Hacker Pleads Guilty To Cyber 'Sextortion' - InformationWeek
Government // Cybersecurity
11:49 AM
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Hacker Pleads Guilty To Cyber 'Sextortion'

California man faces up to six years in jail for charges related to stealing 230 women's online identities to access information from their email and Facebook accounts.

A California man on Thursday pleaded guilty to hacking into more than 230 women's email accounts, and using the information he stole to commit online "sextortion" attacks and identity theft.

George Samuel Bronk, 23, of Citrus Heights now faces up to six years in jail after entering guilty pleas to seven felonies in charges such as computer intrusion, false impersonation, and possession of child pornography, according to the state attorney general's office which prosecuted the case in the Sacramento Superior Court. Bronk, who will have to register as a sex offender, will return to court on March 10 for further proceedings relating to his sentence, according to the attorney general's office.

"This case highlights the fact that anyone with an e-mail account is vulnerable to identity theft," said attorney general Kamala Harris, in a statement."One of the major goals of my office is to track down and prosecute every criminal who would stoop to stealing people's identities."

Bronk was arrested in October and had been held on $500,000 bail.

Between December 2009 and September 2010, Bronk hacked into email accounts and Facebook pages of users in 17 states and England by finding answers to the women's email questions in information they had posted on their Facebook sites. He targeted victims by scanning the popular social networking site for women who publicly posted their email addresses online, then contacted the women's email service providers and, while pretending to be the authorized user, claimed to have forgotten the password.

Bronk could correctly answer security questions by locating answers on the women's Facebook pages. Once he gained access, Bronk changed the password and locked out the victim, then searched the sent email for nude or semi-nude photographs and videos, which he often sent to the woman's entire address book list. Often, Bronk gained access to victims' Facebook accounts using the same password-change ploy, then posted the photographs to victims' Facebook pages and other sites, and commented on their friends' sites.

"For example, the hacker attached a pornographic picture of one victim in an e-mail and demanded sexually explicit video of her in return for not telling her parents about the pictures he had downloaded from her computer," said FBI special agent Tanith Rogers, one of the investigators, in November, when the FBI actively sought other victims.

The investigation began when a victim contacted the Connecticut State Police, which reached out to the California Highway Patrol (CHP) because of Bronk's apparent residence in the state. In September, California investigators found more than 170 files containing explicit photographs of women, and went on to email 3,200 questionnaires to potential victims after using location-tagging information embedded on the photographs within the hard drive to help identify the women. The FBI also urged potential victims to come forward.

Forty-six women responded, including one who described Bronk's actions as "virtual rape," said Harris.

The Sacramento Valley Hi-Tech Crimes task force, the CHP, and the Connecticut State Police joined the attorney general's office to investigate this case. Law enforcement agencies encouraged users to regularly change passwords, switch their security questions, and add numbers or special characters to increase security.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll