‘Lizard Squad’ hacker admits to conspiracy targeting ‘thousands’
Subscribe for unlimited digital access.
Try one month for $1!
Subscribe for unlimited digital access. Try one month for $1!
A Maryland man with ties to international hacking groups with “thousands of victims” pleaded guilty in Chicago Tuesday to a conspiracy that may land him behind bars.
But Zachary Buchta could also catch a big break if he continues to cooperate with federal prosecutors, according to his 20-page plea agreement.
Buchta, 20, of Fallston, Md., pleaded guilty in front of U.S. District Judge Manish Shah to a conspiracy to damage a protected computer. He also admitted his role in the Lizard Squad and PoodleCorp hacking groups that have been tied to attacks against the Sony PlayStation and Xbox gaming systems.
The feds charged Buchta along with Bradley Jan Willem Van Rooy of the Netherlands in October 2016. Van Rooy is being prosecuted overseas.
Lizard Squad drew the attention of U.S. authorities during an investigation into phonebomber.net, a website that let customers pay to select victims who would then receive repeated harassing phone calls from random numbers, records show.
One victim from the Chicago area received this call as the victim’s phone rang non-stop for 30 days in October 2015: “When you walk the f—ing streets, mother—er, you better look over your f—ing back because I don’t flying f— if we have to burn your f—ing house down, if we have to f—ing track your god—ed family down, we will f— your s— up mother—-.”
The feds say Buchta and van Rooy then began a series of different attacks and boasted about them on social media. Buchta admitted Tuesday that he used the screen names “pein,” “@fbiarelosers,” “@xotehpoodle,” and “lizard.” He also said he and others promoted and ran the websites shenron.lizardsquad.org and stresser.ru.
Through those websites, he helped facilitate thousands of attacks that would overwhelm computer networks, leaving little or no resources left to accommodate legitimate users. They targeted victims around the world, including in the Chicago area.
Buchta and others also used the website stresser.poodlecorp.org to conduct such attacks for hire, according to Buchta’s plea agreement.
Their victims included gaming and entertainment companies attacked in April, June and August of 2016, resulting in a loss of $349,000, the document says. Buchta has agreed to pay at least that much in restitution.
Buchta’s sentencing hearing has been set for March 27. He faces a maximum of 10 years in prison. But if he continues to cooperate with the government, he could be looking at less than three years behind bars.