A 21-year-old computer hacker from the UK who made more than $700,000 (£505,000, €571,000) selling malware on the dark web has been jailed after being found guilty of multiple cybercrime charges.
Alex Bessell, from Liverpool, used a zombie army of 9,083 computers to launch more than 100 attacks on firms including Google, Skype and Pokémon, police said Thursday (18 January). He also stole 750 usernames and passwords and ran a criminal market named "Aiobuy".
Investigators said Bessell used the hijacked computers to launch distributed-denial-of-service (DDoS) attacks and crash websites by bombarding them with traffic.
His secretive operation was thriving. Online, he sold remote hacking tools, botnet tools, booter access software and other malware variants, according to the West Midlands Police.
The dark web is frequently used to host criminal marketplaces as it helps administrators to stay anonymous while trading illegal products.
Cyber investigators from the Regional Organised Crime Unit (Rocu) discovered that roughly 35,000 purchases had been made through Aiobuy, which attracted more than 26,000 registered users.
One product he offered for sale was a "crypter" software package – which he designed – that could hide bugs from computer users and make them invisible to anti-virus systems.
Bessell was jailed for two years at Birmingham Crown Court for 10 offences, including unauthorised access to computers, impairing the operation of computers, supplying malware and money laundering. Officials are now calling for stricter sentences for hackers.
"This is one of the most significant cybercrime prosecutions we've seen: he was offering an online service for anyone wanting to carry out a web attack," Rocu's DC Mark Bird said.
"It meant anyone who had a grudge against an individual or company, or who simply wanted to conduct a cyberattack, didn't need the technical know-how themselves," he continued.
"They simply needed to pick a piece of malware, pay the fee, and Bessell would do the rest.
"In the past we have seen hackers escape with suspended prison sentences or even community orders but courts are increasingly switching onto the damage cyber crooks can wreak.
"They can destroy businesses and cause huge financial distress for people and families.
"Anyone who is using their technical expertise for sinister motives needs to sit up and take notice of this sentence – because they face a very real risk of being jailed."
Last week, a 24-year-old cybercriminal who ran a crypter marketplace pleaded guilty in the UK.