The arrest followed a joint international cybercrime investigation by the Australian Federal Police (AFP) and Federal Bureau of Investigation (FBI) involving online subscription service credentials stolen from Australian customers, and others around the world.
The investigation began after the FBI referred information to the AFP in May 2018 about an account generator website called WickedGen.com.
WickedGen operated for approximately two years selling stolen account details for online subscription services, including Netflix, Spotify and Hulu. The account details were obtained through credential stuffing, which sees a list of previously stolen or leaked usernames, email addresses and corresponding passwords re-used and sold for unauthorised access. The accounts details were from unknowing victims in Australia and internationally, including the United States.
On 12 March 2019, the AFP executed a search warrant at Dee Why, on Sydney’s northern beaches. Electronic materials and various amounts of cryptocurrencies were seized at the premises.
Prior to WickedGen’s closure, the website advertised it had over 120,000 users and almost one million sets of account details. Police will allege the administrator of WickedGen made an estimated AUD $300,000 selling the stolen account subscriptions through this website, and other similar sites identified through the course of investigations.