Science

Hacker Faces 10 Years for DDoS Attacks and Sex Toy Pranks in DOJ Crackdown

The Department of Justice is trying to send a message.

by Nickolaus Hines
Alcatraz

Anonymous’s repeated attacks on Donald Trump since December of 2015 have made hacker harassment a part of everyday conversation. Today, the United States Department of Justice handed down a sentence to a member of the Electronik Tribulation Army (ETA) that shows just how severe the punishment for those types of hacks can be.

Benjamin Earnest Nichols, a 37-year-old ETA member from Oklahoma City, pled guilty to intentionally causing damage with a distributed denial of service (DDoS) attack on mcgrewsecurity.com in 2010. Nichols hasn’t been sentenced yet, but faces a maximum of 10 years in federal prison and a $250,000 fine.

It’s the DDoS attack that put Nichols in court, but the list of other things he admits to doing range from costly to downright dirty: causing $6,500 in losses to McGrew Security because of a downed website, making disparaging remarks and insulting McGrew (owner of the attacked website and security service), photoshopping images of McGrew, and sending sex toys to McGrew’s home. The exact type of sex toys were not mentioned in the U.S. Attorney’s Office press release. Regardless, it’s the type of behavior hacking groups have made a name doing. It’s also behavior that the U.S. DOJ plans on stopping.

Wesley McGrew, owner of McGrew Security.

Twitter/Wesley McGrew

McGrew became a target of the ETA because of his role in the arrest of Jesse McGraw, the leader of the hacker group, back in 2009. McGraw was arrested after he installed malware and a remote-access program on dozens of computers at the North Central Medical Plaza in Dallas. He planned to use the medical computers for a DDoS attack on a rival hacker group, but was stopped before anything came of his tampering. He was sentenced to nine years in federal prison in 2011.

It was one of the first major cybercrime sentences given, and the hacking community still mentions the decision’s importance.

After McGraw’s arrest, Nichols and two other ETA members turned their eyes on McGrew.

“They set up a website in my name to pose as me, and put up embarrassing content or things they thought would embarrass me, including a call-to-action to buy sex toys, and fake pornographic images,” McGrew told Wired in 2010. “They harvest email addresses from the university I work at and emailed it out to those.”

McGrew was a key witness against McGraw, so the FBI got involved. They raided Nichols’ home because his actions were “affecting a potential witness in an official proceeding,” the search warrant affidavit read. The search warrant lists Nichols as going by the names “thefixer25,” “fixer,” “fix,” ”c0aX,” and “ballsdeep.”

Witness intimidation is a federal crime.

The ETA responded by posting the following on its website:

“On the 23rd of June 2010 the Federal Bureau of Investigation issued search warrants on ETA members. All their computers and electronic devices have been taken for forensic investigation…. We are not terrorists, we are freedom fighters and cyber protesting is not illegal.”

Back in 2009, when McGraw was arrested, ETA members were hyper aware of how they could be next. When Nichols was asked if he was still in the ETA in an email from another member, he responded:

“Right now admissal (sic) of any kind like that is certainly what some douchebag prosecutor would like. I cannot give you that answer when you ask me outright, however.”

Nichols also said that he wiped his computers. Turns out he didn’t wipe them well enough, and can look forward to big time for his hacking crimes. It’s a message from the DOJ to the hacking community that it surely won’t ignore.