Defense of Convicted Cypriot Hacker in US Not Seeking Appeal

A lawyer for a Cypriot hacker who has served almost four years behind bars said he will not appeal against a one-year jail sentence in the US for cyber-crimes he committed as a minor.

A Georgia court handed down the jail term on Thursday in the trial of Joshua Pelloso Epifaniou, now 22, who was arrested in Cyprus in May 2017 and last year became the first Cypriot national ever extradited to the United States.

“This historic extradition and sentencing would not have been possible without the determination of our FBI investigators and the help of our federal and foreign partners,” Chris Hacker, an FBI Special Agent in Atlanta, Georgia, said in a Department of Justice statement.

“It is further proof that no matter where criminals who prey on US companies and citizens are hiding, either geographically or virtually, we will pursue them and bring them to justice,” Hacker said.

Cyprus-based lawyer Michael Chambers, in an email to AFP, said an appeal would not be filed although Epifaniou had confessed and was expecting to be freed on time served.

“I do not believe that the sentence is worth appealing against as he will be released in 10 months,” said Chambers.

The Cypriot’s legal team had hoped Epifaniou would be released as he had pleaded guilty and paid compensation.

Epifaniou pleaded guilty to federal computer fraud charges brought in Arizona and Georgia.

As a result of the conviction, Epifaniou forfeited $389,113 and €70,000 ($83,000) to the government and paid $600,000 in restitution to his fraud victims, on the back of his cryptocurrency takings.

Epifaniou was extradited last July 16 to face charges for crimes committed at night from his bedroom in his mother’s Nicosia home as a teenager.

The maximum sentence for the charges he faced was 20 years.

Between October 2014 and May 2017, Epifaniou hacked websites and monitored online traffic to identify extortion targets.

After selecting target websites, he worked with co-conspirators to steal information from the websites’ databases.

Epifaniou then used proxy servers located in foreign countries to log into email accounts and send messages to the websites threatening to leak the sensitive data unless a ransom was paid in bitcoins, which have since shot up in value.

Initially arrested in Nicosia at the age of 17, he spent more than three years in a Cypriot jail without being convicted and fighting extradition.

His Filipina mother Vivina Polloso, a supermarket employee, has expressed heartbreak at his treatment, especially after he was whisked out of the country after a brief and tearful farewell at the island’s international airport in the midst of the coronavirus crisis.

“They deprived him of his youth, he became an adult in prison,” his mother said.

Related: ‘Money Mule’ Operator Gets Seven-Year Prison Sentence

Related: Hacker Closing Out Prison Sentence in Chicago Halfway House

Related: Russian Sentenced to Prison in U.S. for Role in Cybercrime Scheme