Posted on October 1, 2020 at 2:06 PM
A recent report has revealed that the social media accounts of one NBA player and two NFA players were infiltrated by hackers.
The report added that the two hackers were from Florida and Louisiana, and they both face separate indictments for their fraudulent and criminal acts. They were able to access the social media accounts of these professional athletes and either used the information for ransom demands or sold the information at the darknet.
The accused could face 20 years in prison
The report from federal criminal complaints stated that the hackers, Ronnie Magrehbi and Trevontae Washington, will be facing charges on computer fraud conspiracy and wire fraud conspiracy filed by the US attorney’s office in New Jersey.
According to the report, Washington allegedly got the usernames and passwords of several NBA and NFL players and offered the information for sale.
On the other hand, Magrehbi, from Orlando, hacked into the Instagram and email accounts of an NFL player and extorted money from him by threatening to publish some of their private details as well as explicit photos if they don’t pay a certain amount.
The accused were scheduled to make court appearances yesterday in the respective states, as the report claimed they didn’t work together to perpetuate the scam.
Based on the complaint, Washington utilized a phishing scam, as he requested login information supposedly for a legitimate purpose. This gave him access to one of the NFL players in 2018 and he subsequently locked him out, denying the player access to the account.
After the authorities arrested Washington last year, he acknowledged that he had sold the login details to the players’ accounts for between $500 and $1,000 per login detail.
On the other hand, Magrehbi said he received $500 from one of the NFL players living in New Jersey to stop him from exposing the private information he saw in the player’s hacked social media account.
However, Magrehbi posted some explicit images to the player’s Instagram and Twitter accounts, promising to release more if the player doesn’t spend an additional $2,500. According to the complaint, both extortions came from a prepaid cellphone linked to Magrehbi.
There was a message left at the Florida court requesting attorney information for Magrehibi.
However, there was no information about Washington’s attorney from the Eastern District Court of Louisiana.
Conspiracy to commit computer fraud has a 5-year maximum sentence, while fraud conspiracy is punishable with 20 years maximum prison sentence if the accused gets convicted.
Other sports teams have suffered attacks recently
This is not the first time NFL or NBA players have been by hackers and fraudsters. Last year, a security analyst revealed that hackers infiltrated Atlanta Hawks shop, stealing credit card information and selling to the highest bidder on the darknet.
The hacking incident led many in the industry to believe there may be other hacking incidents going on that haven’t been discovered or exposed yet.
After the incident, the Atlanta Hawks tightened their security systems to prevent further compromise of their systems.
At the time the malware was discovered in the Atlanta Hawks merchandise website, the NBA team was the 12-th ranked team in the NBA Eastern Conference.
Lead forensic analyst at Sanguine Security, Willem de Groot, said the malware was initially spotted when it was stealing credit card numbers, names, and addresses from the team’s merchandise website.
The malware has been used by different hackers to perpetrate credit card scams. In the past few months, the malware has affected several companies, including Ticketmaster UK, British Airways, as well as NewEgg. Although it has been used to target popular online stores, the recent direction to stores owned by sports teams is something the sports industry is worried about.
That means, they are no longer safe, as hackers are seriously looking for vulnerability existing within these merchandise sites to plant malware and steal information.
Users should be more security conscious
The recent attack on NBA and NFL players by Washington and Magrehbi does not involve any use of a sophisticated hacking tool. Both of them used very common phishing techniques to get into the social media accounts of the victims and lock them out.
They succeeded because the victims probably did not use strong passwords and login details to protect their accounts. This incident and other recent incidents are the reasons why security researchers have warned against using poor passwords to protect their accounts. Users are also warned about the dangers of using a single password on multiple accounts because it makes the job of hackers easier for them.