A man accused of hacking UK National Lottery accounts via credential stuffing attacks has been sentenced to nine months in prison, the UK’s National Crime Agency reported on Friday.
Anwar Batson, 29, of London, has been sentenced for fraud and four violations under the Computer Misuse Act of 1990. The man was arrested in May 2017 and initially denied any involvement, claiming that he had been a victim of trolls and hackers, but later pleaded guilty after investigators found on his devices conversations between him and other members of the conspiracy.
According to the NCA, Batson used a tool called Sentry MBA to launch credential stuffing attacks on accounts belonging to National Lottery customers. Sentry MBA allows cybercriminals to quickly and easily attempt to access online accounts using millions of usernames and passwords.
These credentials are often obtained as a result of third-party breaches and the credential stuffing attacks can have a high success rate given that many people use the same username and password combination for multiple online accounts.
The NCA said Batson used Sentry MBA to launch attacks against Camelot, the company that runs the National Lottery, and also provided instructions to others on how to do so.
Other individuals who launched these types of attacks against Camelot included Daniel Thompson, 27, of Newcastle, and Idris Kayode Akinwunmi, 21, of Birmingham. Thompson and Akinwunmi were sentenced in July 2018 to eight and four months in prison, respectively.
When the attack against the National Lottery was announced by Camelot in November 2016, the company said hackers had accessed roughly 26,500 accounts. The NCA says there are approximately 9 million records in the National Lo ..
Support the originator by clicking the read the rest link below.
