A former software program engineer at Ubiquiti Networks has pleaded responsible to stealing gigabytes of knowledge from the agency, making an attempt to extort thousands and thousands of {dollars}, and damaging the corporate’s fame within the media.
37-year-old Nickolas Sharp, of Portland, Oregon, who labored in Ubiquiti’s cloud division, exploited his privileged entry to the corporate’s AWS servers and GitHub repositories with a purpose to obtain gigabytes of confidential data.
Pondering he had lined his tracks through the use of a SurfShark VPN account to cover his residence IP tackle whereas exfiltrating information within the lifeless of the night time, a brief outage brought on his actual IP tackle to be logged.
As we beforehand reported, Sharp then posed as an nameless hacker, demanding US $2 million for the info’s secure return and particulars of the vulnerability he claimed to have exploited.
When Ubiquiti refused to pay the ransom, Sharp revealed a few of the stolen recordsdata on-line.
Sharp’s residence was searched by the FBI, and he instructed the authorities that another person will need to have used his PayPal account to buy the SurfShark VPN account.
A number of days after being questioned by the FBI, Sharp made the extraordinary choice to contact know-how journalists pretending to be a whistleblower inside the firm. The ensuing media tales of safety points at Ubiquiti brought on the enterprise’s share worth to fall 20% – a loss in market capitalisation of over US $4 billion.
Sharp, has now pled responsible to fees of wire fraud, making false statements to the FBI, and transmitting a program to a protected pc that deliberately brought on injury. He faces a complete most of 35 years in jail, and is scheduled to be sentenced on Might 10, 2023.
