Ride the Lightning

Los Angeles Superior Court Hacked To Send Two Million Phishing Emails

October 28, 2019

Bleeping Computer reported on October 22 that a Texas man was sentenced to 145 months in federal prison for hacking the Los Angeles Superior Court (LASC) computer system and using its servers to deliver around 2 million phishing emails.

33-year-old Oriyomi Sadiq Aloba "was found guilty of one count of conspiracy to commit wire fraud, 15 counts of wire fraud, one count of attempted wire fraud, one count of unauthorized impairment of a protected computer, five counts of unauthorized access to a protected computer to obtain information, and four counts of aggravated identity theft."

He was facing a statutory maximum sentence of more than 350 years in federal prison after being found guilty of the above charges on July 26, 2019, but the judge sentenced him to roughly 12 years. Additionally, District Judge R. Gary Klausner ordered Aloba to pay $47,479 in restitution.

Aloba infiltrated the court's computers following a phishing attack that led to the compromise of one of LASC's employee's email accounts in July 2017. This account was later used in a spear-phishing attack targeting the accounts of thousands of other LASC employees.

Aloba sent them phishing emails containing a fake Dropbox notification asking them to send the company their user credentials. This allowed Aloba to collect the email addresses and passwords of hundreds of Superior Court employees.

He used these credentials "to log into LASC servers" according to the initial indictment from February 2018 and "sent test emails to himself to test the security features and ensure that he had full access to the accounts."

Aloba used their compromised email accounts to send more than two million phishing emails impersonating companies such as American Express and Wells Fargo.

"Hyperlinks in the fraudulent emails led victims to a webpage that asked for their banking login credentials, personal identifying information, and credit card information," the Department of Justice says.

"The link for the fake American Express website used source code that designated Aloba's email account as the delivery address for the information that the victims input into the fake website."

Aloba was apprehended by law enforcement after executing a search warrant at his home, where the investigators found signs of his attempts to destroy evidence that could incriminate him, including "dozens of phishing kits" found on his laptop.

After searching his residence, they discovered "a thumb drive in a toilet, a damaged iPhone in a bathroom sink, and a laptop computer with a smashed screen that was smeared with fresh blood."

Aloba was not the only one linked to this operation, as 28-year-old Robert Charles Nicholson (aka Million$Menace), one of his co-conspirators and a co-defendant, also pleaded guilty to one count of conspiracy to commit wire fraud. He will also appear in front of Judge Klausner on November 4, while three other defendants Aloba allegedly hired to develop the phishing kits he used in the attacks remain at large outside the U.S.

Hat tip to Dave Ries

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson