This article is more than 1 year old

Brit hacker jailed for strapping ransomware to smut site ad networks

6 years in the cooler for cybercrim who made £700k+ from Angler Exploit Kit

A student hacker who used pornography websites' ad networks to deploy the Angler Exploit Kit onto his marks' devices has been jailed for six years.

Zain Qaiser, a 24-year-old Londoner from Barking, used ad networks on smut websites to distribute malware including the Angler Exploit Kit, which the National Crime Agency (NCA) said was "believed to have been created, managed and marketed by one of Qaiser's Russian-speaking associates".

The exploit kit would then deploy the Reveton malware, which would lock a targeted user's browser and "display a message purporting to be from a law enforcement or a government agency, which claimed an offence had been committed", the NCA added, with the message menacing the user into paying a "fine" between $300-$1,000 in cryptocurrency in order to unlock their device.

Sentencing Qaiser at Kingston Crown Court today, Judge Timothy Lamb QC said: "The harm caused by your offending was extensive – so extensive that there does not appear to be a reported case involving anything comparable."

Qaiser collected around £700,000 in ransoms, paid in cryptocurrency. NCA investigators believe the true total was higher.

He was caught after ad networks realised what they were being used for and tried to stop Qaiser, who responded by DDoSing them. The blackmailer told one company director: "I'll first kill your server, then send child porn spam abuses." Prosecutors alleged these attacks resulted in the companies being hit for at least £500,000 through lost revenue and mitigation costs.

Qaiser admitted 11 offences, including blackmail, fraud, money laundering and computer misuse. He was first arrested in 2014, though he was sectioned under the Mental Health Act in late 2017, which caused a planned trial in February 2018 to be abandoned. Prosecutors told the court, according to the Birmingham Mail, that while he was confined at Goodmayes Hospital in north London, the hospital's Wi-Fi "was used to access online advertising websites Qaiser had used for his offending".

His crimes are thought by the NCA to have started in at least September 2012 and lasted until he was remanded in custody in December 2018.

The Angler Exploit Kit fell out of favour with cybercrooks in 2016. As we reported at the time, the authors of the malware "were responsible for a whopping 40 percent of all exploit kit infections having compromised nearly 100,000 websites and tens of millions of users, generating some $34m annually".

NCA investigator Nigel Leary today said of Qaiser's arrest:

"This was an extremely long-running, complex cyber-crime investigation in which we worked with partners in the US, Canada, Europe and the Crown Prosecution Service. The FBI and the US Secret Service have both arrested people in relation to this global malware campaign," .

Under current sentencing laws, Qaiser will serve no more than half of his six-year-and-five-month sentence behind bars, with extra time off being given for the last four months on remand. ®

More about


Send us news

Other stories you might like