Nickolas Sharp, a former employee of Ubiquiti, a networking device maker, pleaded guilty today to stealing a large amount of data from the company's network and attempting to extort them while pretending to be an anonymous hacker and whistleblower. Sharp had access to confidential information which he used to demand a ransom, according to U.S. Attorney Damian Williams. When his demands were not met, Sharp retaliated by causing false news stories to be published about the company, resulting in a $4 billion drop in market capitalization. He was arrested and charged with data theft and extortion on December 1, 2021. Ubiquiti revealed a security incident in January 2021 following the data theft. While trying to assess the scope of the incident, Sharp also attempted to extort Ubiquiti, asking for 50 bitcoins in exchange for revealing the vulnerability used to breach the network and returning the stolen files. Ubiquiti refused to pay and instead changed all employee credentials, disabled a second backdoor from its systems, and issued a security breach notification. After the extortion failed, Sharp shared information about the incident with the media while pretending to be a whistleblower, accusing Ubiquiti of downplaying the breach. This caused the stock price to drop by almost 20%, leading to a loss of over $4 billion in market capitalization. Sharp was found to have stolen confidential files from Ubiquiti's AWS infrastructure and GitHub repositories using his cloud administrator credentials and cloning hundreds of repos over SSH. He also tried to hide his home IP address using a VPN service, but his location was exposed due to a temporary Internet outage. He also modified log retention policies on Ubiquiti's servers and other files to hide his identity during the incident investigation. Sharp faces a maximum sentence of 37 years in prison if found guilty. He is scheduled to be sentenced on May 10 by U.S. District Judge Katherine Polk Failla.
Nickolas Sharp, a former Ubiquiti employee, has pleaded guilty to stealing a large amount of data from the company's network and attempting to extort them while posing as an anonymous hacker and whistleblower. He had access to confidential information which he used to demand a ransom, and when his demands were not met, he retaliated by causing false news stories to be published about the company, resulting in a $4 billion drop in market capitalization. He was arrested and charged with data theft and extortion on December 1, 2021. Ubiquiti revealed a security incident in January 2021 following the data theft. Sharp asked for 50 bitcoins in exchange for revealing the vulnerability used to breach the network and returning the stolen files, but Ubiquiti refused to pay and instead changed all employee credentials, disabled a second backdoor from its systems, and issued a security breach notification. After the extortion failed, Sharp shared information about the incident with the media while pretending to be a whistleblower, accusing Ubiquiti of downplaying the breach. This caused the stock price to drop by almost 20%, leading to a loss of over $4 billion in market capitalization. Sharp was found to have stolen confidential files from Ubiquiti's AWS infrastructure and GitHub repositories using his cloud administrator credentials and cloning hundreds of repos over SSH. He also tried to hide his home IP address using a VPN service, but his location was exposed due to a temporary Internet outage. He also modified log retention policies on Ubiquiti's servers and other files to hide his identity during the incident investigation. Sharp faces a maximum sentence of 37 years in prison if found guilty. He is scheduled to be sentenced on May 10 by U.S. District Judge Katherine Polk Failla.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 02 Feb 2023 19:02:02 +0000