NEWS
NEWS
NEWS
Two men accused of hacking Photobucket arrested, facing serious prison time
Two men accused of hacking photo-sharing service Photobucket.com, Inc. were indicted and arrested Friday by the Federau Buerau of Investigation (FBI.)
Brandon Bourret, 39, of Colorado Springs, Colorado and Athanasios Andrianakis, 26, of Sunnyvale, California, are accused of knowingly conspiring to commit acts and offenses against the United States, namely computer fraud and abuse, access device fraud, identification document fraud and wire fraud.
Both are said to have sold a program called Photofucket which allowed viewers to circumvent the privacy settings of Photobucket hosted images and videos, giving access to users private and password protected information, images and videos without authorization.
It’s not entirely clear from the complaint exactly how it worked, with it being claimed that Photofucket could be used to obtain guest passwords to access users’ password protected albums. Those passwords were also said to be transferred, or “caused to be transferred” guest passwords to others who paid to use the Photofucket application….which doesn’t make a lot of sense given guest accounts aren’t paid on Photobucket, nor would a guest account normally have access to a private account.
“It is not safe to hide behind your computer, breach corporate servers and line your own pockets by victimizing those who have a right to protected privacy on the internet,” said U.S. Attorney Walsh. “The U.S. Attorney’s Office is keenly focused on prosecuting those people for their theft — and for the wanton harm they do to innocent internet users.”
Two years the fool?
It’s simply not made clear in the complaint exactly how this all worked; did the software actually hack Photobucket or was it just a clever way of circumventing Photobucket’s privacy settings, possibly due to a security flaw?
The software is alleged to have been on sale, and effective for over two years, so if it was a hack, why didn’t Photobucket do something about having it closed down? It’s unlikely it took Photobucket two years to notice that this software was available for download.
The details will no doubt come out in court, but in the meantime something is a little strange here.
The defendants face a maximum penalty of five years in prison and a $250,000 fine on the counts of conspiracy and computer fraud, aid, and abet, and a maximum sentence of 10 years on each count of access device fraud.
photo credit: I See You. via photopin (license)
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
