US extradites French ShinyHunters hacker, faces 123 years in prison

A hacker wearing black gloves using a laptop keyboard
(Image credit: Shutterstock)

The US has successfully extradited a French hacker accused of committing cyber crime on behalf of the ShinyHunters group.

Sebastien Raoult, 21, faces a maximum prison sentence of 123 years if found guilty on all charges on his nine-count indictment.

The allegations against him include conspiracy to commit computer fraud and abuse, conspiracy to commit wire fraud, four counts of wire fraud, and three counts of aggravated identity theft for using other people’s login credentials.

Originally arrested in Morrocco last year, Raoult was finally extradited to the US last week and will be kept in detention until April to face his next hearing.

His alleged crimes included hacking into running phishing pages that imitated legitimate businesses to steal login credentials. These were then used to hack into corporate systems and steal information of value.

“Too many bad actors believe they can illegally access proprietary information and personal financial information by hiding behind a keyboard,” said Nick Brown, US attorney for the Western District of Washington.

“FBI Seattle Cyber Task Force and our experienced cyber unit is working diligently to identify, arrest, and prosecute those who seek to victimise people, businesses, and industries in the Western District of Washington and around the world.”

What is the ShinyHunters hacking group?


IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment


The ShinyHunters group is believed to have been formed in 2020 and participated in various cyber criminal activities including hacking, phishing, stealing data, and extorting victims.

ShinyHunters’ Twitter profile display picture is set as an image of Umbreon, a Pokémon character, suggesting the name of the group is derived from the game’s task of hunting for rare, shiny creatures.

The group hasn’t been in operation for long, in comparative terms, but it has claimed a large number of successful data breaches, including one on Microsoft in May 2020 which saw the theft of more than 500GB worth of source code from its private GitHub page.

Other notable incidents claimed by ShinyHunters include those affecting Wishbone and Tokopedia, both also in May 2020, Pixlr, Mashable, and Pluto TV.

Unlike its target selection, which never followed any obvious patterns, ShinyHunters’ attack methods were more uniform in nature.

Members would typically steal legitimate login credentials through phishing attacks or buy them on the black market.

Those would then be used to access private information from businesses to steal, sell, and leverage in extortion scenarios.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.