Teen ransomware ‘K!NG’ blew his loot on drugs, gambling, and sex

For years a teenager living just outside of London helped run an elaborate blackmail operation that bilked honest porn-site visitors out of their hard-earned cash — which he proceeded to blow on drugs, luxury hotels, gambling, sex workers, and at least one fancy £5,000 Rolex watch. 

Now, the 24-year-old Zain Qaiser, who went by K!NG online, has been sentenced to over six years in jail, and we’re getting a better picture of what the National Crime Agency is calling “one of the most sophisticated, serious and organised cyber crime groups” it has ever seen. 

The scheme, which the UK’s NCA says was run in conjunction with a Russian-speaking organized crime group, got its tentacles into future victims’ computers via ads placed on porn sites. A person would click on one of Qaiser’s ads and then be redirected to a page containing the Angler Exploit Kit (AEK). If the computer was vulnerable, it would then install the malicious software. 

Here’s where things get interesting. After installing the ransomware, the victim’s computer would lock to a popup display — in some cases pretending to be from the FBI — demanding a ransom payment ranging from $300 to $1,000 to be paid in virtual currency. The money would then be turned into cash by accomplices in the U.S., laundered into cryptocurrency, and eventually sent back to Qaiser.

“The campaign infected millions of computers worldwide across multiple jurisdictions,” reads the NCA press release. 

Some porn-site operators caught on and tried to kick the malicious ads off their sites, but Qaiser didn’t take too kindly to that. “I’ll first kill your server, then send child porn spam abuses,” he wrote to one such operator. 

The NCA says that Qaiser admitted to 11 offenses including blackmail, money laundering, and computer misuse.

“Zain Qaiser was an integral part of this organised crime group generating millions of pounds in ransom payments by blackmailing countless victims and threatening them with bogus police investigations,” reads the NCA press release. “In addition, when Qaiser’s criminal enterprise was frustrated by diligent members of the online advertising community, he retaliated causing misery and hundreds of thousands of pounds in financial losses.”

Qaiser, who was first arrested in 2014, is said to have lived with his parents while he was scamming internet-porn lovers around the world. Officials say he made at least £700,000 through his schemes, although “the total is likely to have been very much higher.”

With Qaiser off the digital streets, we can now rest easy knowing that ads on pornography websites are once again safe to click. No, wait, they’re definitely still not. Be safe out there.