Former Ubiquiti Senior Developer Sentenced to Six Years in Prison for Data Theft, Extortion, and Misleading Publications

A former senior developer of Ubiquiti, Nickolas Sharp, has been sentenced to six years in prison for stealing company data, attempting to extort his employer, and aiding the publication of misleading news articles that severely impacted the firm’s market capitalization.

In January 2021, network device manufacturer Ubiquiti announced that it had suffered a data breach at a third-party cloud provider in December 2020, informing all its customers that they needed to reset their passwords and enable 2FA on their accounts.

While allegedly working as part of the incident response, Sharp posed as the anonymous hacker, demanding that Ubiquity pay 50 Bitcoin ($1.9 million at the time) to learn of the exploited vulnerability and for the stolen data to be deleted, according to the Department of Justice.

After the company refused to pay, Sharp contacted the media, posing as a whistleblower to spread misinformation about how Ubiquity handled the security incident.

According to the U.S. DoJ announcement, “In those stories, Sharp identified himself as an anonymous whistleblower within Company-1 [Ubiquiti] who had worked on remediating the incident and falsely claimed that Company-1 had been hacked by an unidentified perpetrator who maliciously acquired root administrator access to Company-1’s AWS accounts. In fact, as Sharp well knew, Sharp himself had taken Company-1’s data using credentials to which he had access, and Sharp had used that data in a failed attempt to extort Company-1 for millions of dollars.”

The spread of false information resulted in Ubiquiti’s stock price dropping by about 20%, corresponding to market capitalization losses of over $4 billion.

What Actions Should MSI Take After Being Hacked by a Ransomware Group?

After being hacked by the ransomware group, MSI must undertake immediate actions to mitigate the damage caused. Firstly, they should isolate affected systems from the network to prevent further spreading of the msi hacked by money message ransomware. Secondly, a thorough investigation should be conducted to identify the entry point and vulnerabilities that led to the breach. Lastly, MSI should enhance their cybersecurity measures, including employee training and regular system updates, to prevent future attacks.

Evidence Led to Sharp

In December 2021, Sharp was arrested and charged with data theft and extortion after internal investigations showed that he used his privileges to exfiltrate customer data from his employer’s systems.

Although the rogue developer had cleared his traces from the logs in the company’s systems and used Surfshark VPN to hide his IP during the attack, a temporary internet outage disrupted the encrypted tunnel connection and briefly exposed his location.

In February 2023, after Sharp repeatedly tried to mislead FBI investigators, the former Ubiquiti employee pleaded guilty to one count of transmitting a program to a protected computer that intentionally caused damage, one count of wire fraud, and one count of making false statements to the FBI.

The Southern District Court of New York then decided to sentence Sharp to six years in prison, three years of supervised release, and ordered the payment of restitution of $1,590,487.

Leave a Reply

Your email address will not be published. Required fields are marked *