Hacker tried to free a friend from prison, but was caught breaking into the system

In 2013, the story of two prisoners who were released ahead of time in a Florida prison was widely known. Accomplices fabricated documents signed by the judge and sent them to prison by fax. Prison staff processed the documents in a normal manner - and released the prisoners. An error was noticed only after a week, and a $ 10,000 reward was announced for the capture of the fugitives. But it did not take long to search. By law, all Florida prisoners released from prisons are required to report their place of residence. These two thought that everything looked legitimate - and they themselves reported their place of residence. They were detained, but they did not find any accomplices.

Now a hacker from Michigan has turned a no less audacious scam to release a fellow from prison. But this time the prison administration showed vigilance, so that soon the unlucky programmer will join his friend in prison. But he was very close to success. Not enough just a little bit.

December 1, 2017 Konrads Voits (Konrads Voits) was found guilty of "damaging a protected computer," a press release from the Eastern District Public Prosecutor of Michigan said.
')
The 27-year-old resident of Ann Arbor from Michigan will remain in custody until the announcement of the sentence on April 5, 2018.

According to investigators and court records (PDF) , Voits applied the classic phishing scheme, which resulted in employees of the Washteno County, Michigan. In fact, this is more like social engineering. The hacker sent e-mail letters to the prison administration and made a phone call, convincing employees to download and run malicious software under the guise of a software update of the system.

To implement its scam, on January 24, 2017, the hacker registered the domain name ewashtenavv.org with two “v” at the end, which looks similar to the legitimate domain of the Washtenaw district.

Then, between February 14 and 16, 2017, Voits sent letters to the district officials on the fictitious name of “Daniel Green”, in which he asked for help with the analysis of some court records. This is probably how he got the first basic information that was needed in the subsequent stages of the scam.

Between February 20 and 22, 2017, Voits called the administration several times, introducing himself as the names of the two current employees of the Washteno County Information Technology Department. In letters and during phone calls, he explained to administration officials that they needed to download and install the file using the link in the letter, or go to the website at the specified address to download the executable file "to update the district's IT IT system." Some staff followed his instructions. So Voits managed to install malware on the computers of the administration and learned the credentials of one of the employees to log on to the system.

Using this information, he distributed the malware to other computers in the district administration network and received full access to the system, including access to protected databases, such as the XJail system (a program for monitoring and tracking prisoners in the district prison), written testimony, internal disciplinary records , as well as personal information about employees. Voits managed to obtain personal information about more than 1,600 employees of state district institutions, including logins, passwords and email addresses.

Around March 2017, with full access to the system, Voits entered the prison records system and edited electronic records of one prisoner in the county jail, changing the date of his release.

In the opinion of the prosecutor’s office, the defendant’s actions “significantly violated the integrity of the district’s electronic data, which posed a threat to public health and safety.” The invasion of the system was soon noticed: after all, there were only 200-250 male prisoners in this prison, so everyone is well aware of the terms of each other.

The county's IT department asked a third-party company to investigate the incident, restore all hard drives from copies, verify data accuracy on virtually all prisoners in the district, and purchase a “private data protection program” for 1600 district employees whose data were compromised. As calculated by the investigation, at least $ 235,488 was spent on eliminating the actions of the hacker.

Depending on various factors (the biography of the accused, his behavior during the investigation) Konrads Voitsu faces imprisonment for up to 10 years with observation 1-3 years after his release and a fine of up to $ 250 thousand.