When I think of a teen hacker, Matthew Broderick\u2019s role of Ferris Bueller or David Lightman in WarGames<\/em> often come to mind. But modern teens aren\u2019t just hacking schools to change their grades. Nowadays, they\u2019re committing crypto fraud schemes, seeking out vulnerabilities to exploit, or they\u2019re trying to make the world a better place. It all just depends on which color hat they like to wear.<\/p>\n\n\n\n Basically, teens and stereotypical hackers go together like plaid and lumberjacks or hipsters and manbuns. As a generation that\u2019s grown up as tech natives, it\u2019s not surprising that they\u2019re able to figure out new ways to game systems and take advantages of cybersecurity weaknesses. Sometimes, their efforts are beneficial (such as those who seek out bug bounties). But other times, they\u2019re extremely harmful to their targets (and others who are affected by their actions).<\/p>\n\n\n\n Individuals, schools, businesses, and other organizations have been the targets of cyber attacks and DDoS attacks<\/a> in recent months that have been carried out by teenage hackers. Now, I\u2019m not talking about minor hacks \u2014 I\u2019m talking about several sophisticated cyber attacks that have impacted thousands of people and resulted in millions of dollars in indirect and direct losses. <\/p>\n\n\n\n Let\u2019s get right to the topic of teen hacker news. We’ll cover some of the top attacks by teen hackers and talk about the impacts they\u2019ve had businesses and individuals in the U.S. and around the world. After that, we\u2019ll talk about what happens to teen hackers when they get caught.<\/p>\n\n\n\n Let\u2019s hash it out.<\/span><\/p>\n\n\n<\/span><\/span>\n\n\n Up first on our list of teen hacker news… Unless you\u2019ve been living under a rock, you\u2019ve likely heard about July 15 hack of Twitter<\/a>. The social engineering attack resulted in the hijacking of 130 accounts \u2014 some of which included high-profile targets like former President Barack Obama, Apple, Elon Musk, Bill Gates, and Joe Biden. KrebsOnSecurity reports<\/a> that that \u201cthe bitcoin accounts associated with the scam received more than 400 transfers totaling more than $100,000.\u201d<\/p>\n\n\n\n On July 31, the FBI announced that they\u2019d charged three individuals<\/a> for their roles in the attack, including:<\/p>\n\n\n\n However, last week, the CoinTelegraph reported<\/a> that Clark may not have been the only juvenile involved in the attack. A report by The New York Times<\/a> says that an unnamed 16-year-old in Massachusetts also may have played a \u201csignificant role\u201d in the attack. With a search warrant in hand, authorities searched the home that the teen shares with his parents.<\/p>\n\n\n\n According to the Times<\/em>:<\/p>\n\n\n\n \u201cNow authorities have homed in on another person who appears to have played an equal, if not more significant, role in <\/em>the July 15 attack<\/a>, according to four people involved in the investigation who declined to be identified because the inquiry was ongoing. They said the person was at least partly responsible for planning the breach and carrying out some of its most sensitive and complicated elements.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n This next incident brings us to good ol\u2019 Florida, where a 16-year-old teen hacker named David Oliveros was arrested for a series of cyber attacks against Miami-Dade County Public Schools (MDCPS). The attacks, which took place during the first week of school (starting Aug. 31), resulted in a series of network outages that affected the web systems that support the remote learning program My School Online.<\/p>\n\n\n\n MDCPS<\/a> shared the following in an official statement on Sept. 3:<\/p>\n\n\n\n \u201cMiami-Dade County Public Schools (M-DCPS) has been the target of more than a dozen of these types of attacks since the 2020-2021 school year began. Detectives are continuing their investigation to determine whether additional individuals are responsible for the attacks.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n According to a report by NBC Miami 6<\/a>, investigators were able to trace multiple attacks back to an IP address at the teen\u2019s home. The teenager, who is a junior at South Miami Senior High School, has now been arrested and charged with a third-degree felony and a second-degree misdemeanor.<\/p>\n\n\n\n This teen hacker is thought to be responsible for at least eight of the attacks against the school system. However, it appears that there may have also been attacks on the school district that originated overseas, such as in China, Russia, and Ukraine.<\/p>\n\n\n\n Just as a quick note:<\/strong> The school district still appears to have some improvements left to make in terms of upping their cybersecurity. For example, their official website doesn\u2019t appear to be using an SSL\/TLS certificate installed to help secure their information. Surely, they can be doing more to help secure their site, particularly in light of these recent cyber attacks\u2026 <\/p>\n\n\n\n An unnamed 16-year-old from Madrid, Spain, was arrested on April 3 for carrying out numerous hacks against Spanish and international public and private organizations. According to Europepress<\/a>, the attacks, which date back to as early as late 2019, resulted in a variety of service downtimes, as well as the theft of personal information and medical data.<\/p>\n\n\n\n Some of the stolen personal data includes the medical information of Spanish politician Santiago Abascal. El Pais reports<\/a> that the hacker shared this medical information via Instagram and Twitter. The hacker was captured in the midst of carrying out an attack against a prominent parcel company. He claimed that he wasn\u2019t trying to \u201cdo evil,\u201d and the National Police are trying to figure out whether the teen profited financially from his crimes in any way. <\/p>\n\n\n\n Several of the cyber attacks targeted the applications of organizations and businesses that provide services relating to healthcare, education, logistics and transportation, and telecommunication (among others). La Guardia<\/em> reports<\/a> that one attack against a leading video streaming service provider involved the creation of 141,000 fraudulent accounts using stolen payment cards. This cost the target company losses of about \u20ac450,000 (approximately the equivalent of $530,535 in U.S. dollars).<\/p>\n\n\n\n TeleMadrid<\/a> reports that the teen, who sought out fame for his achievements, gave gifts \u2014 like free access to the video streaming service \u2014 to his social media followers. <\/p>\n\n\n\n Although these are relatively minor compared to some of the other attacks mentioned above (and ones we\u2019ll get to shortly), there were still some cyber attacks in January that affected small businesses, individuals and institutions around the U.S.<\/p>\n\n\n\n Tensions mounted in 2019 due to military-related conflicts and soared with the death of Iranian General Qassem Soleimani in January 2020. As a result, The Verge reports<\/a> that the unpatched websites for these entities were hijacked and defaced by pro-Iranian messages and images. Many of the responsible parties were thought to be teen hackers who are part to be hacktivists and part of larger hacker groups.<\/p>\n\n\n\n There are several cases going through the court systems in the U.S. and abroad this year for crimes that were committed in previous years. From a motivation perspective, the different cases span the gamut. We\u2019ll cover several of these cases starting with the most recent as we continue our list of teen hacker news.<\/p>\n\n\n\n Cameron Charles Brush, an 18-year-old from Mohave Valley, Arizona faced potentially 35 charges \u2014 25 from a 2020 case and 10 from a 2019 case \u2014 relating to the sexual exploitation of minors and computer tampering. The crimes were committed<\/a> between April and September 2019.<\/p>\n\n\n\n Brush was 17 when he hacked the social accounts of multiple minors to steal thousands of images, including sexually explicit ones. Infosecurity Magazine reports<\/a> that Brush blackmailed his victims, stating that he\u2019d send the photos to their families and friends if they didn\u2019t send him new lewd videos and images. Investigators found more than 4,000 images of child pornography on devices in his home.<\/p>\n\n\n\n The Mohave Daily News reports<\/a>:<\/p>\n\n\n\n \u201cBrush is charged in a 2020 case with 25 counts including sexual exploitation of a minor, sexual extortion, computer tampering and attempted sexual exploitation of a minor. Those incidents allegedly occurred between April and September 2019.<\/em><\/p>\n\n\n\n Brush also is charged in another 2019 case with 10 counts of sexual exploitation of a minor for allegedly hacking a girl\u2019s computer and possessing child pornography.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n He initially faced a maximum of around 600 years of prison time for all of the charges in the two cases. However, a June 2020 article by the Mohave Daily News<\/a> shows that the judge sentenced Brush to a maximum of 15 years in prison and supervised probation for the rest of his life.<\/p>\n\n\n\n Losses from cryptocurrency-related thefts, hacks and fraud totaled $4.5 billion in 2019 alone, making it the highest year on record according to CipherTrace<\/a>. This year, there were $1.4 billion in such losses reported between January and May 2020. <\/p>\n\n\n\n Joel Ortiz, Nick Truglia, and Ellis Pinsky \u2014 those are the names of three teenagers who were arrested or sentenced for crimes related to stealing cryptocurrency and carrying out SIM-swapping attacks<\/a> during their teens. All of these individuals were living large prior to their capture \u2014 they\u2019d flaunt their riches with expensive clothes, apartments and AirB&B rentals, cars, watches, and parties.<\/p>\n\n\n\n Nothing screams excess like pouring pricey champagne over very expensive watches<\/a> (as shown in an embedded via in this article by Brian Krebs) while partying at a night club.<\/p>\n\n\n\n Of course, there are other teen hackers that have been cashing in on SIM swapping \u2014 like Xzavyer Narvaez<\/a> (one of the owners of the aforementioned watches) and Samy Bensaci<\/a> \u2014 but we figure it\u2019s best to limit ourselves to talking about just a few of them.<\/p>\n\n\n\n SIM swap attacks involve using victims\u2019 personally identifying information (PII) to illegally port their phone numbers to unauthorized devices. This gives the attackers access to the victims\u2019 email accounts, social accounts, digital wallets, and cryptocurrency accounts.<\/p>\n\n\n\n SIM swappers typically do this by either tricking mobile phone providers\u2019 employees into performing the transfer or having insiders who work for those mobile companies<\/a> that they pay or threaten to assist them. These attacks can be utterly devastating for the victims who may lose thousands or millions of dollars within a matter of minutes.<\/p>\n\n\n\n So, just who are these guys? Let\u2019s get to know a bit more about these three teen hackers\u2026<\/p>\n\n\n\n Joel Ortiz, who was arrested in July 2018 at the age of 20, was convicted of stealing an excess of $7.5 million in cryptocurrencies from at least 40 victims. Ortiz, who was a valedictorian<\/a> of Boston Public Schools and a student at UMass, was a prolific SIM-swapper. He\u2019s thought to be the first SIM swapper to get convicted of using cell phone hacking to steal digital money, according to San Jose Ins<\/a>i<\/a>der<\/a>.<\/p>\n\n\n\n The County of Santa Clara District Attorney<\/a> describes Ortiz as \u201ca prolific SIM swapper who targeted victims to steal cryptocurrency and to take over social media accounts with the goal of selling them for Bitcoin.\u201d The DA office also reports that Ortiz was sentenced to 10 years in prison in April 2019 after pleading no contest to 10 felony theft charges in January 2019.<\/p>\n\n\n\n Nick Truglia, who was arrested in November 2018, was sentenced to 10 years for SIM swapping after porting the accounts of multiple victims, including Robert Ross. In the attack on Ross, Truglia stole $1 million<\/a> \u2014 the victim\u2019s life savings and also the funds he had for his daughters\u2019 college educations. <\/p>\n\n\n\n Truglia was 18 when he SIM-swapped the device of blockchain investor Michael Terpin. This crime along resulted in the theft of nearly $24 million ($23.8 million) in cryptocurrency. Truglia also had an associate that he worked with \u2014 another teenager named Ellis Pinsky \u2014 and they worked together to carry off their SIM-swapping attacks and crypto heists. Medium reports<\/a> the following about Truglia and his collaboration with Pinsky:<\/p>\n\n\n\n \u201cFinding vulnerable people and sim cards were his specialty. He would get the victim\u2019s passcodes and then procure a blank sim card before handing everything over to Pinsky.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n Truglia, who was busted for his participation in another crime, was sentenced to pay $75 million to Terpin for his crime. He\u2019s also been sentenced to serve 10 years behind bars for his crimes.<\/p>\n\n\n\n Ellis Pinsky is a computer hacker who allegedly has engaged in different types of cybercrimes \u2014 everything from stealing and selling social media handles to SIM swapping. Pinsky, now 18, is being sued by Terpin as well for $71.4 million. Terpin claims that Pinsky and Truglia worked together to steal the nearly $24 million in cryptocurrency from him when the teen was 15 years old.<\/p>\n\n\n\n Terpin also is suing AT&T for $224 million since he\u2019s had two SIM swap attacks occur on their watch. According to a GlobalNewswire release<\/a> on the case: \u201cThe evidence will show that AT&T not once, but twice allowed hackers posing as Michael to obtain his SIM card.\u201d <\/p>\n\n\n\n In addition to his cybercriminal activities, the New York Post<\/a> reports that a 16-year-old accomplice who helped Pinsky launder Terpin\u2019s money claims that Pinsky threatened to kill him or his mother. The 16-year-old also says that Pinsky claimed to have $100 million and that \u201cI could buy you and your family,\u201d according to the Cointelegraph<\/a>.<\/p>\n\n\n\n Ryan Hernandez, now a 21-year-old from Palmdale, California, pleaded guilty to crimes of computer hacking and child porn possession back in January. He was originally discovered in 2016 as stealing and publishing Nintendo\u2019s confidential files<\/a>, including info on the company\u2019s upcoming Switch console release. He used phishing to gain access to a Nintendo employee\u2019s credentials to carry out his activities.<\/p>\n\n\n<\/span><\/span>\n\n\n The U.S. Department of Justice reports<\/a> that although the FBI reached out to him and his family with a warning to stop, which he agreed to, Hernandez went right back to his malicious activities. Between at least June 2018 and 2019, he admits to \u201chacking into multiple Nintendo servers and stealing confidential information about various popular video games, gaming consoles, and developer tools.\u201d He didn\u2019t bother to hide his identity and was blatantly boasting about his activities on social media.<\/p>\n\n\n\n Needless to say, the FBI wasn\u2019t as forgiving the second time \u2014 they searched his home and seized electronic devices that included pirated games and software. And what they found there was worse than \u201cjust\u201d stolen proprietary information:<\/p>\n\n\n\n \u201cOn those devices, they discovered thousands of confidential Nintendo files. Forensic analysis of his devices also revealed that HERNANDEZ had used the internet to collect more than one thousand videos and images of minors engaged in sexually explicit conduct, stored and sorted in a folder directory he labeled \u2018Bad Stuff.\u2019\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n “Bad stuff.” Really? Yeah, that’s putting it mildly. <\/p>\n\n\n\n The U.S. DOJ reports that Hernandez pleaded guilty to the 2016 Nintendo server hacks as well as the possession of more than 1,000 pornographic videos and images. Hernandez was originally set to be sentenced on April 21. However, that was been delayed until September due to the COVID-19 pandemic, The Daily Swig reports<\/a>. In addition to agreeing to pay $259,323 in restitution for remediation costs to Nintendo, Hernandez also must register as a sex offender following his conviction, the DOJ\u2019s press release shows.<\/p>\n\n\n\n Hashed Out reached out to Emily Langlie, Communications Director for the U.S. Attorney\u2019s Office, to get an update about his sentencing date. Langlie says that Hernandez\u2019s sentencing has been delayed until Nov. 17, 2020. <\/p>\n\n\n\n Data regarding the average age of hackers is hard to pinpoint and varies by country. The most recent data I\u2019ve found is from a 2017 study by the United Kingdom\u2019s National Crime Agency (NCA), which reported that the average age of hackers in the U.K. was 17. The study also found that the majority of those interviewed viewed hacking as a \u201cmoral crusade\u201d rather than a way to make some dough, The Guardian<\/a> reports.<\/p>\n\n\n\n So, what factors could contribute to teens becoming hackers? According to another study that was published by Holt, Navarro and Clevenger<\/a> in 2019:<\/p>\n\n\n\n \u201cThe findings demonstrated that individuals with low self-control and deviant peer associations were significant predictors for both males and females. Specifically, those whose peers used drugs, shoplifted, and played computer games were more likely to engage in hacking. In addition, individual involvement in piracy, parents owning their own vehicle, and living in small towns were consistent predictors across both sexes. There were also distinct factors affecting the risk of offending, as females were more likely to hack if they spent more time with their peers generally, and also had peers who frightened others […] Males were more likely to hack if they owned their own computer and mobile device, spent more time watching TV and playing computer games, and had peers who engaged in vandalism.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n Now, this isn\u2019t to say that hackers don\u2019t live in big cities. This study, for which the data on 48,327 juveniles was collected in 2007, just provides some insight into some of the factors that may contribute to males and females engaging in computer hacking behavior.<\/p>\n\n\n\n Of course, there are also teens that get involved in cybercrimes in non-hacking roles as well. For example, The Guardian reports that hacking gangs frequently use teenagers as money mules and pawns<\/a> to help carry out cybercrimes. In these scenarios, teens serve as runners or \u201cmiddles\u201d to:<\/p>\n\n\n\n The short answer is \u201cit depends.\u201d After all, some teen hackers are never caught and other never engage in criminal activities in the first place. Others, like U.K. hacker Marcus Hutchins<\/a> \u2014 the guy who stopped the WannaCry cyber attacks of 2017 \u2014 may engage in criminal activities early on but then may choose to walk the straight and narrow path as they get older. (In Hutchins\u2019 case, however, he was later arrested for crimes he\u2019d committed as a teenager.)<\/p>\n\n\n\n For those who do commit crimes, the long answer also varies depending on different factors, including the severity of their crimes or if they\u2019ve engaged in crimes at all. For example, teen hackers who are arrested and found guilty of their crimes in the U.S. frequently serve time for their crimes. Ideally, they learn their lessons and choose to follow the law from now on. In some cases, they\u2019re recruited by cybersecurity companies and government organizations to work for them after their release or in exchange for lesser sentences.<\/p>\n\n\n\n For example, the BBC published a nice article<\/a> on a company called BlueScreen that gives U.K. teen hackers who are caught a second chance. The goal is to help them learn to use their skills for good by protecting the company\u2019s clients against attacks from online criminals.<\/p>\n\n\n\n Now, of course, not all teen hackers are bad\u2026<\/p>\n\n\n\n There are also white hat hackers like Santiago Lopez<\/a>, who choose to use their hacker skills for good instead of evil early on. Lopez, 19, became a millionaire the legal way \u2014 plying his white hat hacker trade as a bug bounty hunter. Another named Sam Curry reportedly makes about $100,000 annually<\/a> working as an ethical hacker.<\/p>\n\n\n\n Bug bounty programs make it possible for white hats to put their skills to use in positive ways by identifying vulnerabilities and bugs. Some of these programs include (but are certainly not limited to):<\/p>\n\n\n\n One teen hacker who goes by her hacker name CyFi really seems to embody this idea of trying to use her knowledge and skills to make the internet a safer place. In 2011, CyFi helped co-found the r00tz Asylum<\/a>, which is a non-profit that focuses on helping kids to become white-hat hackers. They also hold workshops for kids at DEF CON.<\/p>\n\n\n\n The U.K. government also offers the Cyber Discovery program<\/a>, a training platform that targets 13- to 18-year-old hackers who live in the United Kingdom. The goal is to train these tech-savvy teens and hackers to become the next leaders in cybersecurity.<\/p>\n\n\n\n But what are other countries doing once teen hackers get caught?<\/p>\n\n\n\n For some teen hackers who live in the Netherlands, there\u2019s another option known as Hack_Right. According to the Centrum voor Criminaliteitspreventie en Veiligheid<\/a> (CCV) in the Netherlands \u2014 or the Center for Crime Prevention and Safety in English \u2014the intervention program aims to help young hackers turn away from criminal activities. Hackers ages 12 to 23 who are convicted of a cybercrime for the first time may be eligible to participate.<\/p>\n\n\n\n The Hack_Right program, which started in 2017, runs until December 2021. So far, according to the CCV article, the program has had more than 20 participants. There\u2019s no telling yet what the results of the study will be, but it\u2019ll be interesting to see if and how it helps to recidivate these teen hackers.<\/p>\n\n\n<\/span><\/span>\n\n\nThree Teen Hackers Allegedly Involved in the July 15 Twitter Account Takeovers<\/h2>\n\n\n\n
\n
\n
Teen Allegedly Responsible for 8 Miami-Date Public School System Cyber Attacks<\/h2>\n\n\n\n
\n
![\"A](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/09\/miami-dade-schools-insecure-website-1024x385.png\")
Madrid Teen Hacker Allegedly Perpetrates \u201cNumerous\u201d Hacks Since Late 2019<\/h3>\n\n\n\n
Iranian Teen Hackers Deface Websites of U.S. Businesses<\/h3>\n\n\n\n
Cyber Crimes That Were Committed by Teens in Recent Years<\/h2>\n\n\n\n
![\"A](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/03\/iStock-647191366-1024x682.jpg\")
<\/figure><\/div>\n\n\n\nTeen Hacker Sentenced to Up to 15 Years in Prison for Hacking & Stealing Images<\/h3>\n\n\n\n
\n
Teenagers Carry Out SIM-Swap Attacks Totaling Hundreds of Millions of Dollars<\/h3>\n\n\n\n
![\"An](\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/09\/teen-hacker-sim-swap-1024x640.jpg\")
<\/figure><\/div>\n\n\n\nJoel Ortiz<\/h4>\n\n\n\n
Nick Truglia<\/h4>\n\n\n\n
\n
Ellis Pinsky<\/h4>\n\n\n\n
Former Teen Hacker Faces Double-Whammy of Hacking Nintendo & Child Porn Charges<\/h3>\n\n\n\n
\n
A Little Insight About Teen Hackers<\/h2>\n\n\n\n
\n
\n
So, What Happens to Teenage Hackers?<\/h2>\n\n\n\n
Some Teen Hackers Use Their Skills & Knowledge for Good from the Get-Go<\/h3>\n\n\n\n
\n
The U.K. Government Aims to Reach Teens Before They Commit Crimes<\/h3>\n\n\n\n
Netherlands Authorities Test Intervention Pilot Targeting First-Time Offenders<\/h3>\n\n\n\n
Final Thoughts<\/h2>\n\n\n\n