Feeds

Hacker who helped find Steubenville rapists threatened with decade in prison

While the rapists get minimum sentence and rehab

The Essential Guide to IT Transformation

A security consultant who helped uncover evidence of the repeated rape of an Ohio teenager has been raided by the FBI and charged with offenses that could see him spend 10 years in prison.

Last year, a 16 year-old girl from Steubenville, Ohio was repeatedly assaulted by members of the local football team, dubbed Big Red, after she passed out drunk at a party. Despite photos on Twitter of the unconscious girl being carried from house, to house the local police decided there was not enough evidence to investigate the popular sports team's members.

After crime blogger and one-time Steubenville resident Alexandria Goddard started writing about the case, a group of hackers operating under the Anonymous brand decided to get busy and soon found plenty of evidence, including a sickening 12-minute video of one team member joking about having witnessed the attack. The hackers gained control of the Big Red fan site and posted the information there.

The case and subsequent hacking caught the national news media's attention and the local police decided that they did have enough evidence to investigate after all. In March, two teenagers, Trent Mays and Ma’lik Richmond, were convicted of sexual assault and distributing naked images of a minor and sentenced to a minimum of a year in juvenile detention, or a maximum of four years.

Barely a month later, a dozen armed FBI agents raided the home of one of those suspected of the hacking that uncovered evidence of the rape, Kentucky IT security consultant Deric Lostutter – also known as KYAnonymous. Lostutter, his brother, and his sibling's girlfriend were all arrested, computers in the house were confiscated, and the trio was warned not to discuss the case or face charges of "tampering with evidence."

Ohio rape

Doing this gets you a year, uncovering it gets you 10 years

"They want to make an example of me, saying, 'You don't fucking come after us. Don't question us,'" he told Mother Jones.

Lostutter does admit that he helped organize a protest meeting in the town about the lack of police action and appeared on CNN wearing a Guy Fawkes mask to talk about the case. But he denies any hacking charges, saying that someone else has already admitted hijacking the football team's fan site.

That hacker, who operates under the name Batcat, told the local Ohio Herald-Star newspaper in February that he had got into the account by the simplest of means, namely guessing that the answer to the password reset question of the person who owned the fan site would be "Big Red."

Batcat remains at large, but Lostutter now faces computer crime charges that could see him spending ten years in a federal prison, as well as suffering ongoing disruption to his day-to-day consultancy business and facing potentially huge legal fees. A donation site has already raised over $30,000 for his defense.

"I was always raised to stick up for people who are getting bullied," Lostutter said. "I'd do it again."

While El Reg doesn’t condone criminal hacking or cracking, it does seem somewhat ridiculous that a person can face such a light sentence for sexual assault (the victim's attackers are due to be moved to a no-bars rehabilitation center next week) while someone who may have helped expose the crime faces ten years hard time. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.