Casino Engine UK — Honest Reviews, Guides & Real Casino Tests
HomepageCasino & Gambling NewsHacker Sentenced in $600K DraftKings Heist: ‘Fraud-for-Fun’ Plot Uncovered

Hacker Sentenced in $600K DraftKings Heist: ‘Fraud-for-Fun’ Plot Uncovered

A Memphis man, Kamerin Stokes, was sentenced to 30 months in prison for his involvement in the massive “Fraud-for-Fun” DraftKings heist, a cyberattack that compromised over 60,000 accounts and led to the theft of $600,000 from users. Stokes, aged 23 and known by the online alias “TheMFNPlug,” pleaded guilty nearly two years ago to one count of conspiring to commit computer intrusion, according to the US Attorney’s Office for the Southern District of New York.

Along with his prison sentence, Stokes will serve three years of supervised release, pay $125,965.53 in forfeiture, and be responsible for $1,327,061 in restitution. This breach, known as a “credential-stuffing” attack, resulted in a sharp 5% drop in DraftKings’ stock on the Nasdaq, as investors feared a decline in consumer trust due to the attack.

What is Credential Stuffing?

Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords from previous data breaches to gain unauthorized access to other websites. By targeting accounts where users have reused their login credentials, criminals can bypass security systems without having to break into the target company’s platform.

In this case, Stokes used automated tools to identify valid logins to DraftKings accounts, which were then sold on the dark web to others, who exploited them to withdraw funds. One of these buyers was a teenager from Madison, Wisconsin, named Joseph Garrison, who famously boasted that “fraud is fun.”

Fraud Is Fun—Until You’re Caught

Garrison, who was “addicted” to seeing money in his account, reportedly made $2.1 million from cyberfraud by the time he was 18. He pleaded guilty to conspiracy to commit computer intrusion in November 2023 and was sentenced to 18 months in prison in January 2024.

After his conviction, Stokes adopted Garrison’s infamous “fraud is fun” motto, even reopening his “fraud shop” under that name, claiming it was to pay for his legal defense.

A Clear Message from Authorities

Federal prosecutors made it clear that “fraud is not fun” and warned that both street fraud and online fraud will not be tolerated. The sentencing of Stokes serves as a strong warning to anyone considering engaging in online fraud. Authorities have emphasized that cybercrime, no matter its nature, will lead to serious consequences.

This case highlights the growing concern over credential-stuffing attacks and the vulnerability of online gambling platforms, particularly as they expand their services into new markets.

Leave a comment