Young Hacker Hacks Prison Network To Get Friend Freed Early

A Michigan young hacker hacked into the government network of Washtenaw County Jail and changing the Washtenaw County Jail records, with the purpose to help a friend get freed early from jail.

The man, Konrads Voits, 27, of Ann Arbor, Michigan, was caught earlier this year after an FBI investigation.

According to the plea agreement, Voits registered the domain name of ewashtenavv.org on January 24, 2017. The name of the domain contained two “v” instead of a “w” at the end – the intent was to fool County employees into thinking it was a legitimate domain name for the County.

The hacker sent emails to jail staff acting as a man named “Daniel Greene” and asked for help with getting government records, and later also registered the domain name of ewashtenavv.org. The name of the domain included two “v” instead of a “w” a look-alike of “ewashtenaw.org,” the Washtenaw County’s official portal, the intent was to fool County staffers into believing it was a legitimate domain name for the County.

The email spear-phishing attacks were unsuccessful, so the hacker called other jail staffers and asked them to visit some websites to download and install an executable (malware) that would “upgrade the County’s jail system.”

According to plea agreement:
“Through the installation and use of this malware, Voits was able to gain full access to the County network, including access to sensitive County records such as the XJail system (the computer program used to monitor and track inmates in the County Jail), search warrant affidavits, internal discipline records, and County employee personal information,”

Jail staffers noticed the hack right away and informed the FBI soon after. The Jail also hired a security firm to clean its IT network.

Voits now faces up to ten years in prison and a fine of up to $250,000.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA