A suspect in a case involving hacking, blackmailing and Bitcoin has been arrested in Hong Kong. A 30-year-old computer technician has been taken in custody in connection with cyberattacks against two travel agencies. The man risks years of imprisonment. Personal data of customers was held for ransom. Tour operators were asked to pay 1 Bitcoin for its release.
“Send the Bitcoin if You Want It Back”
Names, identity card numbers, passport details and phone numbers of 20,000 clients were part of the sensitive information. The companies, Big Line Holiday and Goldjoy Holidays, reported the hacking of their computers on January 1 and 2. They told police they had received emails from the unknown culprit who demanded 1 Bitcoin (about $15,000) to be paid as ransom.
Officers from Hong Kong’s Cyber Security and Technology Crime Bureau (CSTCB) raided an apartment on Cheung Chau Island and arrested the man, South China Morning Post reported. During the operation, police seized two desktop computers, two laptops, a tablet, three hard disks and five mobile phones. They also escorted the suspect to his workplace in Kowloon on Monday to gather more evidence. He has been described by local media as an “IT worker”, a “computer technician”. The man was handcuffed on Saturday night, January 6, at his home in Cheung Chau, The Standard reported.
The agencies were hacked on New Year’s Day when the attacker supposedly took advantage of weakened security of their websites. The companies received an email shortly after and were told to send the Bitcoin to a newly opened address. The author of the blackmail letter threatened that if they failed to pay the ransom the personal data of their customers would be posted on the internet Saturday, a police source told SCMP. After checking thousands of logs on the servers, the Cyber Security Bureau agents managed to identify the attacker’s IP address and trace it back to the suspect.