Rogue ex-Motorola techie admits cyberattack on former employer, passport fraud

Trending 3 months ago

An ex-Motorola artisan in the US has accepted he approved to fraudulently access a authorization while apprehension balloon for a cyberattack on his above employer.

Andrew Mahn, 28, of Derry, New Hampshire, pleaded accusable in federal cloister on Tuesday to both authorization artifice and wire fraud, the closing apropos to that cyber-intrusion. He is due to be bedevilled in March abutting year.

Mahn was accusable [PDF] by a admirable board for authorization artifice in February, afterwards actuality answerable in 2021 with breaking into Motorola's computer arrangement and burglary data.

Prosecutors did not name Motorola in their indictments adjoin Mahn: instead their cloister abstracts accredit to the biz as "Company A," and declared it as an all-embracing association headquartered in Chicago that sells, amid added products, two-way radios. Although one could amount out Company A was Motorola from that description alone, the biz appear itself in a victim account submitted to the courts [PDF] beforehand this month.

Mahn, according to prosecutors [PDF], formed as a radio artisan for Moto afore accepting a new gig at the Massachusetts Port Authority (Massport).

While alive at Massport, Mahn beatific phishing emails to 31 Motorola advisers amid August and September, 2020. These emails absolute a awful articulation arch to a spoofed Motorola amount aperture so Mahn could abduct their accumulated login credentials. 

After agriculture those employees' usernames and passwords, Mahn beatific argument letters to at atomic one staffer that appeared to be Okta aegis analysis letters to ambush the mark into accouterment their multi-factor affidavit code. 

Mahn again acclimated this acceptance to access Motorola's IT network, and breach into the corp's Bitbucket athenaeum and abduct antecedent cipher that accustomed him to alleviate assertive radio accessories appearance admired at up to $175 per radio, Uncle Sam's attorneys said.

While he mostly approved to awning his advance by application what prosecutors declared as "anonymized" Amazon Web Services IP addresses for the scam, law administration were able to trace his accomplishments to a Comcast IP abode and his Massport email address.

"The defendant, while application an anniversary angry to his Massport assignment email address, accessed Company A's accessible website application this Comcast IP abode on at atomic 13 abstracted occasions during the cyber intrusion," according to Mahn's appeal acceding [PDF].

A additional IP abode assigned to the aforementioned Comcast anniversary was after acclimated to acceptance Mahn's claimed Venmo and Gmail accounts, and Mahn additionally acclimated his claimed Google anniversary and driver's authorization to set up a Coinbase anniversary that paid for hosting affected Motorola accumulated login page, we're told.

  • Forget the alfresco hacker, the bigger blackmail is central by the coffee machine
  • US aggressive aggressive cyber threats from aural and without
  • 'Serial cybercriminal and scammer' confined for 8 years, told to pay aback $1.2M
  • Former infosec COO pleads accusable to advancing hospitals to boom up business

A admirable board in Illinois alternate an allegation charging Mahn with assorted offenses accompanying to the Motorola break-in in October 2021. He was bedfast and appear awaiting trial. 

But instead of patiently cat-and-mouse for his day in court, Mahn, on November 15, 2022, activated for a authorization beneath a affected name (with the aforementioned initials, "AM") and application a affected date of bearing — but with his own photograph. 

To accompany the application, Mahn submitted apocryphal documents, including a affected apprentice ID agenda from a absent academy and a affected New Hampshire identification card. Both, however, acclimated his absolute picture. 

A ages later, he wrote to US Senator Maggie Hassan (D-NH) requesting advice in expediting his authorization application. "I accept aloof begin out I charge to book all-embracing biking anon for ancestors affidavit in the advancing weeks to Germany," Mahn wrote. "I am aggravating to amount out the cachet of the appliance and back I can apprehend it to be candy and shipped.

Alas, there was no absolute ancestors emergency in Germany. We can alone accept Mahn's absolute absorbed was to use the artificial authorization to abscond abroad afore his trial. 

He now awaits sentencing in the new year. The allegation of wire artifice carries a max book of 20 years in prison, three years of supervised release, a accomplished of $250,000, or alert the gross accretion or loss, and restitution.  

Meanwhile, authorization artifice could get Mahn ten years abaft bedfast and a $250,000 fine. ®