A former software program engineer at Ubiquiti Networks has pleaded responsible to stealing gigabytes of knowledge from the agency, trying to extort thousands and thousands of {dollars}, and damaging the corporate’s status within the media.
37-year-old Nickolas Sharp, of Portland, Oregon, who labored in Ubiquiti’s cloud division, exploited his privileged entry to the corporate’s AWS servers and GitHub repositories in an effort to obtain gigabytes of confidential info.
Thinking he had coated his tracks by utilizing a SurfShark VPN account to cover his house IP handle whereas exfiltrating knowledge within the lifeless of the evening, a brief outage precipitated his actual IP handle to be logged.
As we previously reported, Sharp then posed as an nameless hacker, demanding US $2 million for the information’s protected return and particulars of the vulnerability he claimed to have exploited.
When Ubiquiti refused to pay the ransom, Sharp revealed a few of the stolen recordsdata on-line.
Sharp’s house was searched by the FBI, and he instructed the authorities that another person will need to have used his PayPal account to buy the SurfShark VPN account.
Several days after being questioned by the FBI, Sharp made the extraordinary resolution to contact know-how journalists pretending to be a whistleblower throughout the firm. The ensuing media tales of safety points at Ubiquiti precipitated the enterprise’s share worth to fall 20% – a loss in market capitalisation of over US $4 billion.
Sharp, has now pled responsible to fees of wire fraud, making false statements to the FBI, and transmitting a program to a protected pc that deliberately precipitated injury. He faces a complete most of 35 years in jail, and is scheduled to be sentenced on May 10, 2023.