Ex-Ubiquiti worker pleads guilty to data theft, extortion, and smear plot

A former software engineer at Ubiquiti Networks has pleaded guilty to stealing gigabytes of data from the firm, attempting to extort millions of dollars, and damaging the company's reputation in the media.

37-year-old Nickolas Sharp, of Portland, Oregon, who worked in Ubiquiti's cloud division, exploited his privileged access to the company's AWS servers and GitHub repositories in order to download gigabytes of confidential information.

Thinking he had covered his tracks by using a SurfShark VPN account to hide his home IP address while exfiltrating data in the dead of the night, a temporary outage caused his real IP address to be logged.

As we previously reported, Sharp then posed as an anonymous hacker, demanding US $2 million for the data's safe return and details of the vulnerability he claimed to have exploited.

When Ubiquiti refused to pay the ransom,  Sharp published some of the stolen files online.

Sharp's home was searched by the FBI, and he told the authorities that someone else must have used his PayPal account to purchase the SurfShark VPN account.

Several days after being questioned by the FBI, Sharp made the extraordinary decision to contact technology journalists pretending to be a whistleblower within the company.  The resulting media stories of security issues at Ubiquiti caused the business's share price to fall 20% - a loss in market capitalisation of over US $4 billion.

Sharp, has now pled guilty to charges of wire fraud, making false statements to the FBI, and transmitting a program to a protected computer that intentionally caused damage.  He faces a total maximum of 35 years in prison, and is scheduled to be sentenced on May 10, 2023.