A British script kiddie who DDoS'd a Labour Party parliamentary candidate's website in the runup to the last general election has been banned from using the Tor browser.
Bradley Niblock, formerly the operator of the UGLegion Twitter account, pleaded guilty to two Computer Misuse Act crimes after being tracked down by Cumbria Police. He was sentenced at Crown Court earlier this week.
Niblock launched a DDoS assault against the website of a Labour Party candidate days before the 2019 general election, an event which press officers in central party HQ characterised as "sophisticated and large scale cyber-attacks". Instead of its usual 100 visitors a day, the site was crapflooded with 250,000 connection requests, overwhelming it and forcing election candidate Chris Altree to engage Cloudflare's DDoS mitigation service, the courts heard.
South Cumbria Magistrates' Court heard in May that 22-year-old Niblock was a "self-confessed computer geek" who was "posing" as UGLegion "to attract likes to his Twitter site," as reported by the North West Evening Mail.
UGLegion was a Twitter account which appeared to be vaguely affiliated with Lizard Squad, a gang of internet miscreants whose specialisms were digital graffiti and distributed denial-of-service (DDoS) attacks, as we reported when they were active in the mid-2010s.
Police eventually raided Niblock's home in early 2020. The @UGLegion Twitter account was handed over to police, his solicitor said, and is currently suspended.
When his phone was seized, investigators found it was logged into the Twitter account of Furness Academy. Solicitor Louise Gordon told magistrates on Niblock's behalf: "This was a case of Mr Niblock messing around on his computer. He came across Furness Academy's Twitter account. He put in a password and it worked."
- UK Computer Misuse Act convictions declined last year despite pandemic explosion in online criminal activity
- Average convicted British computer criminal is young, male, not highly skilled, researcher finds
- Eight Brits arrested after probe into SIM-swapping scam targeting US celebs
- Man arrested after UK school finds wiped hard drives on devices connected to network
Cumbria Police's Cyber and Digital Crime Unit also linked Niblock to an account that was sending menacing messages to a young woman via Snapchat after Niblock had been arrested and released under investigation for the DDoS attack. Those messages included screenshots edited to suggest the sender had access to her account.
Bradley Kai Hayden Niblock pleaded guilty to breaching section 1(1) and section 3(1) of the Computer Misuse Act 1990 and to sending malicious Snapchat messages in breach of section 127(1)(a) of the Communications Act 2003.
Magistrates committed him to Preston Crown Court for sentencing. There he received an eight-month prison sentence suspended for two years, a 200-hour community service order and a three year Criminal Behaviour Order.
That order bans Niblock from using Tor and any non-Tor browser in private browsing mode, acquiring malware "that would compromise another computer," acquiring any stressors or pentesting tools or using a VPN "or software designed to obfuscate the origin of the defendant's IP address connection to the internet." He must also let police rifle through his devices at will.
Additionally, Niblock is banned from signing up to social media platforms using "vanity names" unless these are "made available to the police for inspection on request" – and he is banned from deleting any "social media content" or profiles without police permission.
His Honour Judge Simon Medland QC, sentencing, said, in comments reported by the North West Evening Mail: "The effect [of the DDoS] was significant and had a big impact on Mr Altree's ability to campaign in a democratic election. The offence concerning the Furness Academy was a further example of your misuse of computer equipment."
The judge added: "While you were under investigation you launched a spiteful and hurtful attack on an innocent woman. It left her feeling scared."
Niblock is now said to be working as a web designer. ®