How teenage hacker became one of Europe’s most wanted criminals | Technology

A well-known hacker who was one of Europe’s most wanted criminals was arrested for blackmailing 33,000 people by threatening to publish notes from his therapy sessions online.

Julius Kivimäki’s arrest ends 11-year cybercrime spreewhich began when he gained notoriety in a network of anarchist teenage hacker gangs when he was just 13 years old.

Next, find out about the case.

Tiina Parikka was cooling down after her usual Saturday night sauna in Finland when she received a notification on her phone.

It was an email from an anonymous sender, which somehow had his name, social security number and other private details.

“Initially, I was struck by how polite he was, how friendly his tone was,” she recalls.

“Dear Ms. Parikka,” the sender wrote, before sharing that he had obtained her private information from a psychotherapy clinic where she was a patient.

Almost apologetically, the author of the email explained that he was contacting us directly because the clinic was ignoring the fact that personal data had been stolen.

Two years of meticulous records made by his therapist over dozens of sessions were now in the hands of this unknown blackmailer.

If she did not pay the requested amount within 24 hours, all notes would be published online.

“It was a suffocating feeling,” she says. “I was sitting there, in my robe, feeling like someone had invaded my private world and was trying to make money off the traumas in my life.”

Tiina quickly realized that she was not alone.

A total of 33,000 other therapy patients also had their records stolen — and thousands more were blackmailed, resulting in the criminal case with the largest number of victims in Finland.

The database stolen from the servers of Vastaamo, a Finnish network of psychotherapy clinics, contained the most intimate secrets of a large part of society, including children. Sensitive conversations about subjects ranging from extramarital affairs to confessions of crimes were being used as bargaining chips.

Mikko Hyppönen, from the Finnish cybersecurity company WithSecure, who researched the attack, says that the case had repercussions and fueled the news for days in the country.

“A hacker attack of this scale is a disaster for Finland — everyone knew someone affected,” he says.

All this happened in 2020, during the lockdowns imposed as a result of the covid-19 pandemicand the case stunned the world of cybersecurity.

The impact of the emails was immediate and devastating. Attorney Jenni Raiskio represents 2,600 victims, and during trial she said her firm had been hired by people whose relatives had taken their own lives after their records were published online. She led a moment of silence in the courtroom for the victims.

The blackmailer, identified only as “ransom_man” by his online signature, demanded victims pay 200 euros (around R$1,090) within 24 hours — otherwise, he would publish his information. If they did not meet this deadline, he would increase the amount to 500 euros (R$2,700).

About 20 people paid before realizing it was too late. Their information had been published the day before, when “ransom_man” accidentally leaked the entire database to a dark web forum.

It’s all there to this day.

Mikko and his team spent time tracking down the hacker and trying to help the police. That’s when theories began to emerge that the hacker was probably from Finland.

One of the biggest police investigations in the country’s history reached a young Finn who was already known in the world of cybercrime.

Kivimäki, who called himself Zeekill when he was a teenage hacker, didn’t become the well-known figure he is by being careful.

As a teenager, he was all about hacking, extorting and bragging as loud as possible. Alongside the hacker teams Lizard Squad and Hack the Planet, he reveled in causing chaos in the extremely active teenage hacking period of the 2010s.

Kivimäki was one of the protagonists, carrying out dozens of major attacks until he was arrested in 2014, aged 17, and later found guilty of 50,700 cases of computer hacking.

But he was not arrested. His conditional suspension of the two-year sentence generated controversy, and was criticized by many in the cybersecurity world. Despite Finland’s notoriously lenient sentences, the fear was that Kivimäki and his accomplices—mostly other teenagers scattered across the English-speaking world—would not be deterred.

Like many of his colleagues during this tumultuous period, Kivimäki didn’t seem to let problems with the police stop him.

After his arrest, and before his sentence, he carried out one of the most audacious attacks of any teenage hacker gang..

He and Lizard Squad took the two biggest gaming platforms offline on Christmas Eve and Christmas Day.

The Playstation Network and Xbox Live were taken down after their services were hit by an unsophisticated but powerful technique known as a distributed denial of service attack. Tens of millions of gamers have been blocked from downloading games, registering new consoles or playing with friends online.

Kivimäki gained the attention of the world press and even agreed to give me an interview for the Sky News television channel, in which he showed no remorse for the attack.

Another hacker who was also from the Lizard Squad gang told the BBC that Kivimaki was a vengeful teenager who loved taking revenge on rivals and showing off his skills online.

“He was very good at what he did, and he didn’t care about the consequences. He always went further than others in attacks.”

“Despite the attention that was paid to him, he made bomb threats and made serious prank calls without disguising his voice,” says Ryan, who did not want to disclose his surname because it is still unknown to the authorities.

Not only was Kivimäki linked to some smaller-scale hacking attacks after his sentence, but he was virtually unheard of for years, until his name was linked to the attack on the Vastaamo psychotherapy clinic.

It took Finnish police almost two years to gather evidence to issue an Interpol (international police) red alert for Kivimäki — and he became one of the most wanted criminals in Europe. But no one knew where the 25-year-old was.

He was spotted by chance last February, when Paris police went to his apartment after receiving a false call about a domestic dispute. They discovered that Kivimäki was living with false identity documents.

The young man was quickly extradited to Finland, where police began preparing for one of the most important trials in the country’s history.

Detective Marko Leponen led the three-year investigation — and, according to him, it was the biggest case of his career.

“We had over 200 officers on the case at one point, and it was an intense investigation with a lot of testimonies and victims’ stories to analyze.”

Kivimäki’s trial was important news for the country, closely followed by local journalists — and even by the international press, who attended to hear his testimony.

I was in court the first day he took the stand, when he maintained his declaration of innocence calmly and with occasional jokes aimed at the silent courtroom.

But the evidence against him was overwhelming.

Leponen says that linking Kivimäki’s bank account to the server used to download the stolen data was crucial.

His agents also used new forensic techniques to extract Kivimäki’s fingerprint from an anonymous photo he posted under an online pseudonym.

“We managed to prove that this anonymous person who posted on the forum was Kivimäki. It was unbelievable, but it shows that we need to use all the measures we know, and try those we don’t,” explains Leponen.

In the end, the judges gave their verdict, declaring him guilty of all charges.

The court found Kivimäki guilty of more than 30,000 crimes — one for each victim.

He was accused of qualified data breach, attempted qualified blackmail, 9,231 qualified dissemination of information violating private life, 20,745 qualified blackmail attempts and 20 qualified blackmail.

He was sentenced to six years and three months in prison (the maximum sentence was seven years)but it is likely that he will only serve half, due to the time already served and the Finnish justice system.

For victims, like Tiina, this is not enough time.

“So many people have been affected by this in so many ways — 33,000 people are a lot of victims. It has affected our health, and some people have been targeted by financial scams as well using the stolen data,” she says.

Meanwhile, she and the other victims are waiting to see if they will receive any type of compensation.

Kivimäki has agreed in principle to reach an out-of-court settlement with a group of victims, but others are planning to file civil lawsuits against him or Vastaamo itself.

The psychotherapy clinic is now extinct, and its founder was convicted of failing to protect patient data, with conditional suspension of the sentence. Kivimäki did not tell police how much money he has in bitcoins, and claims to have forgotten his digital wallet details.

Attorney Jenni Raiskio hopes the state can intervene, but says it could take many months, or even years, to analyze each case individually and assess how much damage was caused.

There are even calls to change the law to help deal with future cases of mass hacking attacks like this one.

“This is really historic in Finland, because our system is not prepared for this amount of victims. The Vastaamo hack showed us that we need to be prepared for these big cases, so I hope there will be a change. This will not end here,” she says.

Why might TikTok be banned in the United States?

Videos helping people in markets gain millions of views