IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US extradites French ShinyHunters hacker, faces 123 years in prison

The hacker is believed to be a member of the hacking group known for its spree of data breaches across 2020 and 2021

The US has successfully extradited a French hacker accused of committing cyber crime on behalf of the ShinyHunters group.

Sebastien Raoult, 21, faces a maximum prison sentence of 123 years if found guilty on all charges on his nine-count indictment.

The allegations against him include conspiracy to commit computer fraud and abuse, conspiracy to commit wire fraud, four counts of wire fraud, and three counts of aggravated identity theft for using other people’s login credentials.

Originally arrested in Morrocco last year, Raoult was finally extradited to the US last week and will be kept in detention until April to face his next hearing.

His alleged crimes included hacking into running phishing pages that imitated legitimate businesses to steal login credentials. These were then used to hack into corporate systems and steal information of value.

“Too many bad actors believe they can illegally access proprietary information and personal financial information by hiding behind a keyboard,” said Nick Brown, US attorney for the Western District of Washington. 

“FBI Seattle Cyber Task Force and our experienced cyber unit is working diligently to identify, arrest, and prosecute those who seek to victimise people, businesses, and industries in the Western District of Washington and around the world.”

What is the ShinyHunters hacking group?

Related Resource

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Whitepaper cover with title and logo on blue header banner and analysis chartFree Download

The ShinyHunters group is believed to have been formed in 2020 and participated in various cyber criminal activities including hacking, phishing, stealing data, and extorting victims.

ShinyHunters’ Twitter profile display picture is set as an image of Umbreon, a Pokémon character, suggesting the name of the group is derived from the game’s task of hunting for rare, shiny creatures.

The group hasn’t been in operation for long, in comparative terms, but it has claimed a large number of successful data breaches, including one on Microsoft in May 2020 which saw the theft of more than 500GB worth of source code from its private GitHub page.

Other notable incidents claimed by ShinyHunters include those affecting Wishbone and Tokopedia, both also in May 2020, Pixlr, Mashable, and Pluto TV.

Unlike its target selection, which never followed any obvious patterns, ShinyHunters’ attack methods were more uniform in nature.

Members would typically steal legitimate login credentials through phishing attacks or buy them on the black market. 

Those would then be used to access private information from businesses to steal, sell, and leverage in extortion scenarios.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Recommended

Ericsson guilty of federal bribery, will pay $206m fine
Policy & legislation

Ericsson guilty of federal bribery, will pay $206m fine

3 Mar 2023
Chipmakers receiving CHIPS Act funding ordered to share profits with US government
Policy & legislation

Chipmakers receiving CHIPS Act funding ordered to share profits with US government

2 Mar 2023
CISA: Tech industry 'shouldn't tolerate' Patch Tuesday
Security

CISA: Tech industry 'shouldn't tolerate' Patch Tuesday

1 Mar 2023
CISA: Phishing campaign targeting US federal agencies went undetected for months
phishing

CISA: Phishing campaign targeting US federal agencies went undetected for months

26 Jan 2023

Most Popular

HMRC lost nearly 50% more devices in 2022
Hardware

HMRC lost nearly 50% more devices in 2022

17 Mar 2023
The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Outlook zero day patch causes headaches for Windows admins
Security

Outlook zero day patch causes headaches for Windows admins

15 Mar 2023