17-year old Finnish teenage hacker Julius “Zeekill” Kivimaki has been convicted of over 50,000 “aggressive computer break-ins” and co-opting attacks with Lizard Squad.
Kivimaki is receiving a light sentence due to his age, even though the Finnish authorities have still not pushed charges for some of his other antics online. The hacker reportedly used money stolen from PayPal accounts to fund a trip to Mexico, alongside exploiting Adobe Cold Fusion to hack into Xbox Live and PlayStation Network databases. Kivimaki has also used “swatting” as a means of attacking people in the US, directing a police SWAT team to a house.
The teenager was hit with two years suspended sentence and Kivimaki has to turn over $7,300 (£4,700) in stolen property. It is not clear whether Kivimaki has the money stored or spent it—reports previously suggested the hacker went on a luxury binge shop.
The Finnish court also pushed Kivimaki to publicly denounce hacking. Most European courts try this approach, lightening a sentence if the accused is willing to vilify their own practice.
The light sentence is not going down well, especially for those that fought against Lizard Squad and interacted with Kivimaki directly. Brian Krebs, a cybersecurity experts who fought against Lizard Squad, claimed this was a victory for the Internet troll.
While it might be hard for those people directly involved with Kivimaki and Lizard Squad to condone the short sentence, it was not long ago that many of these same security experts appealed against the US for harsh hacking sentences.
Lizard Squad rose into the limelight with the Christmas hacks, taking down the PlayStation Network and Xbox Live for several hours. The hacking collective made some big claims, including plans to take down Facebook, but those attacks never happened.
In the UK, 56 people were initially arrested under the assumption they were working for Lizard Squad. One suspected hacker in London claimed his Xbox, PC and mobile were taken by the police in a home search.
Lizard Squad has been silent since the events earlier this year, after the failure of their stresser tool. The hacking collective tried to sell a DDoS tool, basically selling botnet space to anyone looking to take a site down—4Chan was the first to receive the attack.
After a few weeks, the stresser was offline. Several other hacking collectives went against Lizard Squad for the abuse of systems.