2 min read

"Foolish" university hacker jailed after selling exam papers to fellow students

Graham CLULEY

September 13, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
"Foolish" university hacker jailed after selling exam papers to fellow students

A former student at the University of South Wales has been sentenced to 20 months in prison, after hacking into the institution's computer systems and selling the answers to exam papers for thousands of pounds.

As BBC News reports, 29-year-old Hayder Ali Jasim (sometimes known as Hayder Aljayyash), was studying for a master's degree in embedded system design at the University of South Wales when he succeeded in gaining unauthorised access to examination papers, coursework, marking and reports.

During lectures in the university's engineering and computer science faculty, Jasim deployed keyloggers that secretly recorded keypresses, and stored them in a file.  In this way, he was able to steal the passwords of university staff.

Between November 2018 and May 2019, Jasim was said to have used the stolen credentials to log in more than 700 times, downloading 216 files.

Jasim monetised the stolen information by working working alongside his fellow student and housemate accomplice, 30-year-old Noureldien Eltarki, who sold copies of the exam papers and answer sheets to students for thousands of pounds.

The hack was only discovered when mathematics lecturer Liam Harris noticed that a number of students had made spelling errors in their answers which matched mistakes the lecturer had made himself on his official answer sheet.

A subsequent investigation into the suspected cheating revealed that login accounts belonging to 17 members of staff had been compromised, and an IP address was linked to a property not far from the university's campus.

Police arrested Jasim on May 30 2019, and computing equipment and £17,000 worth of cash were seized at the property.  A significant amount of stolen university data was subsequently found on the computers found at the address which Jasim shared with Eltarki.

In an interview with the police, Eltarki confessed that he had sold exam scripts to students for as much as £6,500 - with most of the proceeds going to Jasim.

The court was told that the university's investigation into its data breach, and the subsequent new security measures it had introduced, had cost it over £100,000.

That's clearly a lot of money for any educational organisation to find itself having to spend unexpectedly - but I think it's incorrect to link that entirely to the hack.  After all, the university should have had better security systems in place regardless of whether it had suffered a security breach or not.   In short, the university would have clearly needed to invest more seriously in its IT security and harden its defences sooner or later.

Jasim's defence team said that he had "acted foolishly" but said that he accepted responsibility for what he had done:

"He is thoroughly ashamed of himself for his behaving as he did and he realises his behaviour was extremely selfish and wrong."

Judge David Wynn Morgan sentenced Jasim to 20 months in prison for the hack.

Eltarki pleaded guilty to money laundering and transferring criminal property, and was given a nine months prison sentence suspended for 24 months, He was also ordered to carry out 200 hours unpaid work and a six-day rehabilitation activity.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find
Silviu STAHIE

November 29, 2022

1 min read
Apple Users Report Seeing Other People's Photos When Using iCloud for Windows Apple Users Report Seeing Other People's Photos When Using iCloud for Windows
Silviu STAHIE

November 25, 2022

1 min read
How SIM Swapping Attacks Work and How to Protect Yourself How SIM Swapping Attacks Work and How to Protect Yourself
Filip TRUȚĂ

November 25, 2022

3 min read