3 December 2021

Former Ubiquiti dev tried to extort his employer posing as a hacker


Former Ubiquiti dev tried to extort his employer posing as a hacker

A security breach at New York-based networking device maker Ubiquiti, which first came to light in January 2021, was allegedly orchestrated by a former employee of the technology firm, according to the U.S. Department of Justice.

Nickolas Sharp, 36, was arrested on December 1 on charges of stealing gigabytes of confidential information from the company and using it to demand nearly $2 million in ransom.

According to the indictment, Sharp was working as a senior developer and had access to Ubiquiti’s Amazon Web Services (AWS) and GitHub servers. In December 2020, the defendant downloaded gigabytes of confidential data from his employer using Surfshark VPN service to mask his IP address.

In January, Sharp made an attempt to extort his employer for ransom posing as an anonymous hacker claiming to have obtained unauthorized access to the company’s network. The ransom note sent by Sharp demanded 50 Bitcoin (nearly $1.9 million at the time) in exchange for the return of the stolen data and the information on the purported vulnerability in Ubiquiti’s network.

After the company refused to pay the ransom, Sharp published a portion of stolen data on a publicly accessible online platform.

In March, Sharp, posing as an anonymous whistleblower, falsely told media outlets that the data had been stolen by an unidentified hacker, according to the DoJ. Following the publication of these articles, the company’s stock price fell approximately 20%, losing over $4 billion in market capitalization.

Sharp has been charged with transmitting a program to a protected computer that intentionally caused damage, transmission of an interstate threat, wire fraud, and making false statements to the FBI. Each of these carry a maximum prison sentence ranging between two and twenty years.


Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024