A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million (over £922,000) worth of cryptocurrencies to his victims.
Grant West, a 27-year-old resident of Kent, England, targeted several well-known companies around the world since 2015 to obtain the financial data of tens of thousands of customers and then sold that data on underground forums in exchange for Bitcoins or other cryptocurrencies.
West, who operated under the online moniker of ‘Courvoisier,’ stashed the resulting cryptocurrencies in multiple accounts and wallets, which was confiscated by the Metropolitan police after West’s arrest in September 2017 following a two-year-long investigation code-named ‘Operation Draba.’
Metropolitan Police Cyber Crime Unit (MPCCU) also seized an SD card from West’s home, which contained approximately 78 million individual usernames and passwords as well as 63,000 credit and debit card details.
Authorities also recovered a laptop that West used to carry out phishing attacks containing personal financial information of more than 100,000 people in a file known as “fullz.” The laptop actually belonged to West’s girlfriend.
Following the investigation, detectives found evidence that West conducted phishing scams on the websites of 17 major companies including Uber, Sainsbury’s, Nectar, Groupon, T Mobile, AO.com, Argos, the Finnish Bitcoin exchange, the British Cardiovascular Society, Truly Experiences Ltd, and M R Porter.
In one of his scams, West posed as food delivery service “Just Eat” between July and December 2015 in an attempt to steal the financial information of 165,000 customers. Though he failed to obtain any financial data of its customers, the attack cost the firm roughly £200,000.
Besides this, West also made money by selling cannabis on the dark web which he shipped to his customers and “how-to” guides instructing other online fraudsters how to carry out cyber attacks.
At the time of his arrest, the funds seized from West’s multiple accounts and cryptocurrency wallets were reportedly around £1.6 million, but the fluctuating value of Bitcoin and other digital currencies brought the seized funds down to £922, 978.14.
West was jailed on 25 May at Southwark Crown Court for 10 years and eight months for 10 counts of criminal offenses including two counts of conspiracy to defraud and two counts of possession of the criminal property.
Now, just today, Southwark Crown Court judge granted the confiscation of his funds (£922,978.14) under the Proceeds of Crime Act and told West if he refused the confiscation order, he would serve a further four years, the Metropolitan Police Service (MPS) said in a statement published today.
“The cryptocurrency will now be sold, and the victims will receive compensation for the damage caused by the organised criminality committed by West,” the MPC said.
Head of the MPCCU, Detective Chief Inspector Kirsty Goldsmith, said: “The MPS is committed to ensuring that individuals who are committing criminality on the Dark Web are identified, prosecuted, and their criminal assets are seized.”
Leave a Reply