US Charged a Swiss Hacker with Computer Intrusion and Identity Theft

Cyber Threat

Just over a week after the hacker claimed credit for helping to break into the online networks of a U.S. security-camera startup, the Justice Department has charged him with computer manipulation and identity theft.

A grand jury in Seattle’s Western District of Washington issued an indictment against Till Kottmann, 21, on Thursday.

Kottmann, of Lucerne, Switzerland, was first charged in September, according to federal prosecutors. The charges date back to 2019 and include stealing credentials and data from over 100 organisations, including corporations and government agencies, as well as publishing source code and confidential information.

The recent hack and leak of camera footage from customers of California security camera provider Verkada was identified by Kottmann as part of a “hacktivist” cause aimed at revealing the dangers of mass surveillance.

In a statement released on Thursday, Acting US Attorney Tessa Gorman refuted those claims.

“These behaviour can expose anyone from large companies to individual customers to increased vulnerabilities,” Gorman wrote. “Wrapping oneself in an ostensibly altruistic motive does not wash away the illicit stench of intrusion, robbery, and fraud.”

On Thursday, Kottmann did not respond to an online request for comment.

At the behest of US authorities, Swiss authorities raided Kottmann’s home in Lucerne late last week. It’s unclear if US prosecutors want to extradite Kottmann, who is still in Lucerne and has been informed of the charges. The FBI recently confiscated a website domain that Kottmann used to post hacked data online, according to prosecutors.

The indictment links Kottmann to a variety of hacks over the last year, including one that targeted an unidentified security system manufacturer in the Seattle area and another that affected a tactical equipment manufacturer.

Prosecutors say Kottmann illegally used legitimate employee credentials to gain access to source code databases in some instances. Kottmann is also accused of hacking the Washington State Department of Transportation, a car maker, and a financial investment firm, according to the indictment.

Last week’s high-profile Verkada hack, which attracted publicity because it revealed live camera feeds and archived video footage from classrooms, prisons, factories, gyms, and corporate offices, isn’t listed in the indictment.

Last week, Kottmann, who uses they/them pronouns, told The Associated Press that they were members of APT-69420 Arson Cats, a small community of “primarily queer hackers, not supported by any nations or capital but instead backed by the urge for fun, being gay, and a better world,” according to The Associated Press.

Last year, Kottmann drew scrutiny for leaking hacked material to reveal security vulnerabilities, including from Intel in the United States.

The indictment seeks to link Kottmann’s self-promotion efforts, such as designing and selling clothing related to hacking and “anti-intellectual-property philosophy,” to a wider scheme to commit computer fraud.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.