The FBI identified and nabbed a suspected cybercriminal who maintained anonymity for more than a year and a half by sending him a booby-trapped video file, federal prosecutors explained in newly unsealed court filings.
The recent arrest of accused sextortionist Buster Hernandez, a 26-year-old from southern California, was made possible in part by the use of a Network Investigative Technique (“NIT”), a blanket term used by the FBI to describe the lawful use of malware, exploits and various hacking tactics against a criminal target, according to a criminal complaint unsealed Monday in Indianapolis federal court.
Mr. Hernandez was arrested earlier this month in Bakersfield and has been charged in connection with a cybercrime spree that started as early as December 2015 and targeted multiple underage victims throughout the country, the Justice Department said in a statement Monday.
Using a pseudonym, “Brian Kil,” Mr. Hernandez allegedly solicited sexually explicit material from at least three underage female victims under threat, a tactic colloquially referred to as “sextortion,” the statement said. When the girls refused his demands, according to prosecutors, Mr. Hernandez threatened their physical safety and made threats that resulted in the closing of two high schools and an area shopping mall.
Kil’s actual identity went undetected for well over a year because he browsed the web using anonymous proxy servers that masked his Internet Protocol (IP) address, a series of numbers that could’ve otherwise helped authorities identify the account holder’s actual name and location.
Detectives eventually tricked the suspected sextortionist into revealing his actual IP address by using an NIT in the form of a bogus video file, according to the criminal complaint unsealed Monday. A federal judge in June authorized the FBI “to add a small piece of code (NIT) to a normal video file” produced by one of Mr. Hernandez’s alleged victims, the complaint said. The FBI then uploaded the malicious file to a website known only to Kil and the underage victim.
“When Kil viewed the video containing the NIT on a computer, the NIT would disclose the true IP address associated with the computer used by Kil,” the complaint said. Authorities ultimately executed the exploit and traced the computer behind the Kil account to one used by Mr. Hernandez, according to court documents.
“This was a unique and complex investigation that highlights the tenacity, perseverance, expertise and dedication of the FBI Indianapolis’ Crimes Against Children Task Force and was a top priority. Innovative techniques were utilized, solutions to roadblocks created and partnerships with key private sector partners were developed,” said W. Jay Abbott, special agent in charge of the FBI’s Indianapolis Division. “I stood in front of concerned parents and community members and told them we would find the person who had been victimizing these young girls and, with the tireless work of our agents and partners, we never gave up.”
Mr. Hernandez was charged with threats to use an explosive device, threats to injure and sexual exploitation of a child. He faces a mandatory minimum sentence of 15 years and a maximum sentence of 30 years if convicted on all counts, the Indianapolis Star reported Monday.
Authorities believe he may have “sextorted” targets in as many as 10 different federal districts and are searching for additional victims.
Sextortion cases have increased by 32 percent between 2010 and 2016, the Justice Department said in a report last year.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.