Recently, a 29-year-old London man, Anwar Batson was charged with the credential filling into the British National Lottery account for fraud and four violations under the Computer Misuse Act of 1990. He was sentenced to 9 months in prison.
It is understood that Batson has been arrested in May 2017. but Batson has always denied it, claiming to be the victim of a hacker. After investigators discover his conversation with other hacker members on his device. He pleaded guilty.
It is reported that Batson used a tool called Sentry MBA to launch a credential filling attack on the accounts of national lottery customers. Sentry MBA can help cyber criminals quickly and easily access online accounts using millions of usernames and passwords. These credentials used for attacks are usually obtained by third parties in the data breach, and because many people use the same username and password combination for multiple online accounts, the success rate of credential filling attacks is high.
According to the National Crime Agency, Batson not only used the Sentry MBA to launch attacks against national lottery users but also provided a large number of tutorials for users on how to attack.
It is reported that when the attack was discovered, there were about 9 million records in the national lottery customer database, and hackers had accessed nearly 26,500 accounts. Earlier, the National Crime Agency stated that the attackers did not disrupt any of its systems and did not cause property damage to any customers.