ShinyHunters member gets three years for hacking spree

Sebastien Raoult and accomplices were responsible for $6 million+ in financial damage

ShinyHunters member gets three years for hacking spree

Seattle's US District Court has sentenced 22-year-old Sebastien Raoult to three years in prison for his role in a massive hacking campaign targeting over 60 companies.

Raoult, aka Sezyo Kaizen, played a crucial role in developing fake websites for the ShinyHunters group. He was ordered to return $5 million in criminal proceeds, reflecting the severity of the financial losses and personal damage caused by the hacking spree.

Extradited from Morocco in January 2023, Raoult pled guilty in September 2023 to charges of conspiracy to commit wire fraud and aggravated identity theft.

Between April 2020 and July 2021, Raoult and his accomplices executed a sophisticated operation that resulted in financial damages exceeding $6 million.

Raoult's primary responsibility within ShinyHunters was creating counterfeit login pages for major brands. The group used these phishing websites to trick employees into entering their credentials.

The hackers would infiltrate victims' accounts to steal sensitive personal and financial data, which was then sold on dark web marketplaces and cybercrime forums.

In some instances the group demanded ransom payments from the data owners, threatening to expose the information on platforms such as RaidForums, EmpireMarket and Exploit.

Operating for more than two years, ShinyHunters, with Raoult at the helm, breached over 60 companies, including high-profile incidents involving AT&T Wireless and Microsoft.

In several instances, the group publicly exposed sensitive data to inflict reputational as well as financial damage on the victim firms.

The severity of Raoult's actions was underscored by criminal chief Sarah Vogel of the Western District of Washington, who said that his motive was "pure greed." She noted that he not only sold hacked data but also stole cryptocurrency and marketed his hacking tools for additional profit.

The sentencing, handed down by US district judge Robert S. Lasnik, consists of 12 months for conspiracy to commit wire fraud and 24 months for aggravated identity theft.

In court Raoult said he understood the gravity of his crimes and vowed to abandon cybercrime.

"I understand my mistakes, and I want to put that part behind me. No more hacking. I don't want to disappoint my family again," he said.

Raoult's three-year sentence includes credit for time served in detention in Morocco and the US, potentially allowing him supervised release in about ten months.

Judge Lasnik said he believed Raoult's understood the consequences of his actions, but urged vigilance from his family and friends to prevent a return to criminal conduct upon his return to France.

The indictment also includes Gabriel Kimiaie-Asadi Bildstein and Abdel-Hakim El Ahmadi, both of French nationality, who have yet to be sentenced in connection to their involvement with ShinyHunters.