U.S. Superior Court Systems Hacked to Spread Phishing Emails
A Texas man was sentenced today to 145 months in federal prison for hacking the Los Angeles Superior Court (LASC) computer system and using its servers to deliver around 2 million malspam emails.
33-year-old Oriyomi Sadiq Aloba "was found guilty of one count of conspiracy to commit wire fraud, 15 counts of wire fraud, one count of attempted wire fraud, one count of unauthorized impairment of a protected computer, five counts of unauthorized access to a protected computer to obtain information, and four counts of aggravated identity theft."
He was facing a statutory maximum sentence of more than 350 years in federal prison after being found guilty of the above charges on July 26, 2019, but the judge sentenced him to roughly 12 years as part of today's sentencing hearing.
Besides the over 12 years he has to spend in federal prison, the man was also ordered by United States District Judge R. Gary Klausner to pay $47,479 in restitution.
Los Angeles Superior Court systems used for phishing
Aloba managed to infiltrate the court's computers following a phishing attack that led to the compromise of one of LASC's employee's email accounts in July 2017. This account was later used in a spear-phishing attack targeting the accounts of thousands of other LASC employees.
Aloba sent them phishing emails containing a fake Dropbox notification asking them to send the company their user credentials. This allowed Aloba to collect the email addresses and passwords of hundreds of Superior Court employees.
He used these credentials "to log into LASC servers" according to the initial indictment from February 2018 and "sent test emails to himself to test the security features and ensure that he had full access to the accounts."
Subsequently, Aloba used their compromised email accounts to send more than two million phishing emails impersonating companies such as American Express and Wells Fargo.
"Hyperlinks in the fraudulent emails led victims to a webpage that asked for their banking login credentials, personal identifying information, and credit card information," the Department of Justice says.
"The link for the fake American Express website used source code that designated Aloba’s email account as the delivery address for the information that the victims input into the fake website."
Aloba was initially charged by the Los Angeles County District Attorney, but the matter was referred to the United States Attorney’s Office for federal prosecution. Aloba was initially charged in federal court on January 10. He made his initial appearance in the federal case on January 17, at which time he was ordered released on a $10,000 bond. - Department of Justice
The largest court system in the world under attack
The man was apprehended by law enforcement after executing a search warrant at his home, where the investigators found signs of his attempts to destroy evidence that could incriminate him, including "dozens of phishing kits" found on his laptop.
After searching his residence, they were able to discover "a thumb drive in a toilet, a damaged iPhone in a bathroom sink, and a laptop computer with a smashed screen that was smeared with fresh blood."
Aloba’s targeting of the "largest court system in the world… merits special attention," the case prosecutors wrote in a sentencing memorandum filed with the court.
The man's "conduct resulted in a substantial disruption to the administration of the LASC, including taking hundreds of employees offline for hours, at a minimum, and possibly days."
Aloba was not the only one linked to this operation, as 28-year-old Robert Charles Nicholson (aka Million$Menace), one of his co-conspirators and a co-defendant, also pleaded guilty to one count of conspiracy to commit wire fraud.
He will also appear in front of Judge Klausner on November 4, while three other defendants Aloba allegedly hired to develop the phishing kits — collections of tools designed to launch and manage phishing attacks — he used in the attacks remain at large outside the U.S.
Image: WilliamCho
Gloss