Khmelnytsky programmer retrained as a hacker and hacked 7327 computers through cheats on GTA San Andreas

A programmer from Khmelnytskyi decided to become a hacker and after a while on special forums started distributing malware. He did this through infected files in GTA San Andreas mods, which he posted on YouTube.

However, the results were not impressive: — 4,740 UAH from 7,327 infected computers. And then there was the probationary year with a UAH 34 thousand fine.

Advice on how to become a hacker

According to case filesAfter he decided to become a hacker, he registered on a specialized hacker forum LOLZ.GURU. There he constantly addressed the community with numerous questions.

He then rented a server from the Russian company FirstVDS, where he set up the DarkCrystal RAT malware’s administrative panel.

This made it possible to control and view the list of computers infected with the malware, as well as to download users’ personal data.

Videos with mods on YouTube

The guy distributed malware through videos aimed at fans of the online video game GTA San Andreas Multi Player (GTA SAMP). They contained information about the results of installing the desired modifications to the specified computer game.

The video description contained links to the archive. After downloading, «users clicked on an executable file in the “eche” format, which contained the word “cheat” in its name».

DarkCrystal RAT

Of course, players did not receive any cheats or mods. These distributed files are a component of the DarkCrystal RA» malware. DarkCrystal RAT (also known as DCRat) is a modular malware that can be used for a variety of tasks, including dynamic code execution, data theft, surveillance and organization, and DDoS attacks.

Once launched on a victim’s computer, DCRat collects system information and transmits data such as host and user names, location data, privileges, installed security solutions, motherboard and BIOS information, and Windows versions to the control server.

DarkCrystal is capable of taking screenshots, intercepting keystrokes, and stealing various types of data from the system, including clipboard contents, cookies, passwords, browser history, bank card information, and Telegram, Discord, Steam, and FileZilla accounts.

The hacker obtained personal data from 7327 computers. He planned to sell this data. And he even succeeded in doing so, earning 4740 UAH.

Hacked 7327 computers

According to the court materials, the offender planned to sell the restricted information stored in the infected computers via Telegram. He realized his intention and received UAH 4,740 on his PrivatBank card. He repeatedly carried out such transactions.

In total, according to the investigation, the offender received personal data from 7327 computers of Internet users for the purpose of further selling the data.

Court decision

The court sentenced the Khmelnytsky hacker to 3 years in prison for the totality of the crimes. However, the sentence was later commuted, giving the offender a one-year probationary period before serving the actual term.

The hacker also has to pay the state the costs of engaging experts in the amount of UAH 34,413.12.