A Hamilton teen who stole $48-million in cryptocurrency from a U.S. entrepreneur – what police say was the biggest such hack of a single victim – will spend no further time in custody but has been banned from handling digital assets for a year.
The young man, who was 17 at the time of the offence in 2020 and cannot be named under Canada’s Youth Criminal Justice Act, had reached a deal with prosecutors and was handed a one-year probation Friday with the condition of not transacting in cryptocurrency during that period.
The international case spanned multiple agencies, including the U.S. Federal Bureau of Investigation and Secret Service, and highlights the unique security issues and increasing prominence of digital assets in today’s online world.
The teen pleaded guilty to one count of theft over $5,000. In a joint submission accepted by Justice Joe Fiorucci in a Hamilton court, the defence and prosecution recommended no jail time – partly due to the year the young man had already spent in custody.
How the arrest of a Canadian hacker unveiled the rise of ‘ransomware as a service’ out of Russia
Defence lawyer Luka Rados told the court his client has struggled with anxiety and other mental-health issues and has had to drop out of traditional school. But he is now poised to complete high school and wants to eventually work in cybersecurity.
“Someone having been involved in a massive cryptocurrency hack now becoming a security expert is a fitting way for this case to come full circle,” Mr. Rados said.
The teen, who has been out on bail, appeared before the court remotely, with the computer screen turned away from the public. He apologized directly to the victim – entrepreneur and investor Josh Jones of California.
“I intend to move forward only in a positive direction,” he said.
The court heard that it was possible the young man had worked with another person, but it was unclear if authorities were pursuing the matter further.
About 94 bitcoins, worth roughly $2.5-million, would be returned to the victim. It remains to be seen how much of the $48-million can be recovered.
Hamilton police announced in November that they had arrested the teen for a so-called “SIM swap” attack, in which perpetrators trick telecommunications companies into porting over victims’ cellphone numbers to SIM cards they control. Access to a cellphone number frequently grants access to other accounts, including e-mail, whose log-ins are often dependent on two-factor, text-message authentication.
Perpetrators are often young men who spend a lot of time in insular online cultures. They sometimes steal short or one-word usernames, which signal early adoption and can both command clout and sell for thousands of dollars. They also sometimes fish for passwords to cryptocurrency, whose transactions are considered irreversible.
Often, though, SIM swapping targets celebrities and is done purely for fun.
The Hamilton teen has no prior criminal record. But he had been SIM swapping since at least 2016 and has connections to many high-profile hackers, according to his chat logs, which The Globe and Mail obtained from a confidential source.
The Globe is not naming the source because they were not authorized to disclose that information.
Details of the young man’s background were first reported by Toronto Life.
Family court files show he was brought up largely by his mother after his parents separated amid financial issues.
Mr. Rados said Friday that the case had a “silver lining”: the young man’s renewed relationship with his father, who had moved away. “After [the teen] was charged and found himself stuck in custody, [his] dad took it upon himself to move back to Ontario, bail out his son and be there as a father.”
The victim in the case, Mr. Jones, was an early investor in Bitcoin and has had his hands in web hosting, aviation and animation. A podcast describes him as the “richest, goofiest, most confident yet normal-seeming person who was a Bitcoin pioneer.”
The court heard that the Hamilton teen took control of Mr. Jones’s phone number on the T-Mobile network, broke into his e-mail and was then able to access his cryptocurrency wallet on Blockchain.com.
Hamilton police, which initially pegged the stolen amount at $46-million, said the young man was identified as the hacker after the stolen cryptocurrency was used to buy a username considered rare in the gaming community and linked to an address. The Globe’s source identified the PlayStation Network username as “God.”
Mr. Rados told the court the ensuing arrest was “highly dynamic” and “aggressive,” with police kicking in the teen’s door. “The memory of that night is burned into the teen’s mind and has been the cause of some post-event stress.”
Hamilton police have declined to elaborate on the heavy-handed response for a non-violent offence.
Records obtained from another police force via a Freedom-of-Information request show the young man had been the target of at least one “swatting” attempt, in which a prankster calls in a false threat at someone else’s address to elicit a response from a tactical team. People are sometimes swatted as a result of disputes in online circles.
Your time is valuable. Have the Top Business Headlines newsletter conveniently delivered to your inbox in the morning or evening. Sign up today.