Two British members of the notorious GhostMarket online cybercrime forum have been sentenced for hacks that stole details of thousands of credit cards and forced an online hosting company to go out of business.
Prosecutors claimed that 19-year-old Zachary Woodham, who used the online handle “Colonel Root”, chose the Punkyhosting webhosting firm to be his victim entirely at random, redirecting church webpages to pornographic content.
Ultimately the attacks, which took place between April and May 2009, put the Punkyhosting company out of business. Woodham then sent a taunting email to Punkyhosting gloating about his attack.
Following an investigation by the Metropolitan Police Service’s Police Central e-Crime Unit (PCeU), authorities raided Woodham’s Brighton home, seizing computer equipment. They also arrested Woodham’s 18-year-old accomplice Louis Tobenhouse.
Police found evidence that the pair had stolen thousands of credit card details, and had targeted online gambling firms.
Woodham used some of the stolen cards details to pay for access to a number of premium rate chat lines which he owned, effectively laundering the money which he then paid into his own bank account.
In addition, the pair are said to have posted tutorials on the underground GhostMarket website that explained how to commit fraud and how to hack into company websites.
According to a police press release, Tobenhouse said “I will never get a job in IT now” when he was arrested.
Passing sentence, Judge Jeremy Donne at Southwark Crown Court said the crimes were so serious that if Woodham had been over 21 years old, he could have expected a three-year prison sentence.
However, the defendants’ youth, their plans for further education, and the fact that they had entered guilty pleas, played to their favour.
Tobenhouse was sentenced to 400 hours of unpaid community work, and Woodham, who is now studying law at Sussex University, received a suspended prison sentence of 18 months imprisonment and a 360 hour spell of community service.
Woodham and Tobenhouse clearly had computing skills, but they chose to abuse them causing distress and financial loss for their innocent victims. The PCeU should be applauded for investigating this case, and bringing the culprits to justice.
And other youngsters considering a career in cybercrime should think carefully about just what might happen to them if they are caught by the computer cops.