It’s only a month since 19-year-old Elliott Gunton, who had previously been convicted for his role in the infamous data breach of the UK telecoms firm TalkTalk, was hit with a 20 month prison sentence for stealing personal data and selling his hacking services.
Unfortunately for Gunton, his problems haven’t ended there.
As BBC News reports, Gunton is now facing charges from US authorities that he was involved in the December 2017 breach of Chicago-based cryptocurrency exchange EtherDelta.
Court documents allege that Gunton gained control of an email account belonging to an EtherDelta employee – likely to be EtherDelta’s founder Zachary Coburn.
With information stolen from the account, hackers are alleged to have meddled with EtherDelta’s DNS records was able to redirect customers to a fake version of cryptocurrency exchange’s site to steal investors’ account credentials and private keys.
It is alleged that one EtherDelta customer lost approximately US $800,000 as a result.
Norwich-based Gunton – who went by the online handle of “Glubz” – is jointly charged by the US authorities with Anthony Tyler Nashatka, a resident of New York.
After Gunton received a 20 month prison sentence at Norwich Crown Court last month he was immediately released due to having already served his sentence while on remand.
However, things don’t look quite so cosy for Gunton when it comes to these new US charges, which could potentially result in a 20-year sentence if he is found guilty.
More details on how the EtherDelta hack is alleged to have been carried out – and how the employee’s two-step verification was waltzed around – can be found in this article on ZDNet. It’s well worth a read.
As a side note, EtherDelta’s Zachary Coburn was charged by the SEC in November 2018 with “running an unregistered securities exchange.”
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.