The Department of Justice has announced that four hackers both inside and outside the U.S. have been indicted for stealing trade secrets — including video game source code — from the U.S. government as well as Valve, Epic Games, Microsoft, and Zombie Studios.
Their hack netted them data including source code and trade secrets, government prosecutors allege, worth between $100 and $200 million. The DOJ says that the group conspired to sell the information it obtained from the hacks — and it has so far seized over $620,000 in cash and “other proceeds.”
The government has charged four individuals in the hack so far: Nathan Leroux, 20, of Bowie, Maryland; Sanadodeh Nesheiwat, 28, of Washington, New Jersey; David Pokora, 22, of Mississauga, Ontario, Canada; and Austin Alcala, 18, of McCordsville, Indiana. An unnamed Australian citizen has also been charged in Australia.
Charges include conspiracies to commit computer fraud, copyright infringement, wire fraud, mail fraud, identity theft and theft of trade secrets, as well as individual charges of aggravated identity theft, unauthorized computer access, copyright infringement and wire fraud.
Pokora and Nesheiwat today plead guilty to the government’s charges today.
According to the DOJ, the hackers used SQL injection and stolen user accounts to gain access to networks. Once there, they grabbed an Apache helicopter pilot training program developed by Blacklight: Retribution studio Zombie; data about Xbox Live and the technical specifications for the Xbox One prior to its release from Microsoft; an early version of Gears of War 3 from Epic; and an early version of Call of Duty 3 (presumably from Microsoft, again, as there’s no mention of an attack on Activision’s servers.)
It’s unclear what was stolen from Valve, specifically, but the government says that the hackers stole trade secrets, games and source code, as well as confidential financial and employee information from the companies they targeted.
“Today’s guilty pleas show that we will protect America’s intellectual property from hackers, whether they hack from here or from abroad,” said said Assistant Attorney General Leslie R. Caldwell, in a statement. According to the DOJ, this is the first time a foreign individual has been convicted for hacking into a U.S. company and stealing trade secrets — in the case of Pokora, who is Canadian.