A 23 year old Australian web developer has avoided prison after being found guilty of supplying at least 85,925 subscriptions to Netflix and other online services by identifying the passwords of legitimate customers and selling them to others, reports the Sydney Morning Herald. Evan McMahon (pictured) was sentenced to perform 200 hours of community service and had AUD460,000 (USD356,000) of cryptocurrency confiscated, though the subsequent cryptocurrency boom means that stash is now worth approximately AUD1.3mn (USD1mn). He is believed to have made about AUD680,000 (USD530,000) by selling ‘lifetime’ subscriptions for as little as 10 bucks a time.
McMahon ran programs between 2015 and 2019 that systematically identified the user details for accounts on Netflix, Spotify, Hulu, WWE Network, NordVPN, and the PlayStation Network. Court documents argued McMahon’s efforts were made more successful by the tendency for users to adopt the same passwords for multiple services. Four separate websites – HyperGen, WickedGen, Autoflix and AccountBot – were used to sell the credentials that McMahon cracked. The oldest of the websites was created soon after McMahon completed High School, and their sophistication increased over time, with the most recent offering discounts for new customer referrals. False identities were used to create 48 separate PayPal accounts in order to launder the criminal proceeds, much of which was invested in cryptocurrency.
McMahon potentially faced a 20-year prison sentence for the most serious crime he was charged with, but it appears the judge showed leniency because of McMahon’s youth and because he is autistic, and hence was said to not fully comprehend the seriousness of his actions. Without having heard all the details, this once again appears to be an example of courts being soft on online crime. Preventing and catching young internet fraudsters like McMahon is expensive and difficult, but courts rarely punish them with more than a sermon about their crimes not being victimless. If judges really believe what they say about the victims of crime then they should do more to deter a growing generation of online crooks by making an example of those few that are caught and brought to trial.