Cybercrime
,
Fraud Management & Cybercrime
‘IntelBroker’ Faces Four-Count Indictment in Manhattan Federal Court
A hacker known online as “IntelBroker” and who has a history of spilling sensitive information faces a four-count criminal indictment in the United States after French police arrested him in February.
See Also: Why Cyberattackers Love ‘Living Off the Land’
IntelBroker’s true identity is British national Kai West, U.S. federal Manhattan prosecutors said Wednesday. They are seeking his extradition to the United States for conspiracy to hacking, wire fraud and conspiracy.
The announcement of West’s indictment comes after news broke in France that authorities rounded up suspected administrators of once-notorious, now-defunct stolen data marketplace BreachForums (see: French Police Reportedly Bust Five BreachForums Administrators).
IntelBroker was a high-profile presence on BreachForums, which identified him from last August through January as the site’s owner. IntelBroker announced his retirement on social media in January. West has also led a hacking group known as “CyberN******.”
IntelBroker claimed responsibility in March 2023 for hacking into the online health insurance marketplace used by members of Congress and residents of Washington, D.C. (see: Hackers Sell US Lawmaker Data Stolen From Insurance Market).
In a hacking spree that began in January 2023 and lasted through to his arrest, West and his co-conspirators caused $25 million in losses, a complaint against him states.
Among IntelBroker’s hacks is the January 2023 theft of U.S. wireless telecom UScellular customer data stolen from a third party. In April 2024, he claimed to have hacked into a U.S. federal government contractor (see: US State Department Investigating Hacking Claims).
He also targeted a national grocery delivery service and a division of General Electric that works on collaborative initiatives with the Defense Advanced Research Projects Agency.
Investigators said they caught West by buying $250 worth of stolen data from him through Bitcoin. Tracing the transaction led them to the Ramp crypto trading platform – where West registered using his driver’s license. Investigators obtained an email address and found that West apparently accessed it from the same IP address used to carry out penetrations. West also used the same email address to register his X social media account as he did to sign up for a VPN.
West also apparently enjoyed reading about himself, according to YouTube history data included in the federal complaint against him. He watched a video in April 2024 about one of his data leaks, and in January 2024 he repeat watched a 16 minute video purportedly with IntelBroker that claimed the hacker spoke Serbian and Russian but not English. About three times between January 2024 and May 2024, he watched a video containing news clips about his exploits set to electronic music.
West will not be the only alleged hacker to face prosecution in New York federal court. The complaint against him states that at least one other suspected co-conspirator “is expected to be first brought and arrested in the Southern District of New York.”