Hacker Zain Qaiser Jailed For Blackmailing Porn Site Users In Global Scam

Investigators say it is the UK's most serious cyber crime case.

A hacker who made more than £500,000 by blackmailing porn website users, in what investigators say is the UK’s most serious cyber crime case, has been jailed.

Zain Qaiser targeted millions of computers with malicious browser-locking software which demanded payment of up to 1,000 US dollars (£767) to unfreeze the screens, Kingston Crown Court heard.

The 24-year-old, who worked with an international Russian crime group, received more than £500,000 through the multimillion-pound global scheme, which he spent on luxury hotel stays, gambling and a Rolex watch.

He was jailed for six years and five months. The National Crime Agency (NCA) considers it the most serious case of cyber crime they have investigated, the court heard.

Sentencing on Tuesday, Judge Timothy Lamb QC said: “The harm caused by your offending was extensive - so extensive that there does not appear to be a reported case involving anything comparable.

“It has been asserted on your behalf you are remorseful. I have seen no outward expression of that”

- Judge Timothy Lamb QC

“Whatever your motivation for mounting these attacks on the internet you took the opportunity to spend large sums of ill-gotten money in casinos, on an expensive watch and luxury hotel services.

“All the constituent offences were part and parcel of your role as the self-styled ‘K!NG’ of the internet.

“It has been asserted on your behalf you are remorseful. I have seen no outward expression of that.”

The former computer science student, who committed most of his crimes between the age of 18 and 19, remained expressionless as the sentence was passed.

Qaiser, of Barking, east London, using the online name K!NG, bought masses of advertising on porn sites using fake identities, prosecutor Joel Smith said.

But when users clicked the corrupted links, their computers were exposed to highly sophisticated “Angler” software.

Infected computers showed a message impersonating law enforcement in the user’s country saying an offence had been committed and demanding payment of up to 1,000 dollars (£767), the court heard.

The crime group collected massive multimillion-pound profits from victims in more than 20 countries, although the total number of people who paid the fee is unknown, the NCA said.

Open Image Modal
Zain Qaiser
PA Images

Some advertisers were “happy to turn a blind eye” to Qaiser’s actions - but those who tried to stop him “became the subject of the defendant’s anger”, Smith told the court.

Qaiser then blackmailed them and tried to flood their servers with DDoS (distributed denial of service) attacks, putting the sites out of action and costing several businesses hundreds of thousands of pounds, he added.

He even threatened to spam their sites with child pornography, the court heard.

Qaiser, who initially denied the crimes and claimed he had been hacked himself, has entered guilty pleas to an 11-count indictment.

He has admitted three counts of blackmail; three counts of fraud by false representation; four counts of doing an unauthorised act with intent to impair the operation of a computer; and one count of possessing criminal property.

The ransomware offences were committed between 2012 and 2014, while the money laundering offence was committed between 2015 and 2018.

Qaiser was charged in February 2017, but a trial set for February 2018 was abandoned when he was sectioned under the Mental Health Act.

While he was detained at Goodmayes Hospital in north London, the hospital Wi-Fi was used to access online advertising websites Qaiser had used for his offending, the court heard.

In December, he was arrested over laundering around £120,000 while on bail and charged and remanded in custody.

Prosecutors suspect Qaiser has money stored in offshore accounts but have been unable to directly trace them so far, Smith said.