DraftKing account hacks: 2 more suspects charged by DoJ

Feb 05 2024

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that reckons we should do a #Grammys for hackers and then ambush the winner and arrest him cough #KillerMIke cough ????????????

Today’s hottest cybersecurity news stories:

  • ???? DraftKing account hacks: 2 more suspects charged by DoJ

  • ???? Global Affairs Canada gets for 2nd time, shuts down systems ????

  • ???? Sensitive files stolen from Pentagon, ALPHV claims responsibility ????

2 more suspects Drafted by feds for charging ???? Checkmate! ♟️




???? Cybercrime Update: Arrests and Intricate Hacking Scheme Revealed! ????️‍♂️????

In a recent development, the U.S. Department of Justice has apprehended two individuals linked to the hacking of almost 68,000 DraftKings accounts during a November 2022 credential stuffing attack. ????????

After one month, DraftKings took swift action, refunding hundreds of thousands of dollars to 67,995 affected customers. Joseph Garrison, a third suspect, was charged in May 2023 and has recently pled guilty to conspiring to commit computer intrusion. His sentencing is scheduled for this Thursday. ⚖️????

The sophisticated attack exploited the vulnerability of users who reused login information across various platforms. Nathan Austad and Garrison utilised a list of credentials from previous breaches, selling access to DraftKings accounts and pocketing around $635,000 from approximately 1,600 compromised accounts. ????????

Garrison’s “Goat Shop” not only peddled DraftKings and FanDuel accounts but also breached Chick-fil-A accounts, raking in an astounding $2,135,150.09! ????????????

This cybercrime saga underscores the rising threat of credential stuffing attacks, as witnessed in breaches at FanDuel and Chick-fil-A.

It’s a stark reminder to remain vigilant, prioritise cybersecurity, and safeguard your passwords! ????????


Signup for Free


Learn AI in 5 minutes a day. We’ll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

Global Affairs: “Geez, not again, eh?” ????????????

???? Cybersecurity Alert: Canada’s Foreign Ministry Hit by Cyberattack Again! ????

For the second time in two years, Canada’s Foreign Ministry faces a cyberattack, leading to the shutdown of part of its computer systems. ????????

Global Affairs Canada revealed that remote access was sealed off on Jan. 24 due to the discovery of malicious cyber activity. Personal data, including that of employees, has been compromised.

While the ministry remains tight-lipped on specifics, cybersecurity expert David Shipley suggests a nation-state, possibly Russia or China, is behind the breach. ????????️‍♂️ The shutdown is a standard response to contain damage, and espionage is considered the primary motive.

Despite this setback, Global Affairs assures that on-site connectivity remains intact, with employees working remotely provided workarounds. The incident follows a previous disruption in early 2022, highlighting the constant targeting of Canada’s government systems.

As cyber threats rise globally, the December report from Canada’s Communications Security Establishment warns of increased cyberthreat activity targeting elections, with China and Russia leading the charge.

Vigilance is crucial as Canada gears up for its federal election in 2025. ???? #TrudeauOut ????

???? Catch of the Day!! ????????????

???? The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya ???? Let us tell who’s not fooling around though; that’s the Crüe ???? at Motley Fool. You’d be a fool (alright, enough already! ????) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ???? Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ???? (LINK)

???? Wander: Find your happy place. Cue Happy Gilmore flashback ????️⛳????????️ Mmmm Happy Place… ???? So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ????️???? (LINK)

???? Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ???????? (Great movie, to be fair ????). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty ????). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho ???? And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ???? (LINK)

Johnson, where are those files? They’re Pentagone ????

???? Critical Cybersecurity Alert: Potential Military Data Breach Unveiled! ????????

The Department of Defense is urgently probing claims by the ransomware group ALPHV (aka BlackCat) of a significant data breach involving sensitive U.S. military documents. ALPHV declared on Tuesday that it successfully infiltrated Virginia-based IT services company Technica, stealing a whopping 300 gigabytes of data. ????????

Technica, a federal government collaborator, remains silent, failing to respond to inquiries regarding the breach. ALPHV alleges access to the Defense Counterintelligence and Security Agency’s data, exposing names, social security numbers, clearance levels, and work details of numerous individuals.

Screenshots include billing invoices and contracts with entities like the FBI and U.S. Air Force, with a stark warning that data may be sold or made public unless Technica complies.

The Defense Department is collaborating with law enforcement, yet specific details are scarce. Ransomware researcher Allan Liska emphasises the severity of the breach, noting the sensitive nature of the exposed data.

ALPHV, ranking as the world’s second-most prolific ransomware operation, maintains its active status despite recent attempts to seize its infrastructure.

Stay vigilant and prioritise cybersecurity! ????????️

????️ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Wealthy Primate: Want to earn over $100k a year in IT or cybersecurity? 20 year veteran ‘Wealthy Primate’ might be able to help you climb that tree ???????? with his stick and banana approach ????????

  • Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles