Michigan Jail Hacker Sentenced To Seven Years In Prison

Hacker who tried to secure an early release for a friend will instead go to jail himself

A Michigan man has been sentenced to more than seven years in prison after hacking into prison computer systems and altering records.

Konrads Voits, 27, of Ypsilanti, pleaded guilty to targeting the Washtenaw County Jail with a social engineering campaign a year ago that resulted his successfully gaining access to the jail’s network.

Voits then modified the record of a friend who was serving time in the prison in an effort to have the individual released early.

The hack was unsuccessful, however, with the intrusion being detected immediately and the altered record restored.

FBI sting

County authorities contacted the FBI to investigate and Voits was arrested last summer. He entered a guilty plea in December.

Voits was sentenced to seven years and three months in prison, as well as being obliged to serve three years of supervised release and to pay $235,488 (£172,800) in restition to the county for costs related to investigating the hack and fixing the hacked systems.

Voits targeted the jail between January and March of last year, initially sending targeted phishing messages to jail staff that tried to lure them to a malicious website located at “ewashtenavv.org”.

The site appeared identical to the legitimate Washtenaw County website at ewashtenaw.org.

Social engineering

The phishing emails were unsuccessful, but Voits gained entry to the network after telephoning jail employees and posing as a member of the jail’s IT department.

He tricked staff into installing a fake update package, which contained malware that he then used to steal passwords, usernames, emails and other information on more than 1,600 county employees.

Voits then gained access to the XJail inmate management application and altered at least one record.

The technique Voits used is similar to the “technical support” scams that have surged in popularity over the past few months as a way for hackers to access individuals’ computers in order to steal bank details and other information.

Do you know all about security? Try our quiz!