Lewys Martin, 20, of Deal in Kent, used the malware to harvest bank login credentials, credit card details and internet passwords from the compromised Windows PCs of his victims. Martin then apparently laundered the credentials via underground cybercrime forums, earning $5 or less for every credential, directing proceeds of his criminal activity towards an offshore account in Costa Rica, funds which remain beyond the reach of UK police.
Martin’s activities might have gone undiscovered if not for his arrest during what police described as a drunken attempt to break into a local college and steal computer equipment. Police who raided his home discovered printouts of stolen credit card numbers and papers relating to a fraudulent bank loan, obtained under a false name.
The student was convicted last November but sentence was deferred to allow him to complete a university computer course. However, bail was revoked after Martin was caught with several other individuals trying to break into Walmer Science College in Deal.
He caused hundreds of pounds of damages in criminal damages during the bungled burglary, according to local reports.
Martin was prosecuted and subsequently convicted for three burglary and fraud charges, leading up to a sentence hearing this week when he was jailed for 18 months.
A court clerk at Canterbury Crown Court confirmed the terms of the sentencing this week, which following earlier guilty pleas on the specimen charges. Further fraud charges were taken into consideration in sentencing Martin to a substantial spell behind bars.
Gamers are a popular target for malware distributors. Much of this malign activity is directed at gamers in the Far East but Western shoot-em-up and role-playing fans are also at risk and ought to be wary of malware posing as gaming cracks and other common tricks, as explained in a blog post by Sophos here.