Pierluigi Paganini April 30, 2024

Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion.

A popular 26-year-old Finnish hacker Aleksanteri Kivimäki was sentenced to more than six years in prison for hacking into the online psychotherapy clinic Vastaamo Psychotherapy Center, exposing tens of thousands of patient therapy records, and trying to extort the clinic and its clients.

The man was arrested near Paris on February 2023, where he was living under a false identity. Kivimäki was deported to Finland and his trial concluded in March 2024.

In October 2020, the Vastaamo Psychotherapy Center was the victim of an extortion attempt. Threat actors hacked the clinic and stole a database containing information of some 33,000 clients. A threat actor that goes online with moniker “ransom_man” demanded 40 bitcoin (approximately 450,000 euros at the time) to avoid leaking sensitive therapy information stolen for the clinic, which refused to pay.

“Ransom_man announced on the dark web that he would start publishing 100 patient profiles every 24 hours. When Vastaamo declined to pay, ransom_man shifted to extorting individual patients. According to Finnish police, some 22,000 victims reported extortion attempts targeting them personally, targeted emails that threatened to publish their therapy notes online unless paid a 500 euro ransom.” reads the post published by Brian Krebs. “Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki, a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country. He was arrested four months later in France, hiding out under an assumed name and passport.”

The hacker demanded a ransom of 200 euros or 500 euros to each patient, and about 20 clients paid it.

The man was found guilty of several offenses, which included aggravated data breach, 21,000 counts of aggravated blackmail attempts, and 9,200 counts of aggravated dissemination.

Kivimäki denied all charges and may appeal, according to his lawyer. Prosecutors aimed for the maximum sentence of seven years, given the nature of the crimes.

Kivimäki was involved in multiple criminal cases in the past, he was a member of the hacker group Hack the Planet (HTP).

Kivimäki is also known as a member of the notorious hacker group Lizard Squad.

In 2013, investigators discovered malicious code on devices seized from Kivimäki, which was used by HTP to compromise over 60,000 servers exploiting an Adobe ColdFusion zero-day. This exploit was reported by Brian Krebs in September 2013, after the hackers breached the servers of LexisNexis, Kroll, and Dun & Bradstreet.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Finnish Hacker)