If you’re going to go around DDoSing businesses, it’s probably not the slickest idea to carry a thumb drive full of evidence in your pocket while you’re hurling a Molotov cocktail at one of their brick-and-mortars.
A now-35-year-old Belgian man who was already sentenced to prison for hurling that bomb has had his sentence extended by 18 months because of what investigators found on a USB drive that the man dropped during or after his 2014 attack on a Crelan Bank in the town of Rumbeke, Belgium, according to Belgian news site Het Laatste Nieuws (HLN).
HLN reported last week that the USB held evidence showing that the man, identified in court documents only as Brecht S., was a member of the hacker groups that brand themselves as Anonymous Belgium and Cyber Crew.
It also implicated the man in launching a distributed denial of service attack (DDoS) against Crelan Bank that took it offline for hours, and that he extorted a pizza shop, DDoS-ing it several times until the pizzeria paid him to call off the attacks.
Investigators who searched Brecht’s devices and history reportedly found evidence that Brecht had participated in large-scale international cyber attacks, including attacks launched against the Fédération Internationale de Football Association (FIFA): the world soccer’s governing body.
As HLN reports, Brecht told the court that he unleashed the DDoS against Crelan Bank in retaliation after €300,000 ($342,000) disappeared from his mother’s account. The money was looted after a divorce with his father, he said. Brecht also said that he couldn’t get a hearing from the bank on the matter.
Crelan’s servers were swamped, unable to conduct transfers for hours.
As far as the multiple extortionist DDoS attacks against the pizzeria go, Brecht said that he was having problems with drugs at the time.
According to his defense lawyer, Brecht had noble intent, as do many who’ve taken part in collective hacks over the years, be it DDoS attacks against hospitals in the #opJustina crusade or fighting the Islamic State by defacing loyalists’ profiles with porn.
HLN reports that the case law isn’t clear about whether hacking with ethical purposes is prohibited or not. That’s surprising to hear, particularly if you’re in the US, where prosecutors come down like a ton of bricks on hackers, noble intent or no.
HLN reports that a second, unidentified hacker from Bruges – an accomplice of Brecht’s – was also arrested. He was fined 1,200 euros (US $1,365).
Brecht had already been sentenced to a three-year jail term for arson related to the Molotov cocktail attack. The 18-month extension will be added to that term. According to ZDNet, Brecht hadn’t yet begun serving the jail time for arson: the prison time had been delayed so that he could receive psychological counseling.
📼 thefishstick 📼 (@rabidfishstick)
Poor pizzeria =/
Anonymous
who attacks a pizza shop….
Dave
A psychopath
Riggarob
You can tell this isn’t the US, time off for counseling before you get your sentence started?! Lol why do they give these people such latitude? Throw their asses in jail for a long time, and then take away every privilege they ever thought they had. Easy peasy
Bryan
Carrying an incriminating USB drive (unencrypted) to the scene of a different crime is highly reminiscent of the film Masterminds with Zach Galifianakis, Owen Wilson, and Kristen Wiig.
Mom losing the three hundred grand though… I’d be upset as well.
Tim
A statement says – “found on a USB drive that the man dropped during or after his 2014 attack on a Crelan Bank”,
Then it says “history reportedly found evidence that Brecht had participated in large-scale international cyber attacks, including attacks launched against the Fédération Internationale de Football Association (FIFA)”
… followed by “FIFA has been hacked multiple times: The first time, in 2017, led to the publishing of footballers’ failed drug tests”.
How is it possible that they found evidence that he participated in a 2017 attack (the first at FIFA) when the USB was found in 2014 with evidence that it had happened before? Either he was framed for the 2017 FIFA attack or perhaps FIFA hasn’t disclosed previous attacks?!?!
Paul Ducklin
I don’t think the mention of FIFA’s recent and known hacks was meant to imply that this guy was connected in any way with the 2017 and 2018 incidents, or that his FIFA attacks ever actually succeeded in prising data free – many hacks fail in their ultimate goal but are illegal nevertheless.
However, I have removed the “FIFA has been hacked multiple times” paragraphs, to avoid confusion.
Simon
@tim
“Investigators who searched Brecht’s devices and history .. evidence… attacks against FIFA”
The USB wasn’t the only evidence here.