The FBI has arrested a 20-year-old Tennessee man reputed to be a member of the notorious NullCrew hacking group.
Timothy Justin French was arrested recently by the FBI at his home in Morristown, Tennessee, on charges of conspiring to launch attacks against two universities and three companies since last summer.
The NullCrew has been connected to several high-profile attacks since 2012. According to authorities, French went by a number of aliases, such as ‘Orbit’, ‘@Orbit’ and ‘c0rps3’. He is accused of working with other members of NullCrew to launch attacks that resulted in the release of computer data such as thousands of usernames and password combinations.
“Cyber crime sometimes involves new-age technology but age-old criminal activity ― unlawful intrusion, theft of confidential information, and financial harm to victims,” said Zachary T. Fardon, United States Attorney for the Northern District of Illinois, in a statement. “Hackers who think they can anonymously steal private business and personal information from computer systems should be aware that we are determined to find them, to prosecute pernicious online activity, and to protect cyber victims.”
According to the complaint affidavit, NullCrew has used Twitter accounts to promote their involvement in dozens of attacks against different targets. The group also posted links to Pastebin, where they had uploaded compromised information. In November 2012, NullCrew announced an attack on the U.K.’s Ministry of Defense and released more than 3,000 usernames, email addresses and passwords belonging to members of the defense ministry.
Some of the more high-profile attacks attributed to them affected the World Health Organization (WHO) and PBS in 2012, as well as an attack earlier this year that compromised information of customers of Bell Canada.
According to the affidavit, the FBI worked with a confidential informant who was invited to join online chats with members of the group. During the chats – which occurred on Skype, Twitter and CryptoCat – members of the NullCrew discussed past, present and future attacks and shared information about vulnerabilities.
In the complaint, French is accused specifically of being involved in five different attacks between July 2013 and April 2014. In each instance, information stolen by the NullCrew was leaked online, causing what the Justice Department called “significant financial damages to the universities and companies.”
During each of the attacks, the investigation identified a computer user named “Orbit,” who was using an internet protocol (IP) address assigned to French’s Morristown, Tenn., address, authorities said. Data from the victims’ computers show access from the same IP address at or around the time the hacks occurred or were being discussed by the group, according to the complaint.
If convicted, French faces a maximum of 10 years in prison and a $250,000 fine.