Teenage GhostMarket Founder Jailed For Five Years

A teenager from Hampshire who ran a massive online cyber crime forum has been sentenced to five years in prison, after he was found guilty of computer misuse and fraud offences at London’s Southwark Crown Court.

Nineteen-year-old Nicholas Webber is the founder GhostMarket.net, an online forum with 8,000 members that offered credit card data, phishing kits, crime manuals and hacking software, as well as instructions on how to manufacture crystal meth and explosives. Police estimate that losses from the thousands of credit details traded over the site amount to £16.2 million.

Teenage crime ring

Webber (pictured) was arrested in October 2009 along with the site’s administrator Ryan Thomas, after they tried to pay a £1,000 hotel bill using stolen card details. Both later pleaded guilty to their roles in running the site. Thomas has also been sentenced to four years in prison.

“These defendants were accomplished cyber criminals, engaged in the systematic mass infection of computers in homes and businesses in the UK and overseas,” said Detective Inspector Colin Wetherill from the Police Central e-Crime Unit (PceU). “The arrest, prosecution and conviction of these individuals represents a significant step forward in our efforts to tackle cyber crime and reduce the harm it causes.”

Two unemployed 21-year-olds, Gary Paul Kelly and Shakira Ricardo, have also been sentenced to time in jail for their involvement in GhostMarket.net.

Kelly was reportedly responsible for constructing and distributing a variant of the Zeus information-stealing Trojan, with which he infected and compromised over 15,000 computers in over 150 countries, harvesting from them over four million lines of data. Detectives were able to rebuild the GhostMarket forum and its database using files from his PC.

A fifth person, Samantha Worley, was sentenced to community service for acquiring criminal property back in December.

Social networking for criminals

The rebuilt forum and its database revealed many thousands of data entries revealing individuals’ personal details including names, dates of birth, bank details, passwords, PayPal accounts and social security numbers. Members of the site communicated anonymously by the use of screen nicknames.

In passing sentence, Judge John Price acknowledged the youth of all the defendants. “You are all very young people, and I take that very much into account,” he said. “Were you very much older, your sentences would have to be much longer.”

It seems that young people are increasingly being targeted in the police’s war on cyber crime. In March 2010, the Crown Prosecution Service was forced to drop its charges against a teenage boy who had been charged with illegally distributing copyrighted material. Matthew Wyatt was only 17 when he was arrested by Cleveland Police, after sharing three albums and one single on popular BitTorrent file-sharing website Oink.

Meanwhile, 19-year-old Oliver Drage was sent to prison last year for refusing to reveal to the police the password that secured his computer. He was convicted for failing to disclose an encryption key – an offence covered by the Regulation of Investigatory Powers Act (RIPA) 2000. Drage was sentenced to 16 weeks in a Young Offenders institution.

In October, Metropolitan Police commissioner Paul Stephenson wrote an article for the Sunday Telegraph, about the worrying lack of resources at the PceU, and admitted that it is only able to deal with a tenth of the known criminals that regularly use computers for illegal purposes.