According to the Sophos NakedSecurity blog, “Edward Pearson, a UK-based 23-year-old from York, had grand plans to make his fortune by stealing from individuals and companies through hacking and information-stealing malware.”
David Hughes, prosecuting, told the court, “When police examined other computers they found the details of 2,701 credit or debit cards. Based on the average fraud used on a single card being £309, the potential gain to be made by him was £834,000.”
The emerging picture is one of a criminal mastermind who used Zeus, SpyEye and his own Python code to steal personal and credit card details for personal gain – even, at one point, forcing Nokia to close some of its systems for two weeks following a Pearson hack (thought to be the August 2011 SQL injection of the developers.nokia.com site).
But the reality is probably a bit different. Despite access to this money, Pearson’s total documented theft is just £2,351, used mainly for fast food orders and to pay his mobile phone bills. “This is a young man who has very advanced computer skills, but has put them to the wrong use, but he is not the criminal mastermind that everyone claims he is,” said his defense attorney.
This latter picture is the one painted by Gary Warner on the CyberCrime & Doing Time blog. Warner quotes some of the trail left by Pearson on the hacker forums – and it is not one that belongs to a criminal mastermind seasoned in covering his tracks. Warner points out that the hacker world has known Pearson’s identity for some time, quoting cr333k: “I dedicate this post to ED aka G-Zero because he is the reason I obtained this material” (referring to the leaked version of SpyEye v.220.127.116.11 and v.18.104.22.168). cr333k apparently went on to name Edward Pearson and even provide a Cambridge address.
Warner also notes that at one point Pearson’s own details were hacked and dumped by the Zero for Owned group. “When they dumped Eddy's details out of the RootCult website after SQL-injection of their database, Eddy's GroundZero password was shown to have an MD5 hash of c8837b23ff8aaa8a2dde915473ce0991. Bad news. That would mean his password was '123321'. Not a good password choice for a bad ass hacker,” writes Warner.
The true picture is probably not far from his defense lawyer’s claims. Edward Pearson is a very clever computer coder now doing time because the intellectual challenges he pursued were the wrong ones – he broke the law.