Matthew Anderson, 33, is understood to have sent out 50million ‘spam’ emails containing an attachment for recipients to click on. All of those who did so – believed to be 200,000 – had their computer infected with a virus that left it effectively ‘enslaved’.
Anderson was then able to rifle through private files and saved photographs – and even switch on web cameras attached to the computers. At his leisure he then sat spying into the living rooms or bedrooms of strangers. The victims will have been completely unaware of his watching eyes.
When he was caught in a four-year police operation, officers found he had stored pictures and film of dozens of people in their own homes. Among clips was that of a 16-year-old girl bursting into tears when Anderson began changing words on her computer screen. He then gloated to a fellow hacker about tormenting her, revealing he had been using her webcam for hours, viewing her sisters, and lamenting the fact they were not naked.
Anderson was working in an international hacking gang called ‘m00p’ with at least three others. Only one other, from Finland, has been caught. He was jailed for 18 months today after pleading guilty to ‘unauthorised modification of computer systems’ at Southwark Crown Court in London. However, he is likely to serve just nine months. The court heard the father-of-five, who was born in Rochdale, carried out his crimes in the home of his mother Ruth, 54, in Banffshire, Scotland.
He claimed through his barrister that he joined online chatrooms after being left house-bound by panic attacks in his early 20s. Publicly he ran a computer security firm – offering to protect clients, ironically, from people like himself.
Simon Ward, defending, said Anderson was motivated by ‘the feeling of power that comes from the knowledge that you have control over something that others don’t know you have the control of’.
The ‘cutting edge’ software behind his virus has been ranked as among the best in the world.
Anderson was caught after the m00p gang was investigated jointly by Scotland Yard and Finnish authorities when a computer expert at John Radcliffe hospital raised concerns. Anderson was found to have profited by £12,000 by selling on to legitimate marketing firms email addresses harvested from computer address books.
But it was the webcams he used and the personal data, including nude photos and bank account details, which he had access to and copied that is particularly chilling. Investigating officer Detective Constable Bob Burls said Anderson’s initial spam emails typically told recipients they had a computer problem, and offered to fix it. When they clicked on the file, the hacker’s virus was let loose to hijack the computer, although it seemed to continue working normally. From his remote location he could record every word typed, or copy the computer screen at any time.
Anderson and his fellow gang members operated unhindered for years – with around one in 250 spam recipients being taken in.
During police monitoring, Anderson – who used online nicknames including warpig and, warpiglet – successfully enslaved 1,743 computers in just 90 minutes. His fellow gang members were known online as Kdoe, CraDle and Okasvi - with the last, real name Artturi Alm, being the only other hacker brought to justice when jailed in his native Finland two years ago.
Mr Burls said the hacker copied one victim’s will, website passwords, banking passwords.
original article here