The United States Attorney’s Office has made public the arrest and charging of two individuals linked to a targeted cyberattack where a criminal syndicate pilfered data and funds from thousands of sports betting and daily fantasy sports accounts.
Damian Williams, the United States Attorney for the Southern District of New York, along with James Smith, the Assistant Director in Charge of the New York Field Office of the FBI, disclosed that Nathan Austad, known as “Snoopy,” and Kamerin Stokes, known as “TheMFNPlug,” face charges in connection with the operation.
Allegedly collaborating with Joseph Garrison, the 18-year-old arrested last November, Austad from Farmington, Minnesota, and Stokes from Memphis, Tennessee, purportedly sought to vend user information online.
U.S. Attorney Damian Williams commented:
“It’s claimed that Nathan Austad and Kamerin Stokes participated in a plot to breach tens of thousands of victim accounts and peddle access to these compromised accounts online. Our office is unyielding in its pursuit of cybercrime perpetrators. We recently introduced an SDNY Whistleblower Pilot Program to encourage the early and voluntary disclosure of criminal activities. To all cybercriminals: reach out to us before we reach out to you.”
FBI Assistant Director in Charge James Smith added:
“Cyberattacks are becoming more sophisticated, targeting diverse businesses and posing significant risks to economic security. Nathan Austad and Kamerin Stokes purportedly engaged in a cyber intrusion that resulted in the theft of hundreds of thousands of dollars from victims’ accounts. As these defendants have come to realize, if you engage in cyberattacks for profit, the FBI can and will bring you to justice.”
Data Breach and Sale:
Austad, Joseph Garrison, and associates initiated a “credential stuffing attack” on the betting operator’s website. During this attack, they acquired credentials, including username and password pairs, which they allegedly attempted to sell on the dark web. They purportedly used the same credentials to access accounts held by the same users across other companies and providers.
Austad and Garrison are suspected of gaining access to approximately 60,000 accounts, where they introduced a new payment method and deposited $5 into each account to verify the method. Subsequently, they allegedly withdrew all existing funds in the account through the new payment method.
Access to these accounts was reportedly marketed on various websites trafficking in stolen accounts. Some were sold in bulk to accomplices like Stokes. The combined listed value of these accounts exceeded $125,000. Stokes then purportedly advertised these accounts for sale on his Instagram account.
Allegedly, Austad, Stokes, Garrison, and others absconded with approximately $600,000 from around 1,600 accounts.
Garrison had previously been apprehended in connection with the attack and pleaded guilty to conspiracy to commit computer intrusion. Garrison’s sentencing is slated for February 1st, 2024, before U.S. District Judge Lewis A. Kaplan.