Itnews.Au
Microsoft's Global Device ID Links Teen Hacker to $8 Million Ransom Demand
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Peter Stokes, a 19-year-old hacker, was extradited to the U.S. for allegedly demanding a ransom of $8 million from a luxury jewelry retailer. His identification was largely facilitated by Microsoft's Global Device ID (GDID), which linked him to the crime despite using a VPN. The FBI's complaint revealed that Microsoft provided crucial telemetry data, including the GDID and IP address history, which connected Stokes to multiple online accounts, including Snapchat and Apple. Investigators found evidence of Stokes' activities through ngrok, a tunneling service he used to bypass security measures. The case is part of the FBI's Operation Riptide, targeting the Scattered Spider hacking group linked to over 100 attacks and more than $100 million in extortion. Stokes faces six counts of cybercrime, with charges stemming from his hacking activities and conspiracy related to Scattered Spider.
Key Points: • Peter Stokes is linked to a $8 million ransom demand through Microsoft's GDID. • Microsoft's telemetry data was crucial in identifying Stokes despite his use of a VPN. • The case is part of Operation Riptide, targeting the Scattered Spider hacking group.