Threat Management, Vulnerability Management

Another Gonzalez co-conspirator sentenced

The fallout from hacker Albert Gonzalez' digital crime spree continues as another one of his co-conspirators was sentenced Tuesday in federal court in Boston.

Jeremy Jethro, 29, was sentenced to six months home confinement and three years of probation for providing Gonzalez with a zero-day exploit to take advantage of a then-unknown vulnerability in Microsoft's Internet Explorer browser. Jethro, who was charged with misdemeanor conspiracy, was also ordered to pay a fine of $10,000.

Gonzalez paid Jethro $60,000 in cash for the exploit, according to court documents. He bought it some time between 2005 and 2006. The exploit was intended to “enable the conspirators to unlawfully gain access to and redirect individuals computers."

Jethro's attorney did not immediately respond to a request for comment made by on Wednesday.

Gonzalez is involved in three pending hacking cases and is also scheduled to be sentenced this week. For his hacking crimes, Gonzalez is likely to receive a record-breaking prison term, Howard Cox, assistant deputy chief of the computer crime and intellectual property section of the U.S. Justice Department, said earlier this month at the RSA Conference in San Francisco.

Gonzalez faces up to 25 years in prison for stealing more than 40 million credit card numbers from TJX, and several other retailers. In addition, he faces up to 20 years in prison for his role in hacking into the network of Dave & Buster's restaurant chain. And, as part of a third pending case, Gonzalez faces between 17 and 25 years in prison for hacking into the payment card networks of Heartland, 7-Eleven and Hannaford Bros. His sentences will run concurrently.

Meanwhile, one of Gonzalez' co-conspirators in the TJX hack was sentenced earlier this month. Humza Zaman, formerly a programmer at Barclays Bank, was sentenced to 46 months in prison and fined $75,000 for laundering at least $600,000 in identity theft proceeds for Gonzalez.

In addition, a New York man – who admitted to providing the "sniffer" program that was used to hijack credit card numbers from TJX – was sentenced in December. Stephen Watt, 25, was sentenced to two years in prison, three years of supervised release and ordered to pay $171.5 million in restitution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.