiming that he himself had been hacked, Qaiser eventually plead guilty to 11 charges including blackmail, fraud, money laundering, and computer misuse.