The cybercriminal who created a shell corporation in Gibraltar accepts two-year prison sentence

The US citizen who hacked in 2019 the computer system of the Roquetas de Mar city council and stole almost 700,000 euros of the salaries of their employees has accepted a sentence of two years in prison and eight months of fine, of six euros a day.

The hacker has shown conformity with the penalties interested by the Prosecutor’s Office, which initially requested six years in prison as the author of a crime of computer fraud in medial competition with a crime of access to other’s computer system. The court has agreed to suspend the serving of the prison sentence on condition that he does not commit a crime for a period of four years.

The arrested man took great security measures to avoid detection made a shell corporation registered in Gibraltar and headquartered in the United Kingdom, with a bank account in Germany, where he fraudulently received funds through the network.

The accused is located in the United Kingdom and Latvia was arrested in Poland in 2023 and, according to the prosecutor’s office, he “may have taken advantage of a security hole” in the computer system of the Roquetero town hall.

On the morning of June 25, 2019, the accused “used” his knowledge hacking and “lack of authorization”, allegedly managed to enter the files of accounting data hosted on the server “where the respective amounts enrollment of municipal corporation employees”.

He further adds that he also accessed “relevant numbers” bank accounts where the transfer was to be made for the payment of the monthly payment”, so this was done with documents that were sent to the financial institutions so that they could make the payment city council fund and that they were executed “automatically.”

The Prosecutor’s Office specifies that, with the aim of obtaining “illegal” economic benefits, the accused “modified the bank account numbers” of 428 employees and “replaced” them with an account he owned in a German bank “and where the total 696.894,09 euros.

The document indicates that, although the transfer of all funds was “executed” and the payroll amount was “credited to the account” of the alleged hacker, "preventive blocking measures could be adopted that allowed the recovery of all of the defrauded money".