UK Hacker Known as “Courvoisier” Has Pleaded Guilty To Breaking Into Over 100 Company Websites
Many people would have made certain assumptions about the lifestyle of Grant West, living in a caravan in the small town of Sheerness in Kent, England at the age of 25. Little did they know that he was packing half a million UK pounds in bitcoin and over 68,000 credit and debit card details and spending his time blowing small fortunes in Las Vegas, driving around in an Audi A5 coupe. No, not your average pikey at all.
Unfortunately for West his lavish lifestyle of crime came to an end in September 30 last year when undercover officers planned to arrest him on a train to London. One of the officers sat next to West on the train and waited for him to log onto a dark web site, as soon as he did the officer signalled for the rest of the team to move in, their objective, to restrain him before he could log out or close the laptop. That way they wouldn’t lose the evidence they needed for a conviction. Had he managed to turn off that laptop, we might be able to still buy credit card details, known as “fullz” on the dark web.
In 2015, Courvoisier used brute force cyber-attacks to acquire the details of 165,000 people, from there he sent phishing links to secure credit card details. He would then sell those details as “fullz” (full credentials) for about 20 pounds each on Alfa Bay, a site that was taken down in 2017. Users of Alfa Bay could buy these cards and use them to make purchases online. He also sold login details to accounts on Groupon which gave users access to a range of vouchers for travel, fitness, restaurants or food delivery. Bet you wish you’d heard about this sooner.
The nature of the attacks was simple. After acquiring the personal details of over 165,000 people through these attacks he would send through phishing links disguised as customer offers for 10 pound gift vouchers and all the receiver needed to do was confirm a few details.
West pleaded guilty to conspiracy to defraud the companies he targeted between July and December 2015. He also pleaded guilty to a computer hacking charge as well as four counts of possession and supply of marijuana and money laundering. The guy just won’t quit.
News of his arrest has been met with mixed response from darknet forums. Some users have expressed their sympathies, likely feeling upset about having to find new ways to eat out for free. However other users have slammed him for being a scammer. He allegedly sold “fullz” that didn’t work or had already been used. This is a common scam on these markets as vendors will often sell the same card to a bunch of users who might cause it to get cancelled straight away before one of the other users has had the chance to use it, one could have an interesting discussion on the ethics of all of this.
West’s girlfriend, Rachael Brookes, 26 of North Wales was sentenced on the 2nd of May to two years community service for authorising the use of her computer to carry out at least one of the attacks. As for West, his fate will be decided later this month. Stay tuned for updates on this fascinating case!