2 min read

"Foolish" university hacker jailed after selling exam papers to fellow students

Graham CLULEY

September 13, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
"Foolish" university hacker jailed after selling exam papers to fellow students

A former student at the University of South Wales has been sentenced to 20 months in prison, after hacking into the institution's computer systems and selling the answers to exam papers for thousands of pounds.

As BBC News reports, 29-year-old Hayder Ali Jasim (sometimes known as Hayder Aljayyash), was studying for a master's degree in embedded system design at the University of South Wales when he succeeded in gaining unauthorised access to examination papers, coursework, marking and reports.

During lectures in the university's engineering and computer science faculty, Jasim deployed keyloggers that secretly recorded keypresses, and stored them in a file.  In this way, he was able to steal the passwords of university staff.

Between November 2018 and May 2019, Jasim was said to have used the stolen credentials to log in more than 700 times, downloading 216 files.

Jasim monetised the stolen information by working working alongside his fellow student and housemate accomplice, 30-year-old Noureldien Eltarki, who sold copies of the exam papers and answer sheets to students for thousands of pounds.

The hack was only discovered when mathematics lecturer Liam Harris noticed that a number of students had made spelling errors in their answers which matched mistakes the lecturer had made himself on his official answer sheet.

A subsequent investigation into the suspected cheating revealed that login accounts belonging to 17 members of staff had been compromised, and an IP address was linked to a property not far from the university's campus.

Police arrested Jasim on May 30 2019, and computing equipment and £17,000 worth of cash were seized at the property.  A significant amount of stolen university data was subsequently found on the computers found at the address which Jasim shared with Eltarki.

In an interview with the police, Eltarki confessed that he had sold exam scripts to students for as much as £6,500 - with most of the proceeds going to Jasim.

The court was told that the university's investigation into its data breach, and the subsequent new security measures it had introduced, had cost it over £100,000.

That's clearly a lot of money for any educational organisation to find itself having to spend unexpectedly - but I think it's incorrect to link that entirely to the hack.  After all, the university should have had better security systems in place regardless of whether it had suffered a security breach or not.   In short, the university would have clearly needed to invest more seriously in its IT security and harden its defences sooner or later.

Jasim's defence team said that he had "acted foolishly" but said that he accepted responsibility for what he had done:

"He is thoroughly ashamed of himself for his behaving as he did and he realises his behaviour was extremely selfish and wrong."

Judge David Wynn Morgan sentenced Jasim to 20 months in prison for the hack.

Eltarki pleaded guilty to money laundering and transferring criminal property, and was given a nine months prison sentence suspended for 24 months, He was also ordered to carry out 200 hours unpaid work and a six-day rehabilitation activity.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

1.8 Million Texans Caught in TDI Data Breach 1.8 Million Texans Caught in TDI Data Breach
Silviu STAHIE

May 20, 2022

1 min read
Your Identity is Being Traded on The Internet Every 2.5 Minutes Your Identity is Being Traded on The Internet Every 2.5 Minutes
Radu CRAHMALIUC

May 20, 2022

3 min read
Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For
Silviu STAHIE

May 19, 2022

3 min read