Ad network ransomware crook to flog £5k Rolex after court confiscates £270k in ill-gotten gains

Next thing she's wearing my Casio

Zain Qaiser, jailed ransomware operator. Custody pic: National Crime Agency
Zain Qaiser, pictured at his arrest. Pic: National Crime Agency

A jailed hacker who profited from the Angler Exploit Kit has been ordered to sell his £5,000 Rolex watch after the National Crime Agency (NCA) applied to confiscate £270,000 of criminal proceeds from him.

Zain Qaiser, 25, formerly of Barking in London, has been ordered to pay £270,864.47 to the British state following a confiscation order hearing held at Kingston Crown Court last week.

Back in April, His Honour Judge Timothy Lamb QC sentenced Qaiser to six-and-a-half years in prison for his malware exploits.

The NCA claimed in a statement today that Qaiser would face an extra two years in prison unless he paid the £270,000 within three months – including the forced sale of a £5,000 Rolex watch currently in the possession of the not-quite-police-force.

"Qaiser spent the proceeds of his criminality on stays in high-end hotels, prostitutes, gambling, drugs and luxury items including a £5,000 Rolex watch," the agency said in a statement.

NCA investigator Nigel Leary, the agency's head of ops in its national cyber crime unit, declared: "Confiscation orders are a key tool in allowing us to pursue illegally obtained assets and preventing convicted criminals from funding luxury lifestyles on their release."

Having confessed to 11 offences including blackmail, fraud, money laundering and Computer Misuse Act crimes, Qaiser was eligible for a confiscation order. These, as law firm Hodge Jones and Allen explains on its website, are aimed at destroying any wealth gained by crooks from their criminal lifestyles.

It appears that Qaiser has obtained three months' grace to pay instead of being forced to stump up immediately as is usual.

Ransomware spread through porno ad networks

Qaiser himself was part of a gang that posed as legitimate pornography companies in order to distribute malware through online ad networks, with the NCA saying at the time of his sentencing that he was involved in spreading both the Angler Exploit Kit and the Reveton ransomware family.

Reveton locked the target's browser and displayed a message claiming to be from a police agency and demanding an upfront "fine", payable in Bitcoin, to evade criminal proceedings for some imaginary transgression. The fines were paid to Qaiser's ransomware gang. Each ransom was worth between $300 and $1,000, according to the NCA, with Qaiser having scored around £700,000 in total.

When the ad networks realised that Qaiser's brand of smut was far worse than the filth they usually carried, they tried to stop the gang. Qaiser responded by DDoSing them and threatening to plant child abuse images on the company directors' devices, the NCA claimed in previous public statements.

Although the Londoner was first arrested in July 2014 a trial planned for February 2018 was abandoned after he was sectioned under the Mental Health Act. During his enforced stay at Goodmayes Hospital in Ilford, police claimed the hospital Wi-Fi had been used to access ad networks that Qaiser used during his crime spree.

A Bitcoin account linked to Qaiser was said to have contained in excess of £100,000 worth of the cryptocurrency after his arrest, with the man himself having no job and not having declared any legitimate sources of income. ®

Sponsored: Detecting cyber attacks as a small to medium business

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER




Biting the hand that feeds IT © 1998–2020