Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

FBI Arrests Alleged NullCrew Member for Hacking

The FBI has arrested a 20-year-old Tennessee man reputed to be a member of the notorious NullCrew hacking group.

Timothy Justin French was arrested recently by the FBI at his home in Morristown, Tennessee, on charges of conspiring to launch attacks against two universities and three companies since last summer.

The FBI has arrested a 20-year-old Tennessee man reputed to be a member of the notorious NullCrew hacking group.

Timothy Justin French was arrested recently by the FBI at his home in Morristown, Tennessee, on charges of conspiring to launch attacks against two universities and three companies since last summer.

The NullCrew has been connected to several high-profile attacks since 2012. According to authorities, French went by a number of aliases, such as ‘Orbit’, ‘@Orbit’ and ‘c0rps3’. He is accused of working with other members of NullCrew to launch attacks that resulted in the release of computer data such as thousands of usernames and password combinations.

“Cyber crime sometimes involves new-age technology but age-old criminal activity ― unlawful intrusion, theft of confidential information, and financial harm to victims,” said Zachary T. Fardon, United States Attorney for the Northern District of Illinois, in a statement. “Hackers who think they can anonymously steal private business and personal information from computer systems should be aware that we are determined to find them, to prosecute pernicious online activity, and to protect cyber victims.”

According to the complaint affidavit, NullCrew has used Twitter accounts to promote their involvement in dozens of attacks against different targets. The group also posted links to Pastebin, where they had uploaded compromised information. In November 2012, NullCrew announced an attack on the U.K.’s Ministry of Defense and released more than 3,000 usernames, email addresses and passwords belonging to members of the defense ministry.

Some of the more high-profile attacks attributed to them affected the World Health Organization (WHO) and PBS in 2012, as well as an attack earlier this year that compromised information of customers of Bell Canada.

According to the affidavit, the FBI worked with a confidential informant who was invited to join online chats with members of the group. During the chats – which occurred on Skype, Twitter and CryptoCat – members of the NullCrew discussed past, present and future attacks and shared information about vulnerabilities.

In the complaint, French is accused specifically of being involved in five different attacks between July 2013 and April 2014. In each instance, information stolen by the NullCrew was leaked online, causing what the Justice Department called “significant financial damages to the universities and companies.”

During each of the attacks, the investigation identified a computer user named “Orbit,” who was using an internet protocol (IP) address assigned to French’s Morristown, Tenn., address, authorities said. Data from the victims’ computers show access from the same IP address at or around the time the hacks occurred or were being discussed by the group, according to the complaint.

If convicted, French faces a maximum of 10 years in prison and a $250,000 fine.

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.