Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

UK Hacker Sentenced to 20 Months in Prison

Hacker Elliot Gunton has been sentenced to 20 months in prison by Norwich (UK) County Court, but released immediately because of time already served in custody.

Hacker Elliot Gunton has been sentenced to 20 months in prison by Norwich (UK) County Court, but released immediately because of time already served in custody.

Local police made a routine visit to Gunton’s home in April 2018 to ensure he was complying with a Sexual Harm Prevention Order (SHPO) previously imposed in June 2016. When they examined his laptop, they found evidence of software tools to enable cybercrime. The laptop was seized and examined by the police.

The examination found evidence of Gunton’s offer to sell compromised personal information that would allow criminals to intercept mobile phone calls and texts. It also found evidence of Gunton advertising hacking services for $3,000 in Bitcoin.

“However,” says a statement from the Norfolk (UK) Constabulary, “despite Gunton taking complex and sophisticated measures to conceal and delete his activity, he had left behind clues of his offending — fragments of conversations with others online where he discussed criminal activity, as well as officers tracing and seizing £275,000 worth of ‘cryptocurrency’ including Bitcoin under his control.”

Gunton was one of the teenagers arrested for the 2015 Talk Talk hack

The SHPO was separately imposed in June 2016 after indecent images of children were found on his laptop. The police made regular visits to ensure he was complying with the terms of the order. They found evidence that he was talking on hacker forums, and that he had installed CCleaner (which includes secure file deletion capabilities which would be in contravention of the SHPO).

When the police learned that Gunton was planning to appeal the SHPO, they paid another visit, examined his laptop, and found sufficient reason to confiscate it for deeper investigation. He was charged with five counts including charges under the Computer Misuse Act 1990. Although he initially denied all charges, he later pleaded guilty, and was sentenced on Friday, August 15, 2019. He was sentenced to 20 months in prison, but was released immediately since he has already spent this time on remand.

He was ordered to pay back £407,359. The police found and seized £275,000 of cryptocurrency, including Bitcoin, under his control. He was also issued a three-and-a-half-year Community Behavior Order that prohibits ownership or use (unless supervised) of any device capable of accessing the internet without making it available for inspection and provided it retains the history of internet usage without modification. 

Advertisement. Scroll to continue reading.

Other conditions include no use of incognito surfing, no use of cloud storage without declaring it and making the storage available for inspection, no installation of additional encryption or deletion software, and no use of any cryptocurrency wallet without providing a “verifiable explanation as to the lawful origin of any cryptocurrency identified to be under your control.”

“Today’s sentence,” said a police spokesperson, “will ensure he cannot continue with this kind of criminal activity and the team remain committed to pursuing and identifying anyone involved in this kind of crime.”

It should be asked, however, whether zero prison time and relatively easily avoidable behavior conditions will be an adequate deterrent for a young man who seems to have been engaged in hacking activities for at least the last four years and is still only 20 years old.

Related: TalkTalk Hack Suspect Arrested for Blackmail 

Related: Prosecutors Seek 3-Year Sentence in ‘Celebgate’ Hacking Case 

Related: Hacktivist Gets 10-Year Prison Sentence for DDoS Attack on Hospitals 

Related: California Man Gets 26-Month Prison Sentence for DDoS Attacks 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.