A Team of 4 Hackers who are resided in San Diego Infiltrated the Mortgage Company Computer Servers to steal the sensitive data between 2011 – 2014.
The Stolen information including loan application information from thousands of customers such as Social Security numbers, addresses, dates of birth, and driver’s license numbers and use it for various malicious activities.
Also Read: Attackers Distributing Dangerous Malware via YouTube to Steal Passwords
.png
)
Hackers Used Fuzzing Technique
John Bade, A chief Hacker and one of the masterminds of this hacking Group compromise the mortgage companies using a well known common hacking technique called Fuzzing.
Fuzzing helps to overload a web server with massive amounts of data that can lead to the server revealing security loopholes.
In this case, “Once Baden had access to victims’ information, he and his conspirators, Victor Fernandez, Jason Bailey, and Joel Nava, went to work. Fernandez—the group’s ringleader—identified multiple victims’ brokerage accounts and took control of them by calling the companies and providing the victims’ personal information to change passwords and contact information. “
25,000 Compromised Victims
Later they will transfer the funds to an account that controlled by the Hackers form the victims account and sometimes they transferred up to $30,000.
Spoke Person from FBI said, Victims stretched from California to Florida, and one individual lost nearly $1 million in the scheme.
In this case, more than 25,000 victims were compromised by this hackers and FBI believes that it could be more than we expected and its impossible to calculate since There was so much retail fraud over such a long period of time.
“Investigators worked backward from the mortgage company, eventually identifying the hack—and the hackers. By that time, Baden was hiding in Mexico. In 2014, he was named to the San Diego FBI’s Most Wanted Cyber Fugitives list, and the reward offered in the case eventually led to his capture in Mexico, Christopherson said.”
According to FBI, All four Hackers pleaded guilty to their roles in the fraud scheme. In 2015, Baden was sentenced federally to nine years in prison. In January 2018, Fernandez was sentenced to more than 10 years in prison. Bailey received a sentence of more than five years, and in February 2018, Nava was the last subject to be sentenced, to 44 months in prison.
