Kamerin Stokes, 23, of Memphis, Tennessee, received a 30-month prison sentence for selling access to tens of thousands of hacked DraftKings accounts.
Stokes orchestrated a scheme to compromise and resell credentials for the sports betting platform, affecting a significant number of user accounts. The case highlights ongoing security vulnerabilities in sports betting platforms and the criminal market for compromised accounts.
Federal prosecutors determined that Stokes sold access to thousands of accounts, generating proceeds from the illegal activity. The investigation traced the hacked credentials and identified his role in the distribution network.
The sentencing reflects law enforcement's focus on account takeover fraud and credential theft operations. Sports betting platforms remain targets for hackers seeking to access user funds and payment information.
DraftKings has not disclosed whether the breach exposed additional user data or affected other platforms. The case underscores the risks users face when account credentials are compromised through third-party breaches.
Federal prosecutors have unsealed a 2024 indictment charging three Russian nationals and two web hosting services with facilitating cyberattacks and money laundering that victimized cybercrime targets of $62 million.
A hacker accessed Suno's source code using stolen employee credentials, revealing that the AI music generator scraped decades of audio from YouTube to train its model.
Criminals can now clone voices with AI in mere seconds, outpacing traditional authentication defenses that banks and financial institutions rely on to prevent fraud.
Five malicious versions of AsyncAPI packages were published to npm, delivering a remote access trojan capable of stealing credentials and sensitive data from developer systems.