Cyprus Mail
Cyprus Featured

Young Cypriot hacker found guilty in US trial

Joshua with his mother Vivina before his arrest

A young hacker who became the first ever Cypriot citizen to be extradited to the US has been found guilty of committing cyber-crimes by a court in the state of Georgia on Monday.

Joshua Epiphaniou, 21, was extradited to the US on July 16 2020, where he faced charges in both Arizona and Georgia for felonies committed from his bedroom in Nicosia when he was still a minor. The maximum sentence for the charges he faces is 20 years.

Epiphaniou’s lawyers tried to reach a deal with FBI in October to reduce his sentence, which will be announced on March 3.

Prior to his extradition, Epiphaniou had been held in custody for three years without a trial and without a conviction for any offence, for which his lawyer in Cyprus tried to plead time served as a mitigating circumstance with the US prosecution.

“The accused gained access to US-based websites and threatened to reveal stolen personal information belonging to users unless they agreed to pay a ransom,” US prosecutor Bobby L. Christine said in his remarks.

“His arrest, extradition and conviction demonstrate our determination to bring to justice any hacker, no matter where he is.”

Atlanta FBI special agent Chris Hacker said the trial represented the agency’s determination to bring to justice cybercriminals for blackmailing US companies and citizens, “no matter where they are hiding”.

“However, the successful prosecution of this case would not have been possible without the help of our federal and foreign partners, including the Cypriot government.”

According to the indictment, between October 2014 and November 2016, when he was aged between 14 and 16, Epiphaniou worked with associates to steal personal data from user and customer databases at victim websites in order to extort the websites into paying ransoms under threat of public disclosure.

He allegedly used proxy servers located in foreign countries to log into online email accounts and send messages to the victim’s websites threatening to leak the sensitive data unless a ransom was paid.

He is alleged to have defrauded the entities of $56,850 in bitcoin and two victims incurred losses of over $530,000 from remediation costs associated with the incident.

Related posts

Coronavirus: One death as daily case total falls below 100 (updated)

Katy Turner

Elpidofors controversy now closed says Anastasiades

George Psyllides

An event to connect

Eleni Philippou

EU must tackle migration problems at their source, MED5 says

George Psyllides

2022 budget will mark move to recovery

George Psyllides

Coronavirus: Where free rapid tests are available on Sunday

George Psyllides