Originally, being a “ShinyHunters” is nothing criminal. The name denotes a type of player from Pokémon, the cult Japanese franchise. But for a few years and the arrest of one of its presumed representatives, the term evokes a completely different community, accused by American justice of being the author of numerous hacks around the world. Since “at least 2019”, its “prolific” members, including several French people, have targeted more than sixty companies, reselling their data at exorbitant prices.
The American authorities are calling in particular for the extradition of a 21-year-old student from Epinal, Sébastien Raoult, imprisoned since June 2 in the prison of Tiflet 2, near Rabat. He is liable to a 116-year prison sentence in the United States for his alleged involvement in a cybercrime case targeting in particular a subsidiary of Microsoft Github. According to the American indictment transmitted to Morocco and consulted by AFP, American justice issued an arrest warrant against Sébastien Raoult on June 23, 2021, accusing him in particular of “electronic fraud” and “theft of serious identity”.
According to another American court document, seen by The world, just Sébastien Raoult the value of this data would amount to millions of dollars. The cybersecurity site Interl471 specifies for its part that the ShinyHunters would also have attacked companies such as Pixlr, Bonobos, PDF Nitros, Tokopedia or Big Basket. The IP address of a certain Sezyo was discovered during the American investigation and attributed to Sébastien Raoult.
According The world, the ShinyHunters operated through phishing. This is to usurp the identity of a relative, to get in touch with targeted people in order to extract their access to the servers of the targeted companies. Other pirates also copy the appearance of a site, so that the victims enter their passwords there, and thus bequeath them to their executioners. The ShinyHunters allegedly first contacted the targeted developers via email, luring staff to fake sites.
Luxury cars purchased with loot
According to American justice, the ShinyHunters would be linked to other French accused of hacking a cryptocurrency platform in June 2019, named GateHub. The cybercriminals had seized 9.5 million euros. Among the defendants at the time was Gabriel KA-B, a 23-year-old young man from Tarbes who suffered from Asperger’s syndrome, according to The Parisian. According to the newspaper, the culprits of these thefts would have bought several luxury cars with the money from the heist.
Gabriel B had notably hacked the broadcaster Vévo, before being declared criminally irresponsible for the case. According The worldhe would have been interviewed by the Central Office for the Fight against Crime linked to Information and Communication Technologies, in parallel with the arrest of Sébastien Raoult in Morocco.
In a decision rendered on July 20, the Court of Cassation of Morocco took a first step towards the extradition of Sébastien Raoult, declaring itself “favorable”. The extradition itself can only be decided “by the Prime Minister on the proposal of a commission also bringing together the Ministers of Foreign Affairs and Justice”, specified a Moroccan source familiar with the matter.
This decision “strengthens us in our determination to obtain the extradition to France of Sébastien Raoult”, reacted to AFP his lawyer Me Philippe Ohayon. This opinion of the Moroccan justice “means that there is little time left for France to officially regain control of a file that it has been subcontracting for years to the Americans”, reacted the father of the young man, Paul Raoult. , joined by AFP. The latter urged Emmanuel Macron to repatriate him to France.