Janquitarian history with illegal access to the network of the manufacturer of the Ubiquiti network equipment received an unexpected continuation. December 1, the FBI and the NEW York Prosecutor’s Office Announced arrest former Ubiquiti officer Nicolas Sharp (Nickolas Sharp). He was charged with illegal access to computer systems, extortion, fraud using telecommunication systems (Wire Fraud) and the dacha of false testimony to FBI employees.
If you believe (already remote) Profile in LinkedIn, until April 2021, Sharpe held at the Ubiquity position of the head of Cloud Team, and before that he held senior engineering positions in companies such as Amazon and Nike. According to the prosecutor’s office, Sharpe is suspected that in December 2020, illegally, using his official position and, accordingly, administrative access to Ubiquiti computer systems, bowed from a corporate account on GitHub to its home computer about 150 repositories. To hide your IP address, Sharpe used VPN SurfShark service. However, after a random breakage of communication at its Internet provider in the access logs, the home IP address of Sharpe.
In January 2021, already being a member of the Incident Investigation Group, Sharpe sent an anonymous letter to Ubiquiti, in which 50 bitcoins (~ $ 2m) demanded in exchange for silence and disclosure of an allegedly existing vulnerability through which it was Access access. When Ubiquiti refused to pay, Sharpe published a part of the stolen data through the Keybase service. A few days after that, he formatted a laptop through which the data cloned and corresponded with the company.
In March 2021, the FBI agents spent around Sharpe a search and seized several “electronic devices”. During the search, Sharpe denied that the VPN SurfShark had ever used, and when he was presented with documents showing that in July 2020 he acquired a 27-month subscription there, referred to the fact that someone hacked his PayPal account.
A few days after the search of the FBI Sharpe contacted Brian Krebs (Brian Krebs), a well-known information security journalist, and plunged him “Inside” about the incident in Ubiquiti, which was charges .