Hacker who almost sprung a prisoner out of jail is himself imprisoned for seven years

He tried to jailbreak someone, and now he's become the prisoner himself.

Hacker who almost sprung a prisoner out of prison is himself jailed for seven years

In early 2017, Konrad Voits of Michigan, successfully tricked IT staff at Washtenaw County into visiting a webpage on the domain ewashtenavv.org (note the two v’s at the end of that URL), instead of the legitimate website at ewashtenaw.org.

That bogus webpage installed malware onto IT staff’s computers that ultimately gave Voits complete control over the Washtenaw County network. Voits was able to steal the names, addresses, emails and passwords of former and present County employees.

However, what has caught everyone’s imagination is not yet another case of computer-assisted fraud, but rather Voits attempt to have a prison inmate released early by altering Washtenaw County Jail records.

Fortunately, jail employees realised that the inmate’s hacked records were incorrect and nobody was released early. Meanwhile, the FBI was soon on the trail of the perpetrator.

You can hear more about the case in an episode of the “Smashing Security” podcast we recorded in late 2017.

Smashing Security #56: ‘Peeping Toms, prison hacks, and parliamentary passwords’

Listen on Apple Podcasts | Google Podcasts | Other… | RSS

A judge has now sentenced Voits to a not insignificant 87 months in a federal jail for the hack, and ordered him to pay $235,488 in restitution to the county for costs associated with investigating and responding to the security breach.

87 months. That’s seven years and three months. By anyone’s standards that’s a hefty sentence and likely to cast a long shadow over the rest of Voits’s life, impacting his innocent family and friends as well as his own future career prospects.

Many of us are technically savvy enough to register and create bogus domains, and create or purchase malware to take remote control of someone else’s computer systems. We may even have the brass to call up our victims or send them emails, tricking them into visiting a particular URL to launch an attack.

But just because something is possible doesn’t mean we should do it. I hope cases like Voits’s will warn others to think more carefully about the potential consequences of their actions, and act more ethically in future.

After all, it’s possible that Voits may now get out of prison long after the friend he tried to bust out. What a waste.

Tags: , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.