Authorities have sentenced a 30-year-old man from Bendigo for hacking and financial phishing offences, along with coordinated phone-based attacks against multiple Victoria Police stations and sending out abusive phone messages.
Facing a total of 10 charges, the man was arrested by the Australian Federal Police (AFP) in June 2019 and was sentenced in the Melbourne County Court on 11 November this year to 307 days, which he has already served and was subsequently released on a recognizance release order.
He also received a three-year community corrections order and 300 hours of community service.
The charges come after the man undertook a hacking and phishing campaign from November 2017 to June 2019 to make large scale fraudulent purchases.
An investigation found the man used a number of pseudonyms and subscribed to mobile phone services, email address and drop addresses to collect and distribute fraudulently purchased items. In all, 2,500 credentials were obtained, which included names and credit card details.
However. chief among the charges were the phone-based attacks, which occurred between 14 October and 18 October 2018 and involved approximately 10,984 phone calls diverted to multiple police stations in the state.
This prevented the police calling between stations, as well as cutting off calls between members of the public and the stations.
AFP Southern Command acting commander of investigations Raegan Stewart said the outcome of the investigation was made possible through collaboration with Victoria Police.
“It is pure luck that this man’s offending didn’t result in fatal consequences by impacting Victoria Police telecommunications infrastructure,” he said.
“These are the real-world impacts of cyber crimes that are often unseen: the critical resources targeted or the thousands of unknowing victims who have their personal details compromised and caught up in scams.”
The man also set up a system where people were sent a text urging them to call to help with an emergency. When the return call was returned, the system played pre-recorded abuse and threats.
Then, the victim and other people that responded to the text were bridged together and had additional pre-recorded abused messages played, which led to individuals abusing and threatening one another in what the AFP called a case of mistaken identity.
Last month, the Supreme Court of NSW ordered a Sydney-based hacker to forfeit close to $1.7 million cryptocurrency and cash to the federal government following an investigation involving Australian and US law enforcement officials.