FBI, CISA Issue Warning on Cuba Ransomware
The FBI and CISA issued a joint advisory on Cuba ransomware actors. The advisory is the latest in the government’s #StopRansomware campaign.
Malicious Life Podcast
The US government says that Kim Schmitz, better known as Kim DotCom, is the leader of a file sharing crime ring. He sees himself as an internet freedom fighter: a fugitive on the run from vindictive overly-powerful governments. Can King Kimble escape the wrath of the USA? Check it out...
The Malicious Life Podcast by Cybereason examines the human and technical factors behind the scenes that make cybercrime what it is today. Malicious Life explores the people and the stories behind the cybersecurity industry and its evolution, with host Ran Levi interviewing hackers and other security industry experts about hacking culture and the cyber attacks that define today’s threat landscape. The show has a monthly audience of over 200,000 and growing.
All Posts by Malicious Life PodcastIt’s the middle of the night, and the dark waters are brewing underneath. Black foam floats across the ocean, an ominous sign of what’s coming your way. There’s no soul in sight; the vast sea is vacant from where you are to the sky’s edge. Large clouds are hovering down, and the full moon sends its bright light rays – finding a gap between the clouds.
Suddenly, A majestic pirate ship is revealed. Dark sails, a black flag and frightening shadows of fugitive sailors tending to their evil deck and leading their malicious vessel to its next prey.
This legend of naval piracy – the undying legend of pirates – lives to this day in Hollywood and in our shared imagination. In fact, history’s vicious pirates lent their names to a new kind of criminal. Those new pirates aren’t navigating hidden seas and stealing golden loots – instead, they illegally share stolen files and break copyright laws.
Our story today deals with a man who might just be the greatest internet pirate in the history of the World Wide Web: the leader of a file-sharing crime ring. According to himself, he’s more of an internet freedom fighter: a fugitive on the run from vindictive overly-powerful governments. Though his motivations and self-claimed innocence are a matter of fierce debate, there’s no doubt about one thing: his success.
He has had many names. People called him “Kimble” or “Kim Tim Jim Vestor”, and sometimes they even called him by the pompous nickname “His Royal Highness King Kimble the First, Ruler of the Kimpire”. Mostly, he is known as “Kim Dotcom”, but his mother? She called him Kim Schmitz.
Commodore C-16
Kim’s life led him to New Zealand’s most expensive mansion, to gigantic aquariums and sports cars, luxury beds and automatic weapons. But they began in the quintessential dull country: Germany.
He was born in1974 in Kiel, a northern city and a German navy powerhouse. In a past interview, he described his father as a violent drunkard who beat his mother and dangled him out of a window. In many ways, it was another window – a display window, this time – that saved him from his troubles. A display with the ultimate prize for an 11-year-old Kim Schmitz: a Commodore C-16. It was a bulky computer, with an ugly-looking keyboard even by the standards of the 1980s. But somewhere inside of himself, Kim knew that this computer could change his life.
So he did what every 11-year-old child would do: he started nagging his mother. Kim restlessly begged his mother for a computer of his own, until she gave up and bought him the computer.
Over time, Kim Schmitz began studying the Commodore, learning BASIC and making illegal copies of video games. But when he wasn’t playing with his new computer, Kim was bad news, especially in school. So much so, that his teacher believed there was something wrong with him, and he was sent to a psychiatrist. The rebellious Kim stole the psychiatrist’s wallet and bought ice cream for all of his friends. These early incidents show that Kim’s tendency for breaking the law was there from the beginning, as well as a disregard for authority – and a knack for showmanship.
Soon after, utilising his computer for new adventures, Kim started logging into pre-internet closed networks online. It turned out that despite his bad grades in school, Kim actually had a real talent: hacking. Pretty soon, the young teenager made a name for himself in Germany as a fearsome hacker. An early target of his was PBXs — phone systems that businesses used for their internal communications, largely replaced these days by VoIP. “Every PBX is an open door to me”, he once said. He claimed to hack into NASA’s computers in order to find out if aliens really exist. Kim probably didn’t get a definitive answer – but his reputation as a rising hacker continued to expand.
Growing more confident, Kim took a new name for himself: “Kimble”. This pseudonym or alter-ego was based on the name of the main character of the 1993 film “The Fugitive”, following a man – Richard Kimble – wrongfully accused of murdering his wife and forced to flee from the authorities. And much like the fictional Kimble, Kim’s illegal activities online got him into trouble with the law.
His first brush with the police came after launching a telephone scam, stealing a hefty percentage of an operator’s revenue from long-distance calls. He made 75,000 Deutschmarks, a huge amount of money for a young man from a not-so-well-off family. With his new income, he bought a better computer and more modems.
But in 1993, when Kim was 19 years old, this scheme got him arrested, and he spent four weeks behind bars. This experience, he said in an interview with WIRED, left him both scared – and intrigued. “I had all these visitors, grown-ups from MCI and AT&T, coming just to talk to me,” he said. They wanted to know how he was able to hack into PBXs, and it was then that Kim realised that he was onto something interesting.
Soon after being released, he was arrested again – on more hacking charges. The judge considered his crime as nothing but “youthful foolishness”. Despite being convicted of more than 21 charges, Kim got a two-year suspended sentence.
Using his arrest to boost his reputation, Kim started his own data security consultancy – Data Protect – and turned it into a successful business, providing services for leading companies such as Lufthansa. He says that he managed to hack into every company that hired his services.
Kim vs Osama Bin Laden
As money flowed into Kim’s account, he began to adopt a more lavish lifestyle. His love of fast cars soon became an obsession – as well as his love of the media. Already a wealthy man, Kim wanted to become rich in another currency: attention.
Trying to boost his own fame, Kim produced a short animation movie – presenting Kim as a special agent who breaks into Bill Gates’s mansion, threatens him with an assault rifle, makes the billionaire soil himself – and then engraves the word “LINUX” in bullet holes. Other, more serious ventures included starting several internet start-ups – and developing his own luxury internet-connected “MegaCar”.
It turned out that Kim would do anything for attention. He sold his data security company and produced another, more expensive film – which also took bizarre jabs at Bill Gates. After 9/11, Kim formed a shady hacker gang aimed against terrorists – another major PR stunt. Kim claimed to have hacked Osama Bin Laden’s Sudanese bank accounts – and even offered a 10 million dollar bounty for the capture of Bin Laden. Around this time, the media also started paying attention to the internet’s new playboy. Kim delightfully cooperated with this new attention, partly by spreading false information about himself. He claimed to have hacked Citibank’s computers – saying he stole 20 million dollars and then donated the money to Greenpeace. This story was obviously false, but it didn’t matter. To the press, he was a star.
But Kim also led some more serious endeavours. One of the more lucrative ones was a website named LetsBuyIt.com, an aspiring retail platform. The dot-com crash of 2001 nearly put an end to the company, so Kim took special means to save it: he announced to the press he was going to invest 50 million euros in LetsBuyIt. Naturally, the company’s stock surged, and Kim sold some of his shares of the company – making a significant profit. For him, it was all a modus operandi: breaking the rules, garnering media attention and using his showmanship for his profit. But for the authorities, it was insider trading.
To this day, Kim claims he wasn’t aware that what he was doing was against the law. He has a reasonable case to make: insider trading was banned in Germany, where he was still living, only in 1995. But the authorities were convinced he knew exactly what he was doing, and decided to press charges.
It was a serious threat to Kim’s growing empire. On paper, his new legal problem was much more threatening than the four weeks he spent in jail as a 19 year old. If convicted, he could face a significant jail sentence. Kim Schmitz was evidently frightened by his insider trading charges – so frightened that he decided to flee. And so, Just like the fictional Richard Kimble of “The Fugitive”, our Kimble ran away: He flew to Thailand in early 2002.
While in Thailand, Kim talked about entering a “new world” and posted cryptic messages on his website, implying that he may kill himself. Soon after, he crowned himself as “King Kimble the First, Ruler of the Kimpire”. Maybe he was really in a bad mental shape, or maybe he was just playing mind games with the German authorities.
A short while later the new “king” was arrested in Thailand and extradited back to Germany. Once again, though, a German court chose to treat him with clemency. He was fined 100,000 euros and given another suspended sentence. A year later, he was convicted on another set of charges – and was slapped with yet another suspended sentence.
The fine was comedic – much less than what he made during the LetsBuyIt ordeal. With funds of his own, a renewed halo of fame and a growing sense of self-importance – Kim travelled to Hong Kong. In the 19th century, the Chinese city was a safe haven for pirates – earning the infamous nickname “Island of Thieves”. In 2003, as Kim left Germany for good, Hong Kong was about to become the home of a new kind of pirate.
The Golden Age of Internet Piracy
Internet piracy nowadays is just a mere shadow of its past self. When Netflix and other streaming services made tens of thousands of movies and tv shows available for customers, just one click away – it turned out that people are willing to pay a few dollars to consume their content legally: The European Union found out that piracy declined by 34% in 2020 alone. But not so long ago, piracy was at its peak.
It’s 2004, and you want to watch a movie, let’s say the contemporary hit “Spider-Man 2”. You can visit the movie theatre, rent a copy at Blockbuster – or just download it online: You pay nothing, and you get it relatively quickly (depending on your internet connection speed). It’s extremely illegal, an act of internet piracy – but chances are you won’t face any serious repercussions.
The only problem was that there wasn’t a single, stable and fast file sharing platform: There was Napseter, eMule and eDonkey and Gnutella and Kazza and then Bittorrent… but for many people, especially those who were less technically-minded, this chaotic landscape was just too baffling. Kim Schmitz happened to be the guy with the solution.
It all began with a fast car. Many different fast cars, to be specific. Ever since he got hold of his vast fortune, Kim developed an obsession with luxury cars. The failed MegaCar was just a symptom of his love of the open road. Later on, Kim also remarked that he once tried to break the German record for traffic violations.
He actually became a regular participant in sporting events and even tried to start his own rally. In order to do so, he and his partner filmed several racing videos and sent them to several journalists, investors and other potential partners. In the process, he and his partners began to realise that sending video files as email attachments wasn’t a viable solution.
This is how Megaupload was born back in 2005. It was founded by Kim and his partners as a one-click hosting service where users could upload videos or other large files – and then get a shareable link to download the file. It was a simple platform, enabling a simple path for people to share anything they’d like online. With HD films and videos gaining traction, Megaupload was the best way for people to share large files online. It was before the age of cloud platforms, as DropBox and Google Drive were only created several years later. And so, the website that was originally created to promote Kim’s racing career became, much to his surprise, an internet sensation.
Around the time of Megaupload’s launch, Kim Schmitz and Kimble both gave way to a new name: Kim Dotcom. Lexico defines a surname as a name indicating one’s family, tribe or community. By choosing this new name, Kim signalled that the internet was now his family, tribe and community. He was no longer German and not really a true local in Hong Kong either. Online was the place where he felt at home.
These were the good times. Megaupload soon attracted more than 50 million visitors a day – becoming one of the world’s top 20 websites and being responsible for a whopping 4% of all the internet’s worldwide traffic. Kim Dotcom became an Archduke of the Internet. A World Wide Web Mogul.
After getting married, he immigrated to New Zealand. Kim bought the most expensive home in the island nation, a vast mansion hosting pools, tennis courts, fountains and large aquariums.
The Dotcom mansion became a new incarnation of the Playboy mansion – an image Kim nurtured by surrounding himself with sports cars and barely-clothed models. Always attentive to his own media image, he placed a gigantic sign spelling out the words “Dotcom mansion” on his premises – making sure everything was on-brand.
He worked out of a 100,000 dollars custom-made bed, attending to his empire and building a reputation in yet another field: professional gaming. At one point, King Kimble was ranked as the world’s top Call of Duty: Modern Warfare 3 player, out of more than 15 million players online. Millions of dollars flowed into his bank accounts, and he used them to buy cars, helicopters and other luxuries – mingling with celebrities and living out his coveted-playboy-lifestyle.
But his behaviour was also getting more and more bizarre. There are pictures of him wearing a Nazi SS helmet, and in 2014 it was revealed that he bought a signed copy of Mein Kampf, Adolf Hitler’s book. Kim was accused of harbouring secret sympathies for Nazi Germany, but according to him, he only bought the book as an investment.
Megaupload
From its very beginning, Megaupload wasn’t just used to share amateur racing videos. The platform became a safe haven for copies of films, tv shows, songs and books. All kinds of illegally downloaded files were shared using Kim’s website. To this day, Kim claims that he was always ready to take down illegal content when asked to by the authorities or the rightful owners – and providing Hollywood studios with the ability to take down content themselves. In practice, it is unclear how attentive Megaupload was to these requests. During the height of the website’s success, the fact that Megaupload was used to share illegal files, including pornography, was an open secret online. A later report in WIRED showed internal emails proving that even Kim’s partners were aware of the piracy taking place on their platform.
In January 2012, the US government, aided by New Zealand’s police, struck back.
One day, at an early morning hour, Kim began to hear strange sounds above his home’s roof. The millionaire had helicopters of his own, but they weren’t supposed to be in the air. Something was off. Within moments, two helicopters descended on the mansion, with 77 officers entering the house simultaneously.
A police officer later told a New Zealand court:
“Despite our staff clearly identifying themselves, Mr Dotcom retreated into the house and activated a number of electronic-locking mechanisms. Once they gained entry into this room, they found Mr Dotcom near a firearm which had the appearance of a shortened shotgun.”
It was probably a tense moment of danger when the cops finally broke into the panic room – but no shots were fired that day. Kim didn’t try to stop the police officers – who searched every corner of his home and seized many valuable items. Nearly 9 million dollars in cash were confiscated, as well as eighteen luxury cars. The racing aficionado had to give up his treasured vehicles – including a pink vintage Cadillac, a ’57 El Dorado and a Rolls-Royce Phantom Drophead Coupe. Eight television monitors and sixty computer servers were also taken. Even Kim’s own helicopter was carried away. Megaupload’s domain name was seized, its servers were taken down – and the empire was crippled at once.
According to the FBI, Kim had a doomsday device allowing him to wipe out the entire contents of Megaupload’s servers from afar – perhaps made for an event like this. For reasons unknown to us, Kim didn’t use it.
After the indictment documents were revealed, it was clear that Kim and his partners were headed toward a long legal fight. The US government alleged that the website was practically a criminal organisation specialising in the distribution of pirated files. According to the prosecutors, Kim and his partners made more than 175 million dollars in proceeds from the distribution of illegal content.
But with his cash money confiscated and his bank accounts frozen – Kim was paralyzed. He didn’t even have the money to pay for his lawyers. When the US government hits you, it hits you hard. This time, there won’t be any suspended sentences.
Revenge of the Kim
A month after his arrest, Kim was released from prison. He still had a looming U.S. indictment to face – but he had no intention of allowing his extradition to take place. Kim appealed to the High Court of New Zealand, which found flaws in the warrants used for the raid. This early victory allowed Kim to access some of his money – and prepare for his legal campaign. He sued the GCSB – New Zealand’s equivalent of the NSA, and also sued the local police for compensation – claiming that the raid on his house was illegal.
This legal odyssey took years. In 2014 Kim won a couple of legal battles, allowing him to keep delaying the extradition – and three years later, he actually managed to get a confidential settlement with authorities. The United States kept pushing for his extradition – but New Zealand courts weren’t eager to streamline the process.
Things soon became political. After a public report proved that Kim was spied on illegally by the government of New Zealand, he managed to get a public apology from the Prime Minister of New Zealand, John Key, who said:
“I apologise to Mr Dotcom. I apologise to New Zealanders because every New Zealander is entitled to be protected from the law when it comes to the GCSB, and we failed to provide that appropriate protection for him”.
Suddenly, public opinion in the country began to sway in Kim’s direction.
In 2014 Kim decided to strike back against the New Zealand government. Surrounded by cheering supporters and journalists with microphones, he started his own political party called the Internet Party, founded a big political alliance called Internet Mana, and recruited allies in Parliament. Now he was the real centre of attention.
“The internet is the biggest gift of mankind”, he told the Guardian. ”The world will witness a moment of truth. We’re about to make history”, he promised in a later event.
Kim aspired to gain enough seats in the Parliament of New Zealand to act as kingmaker – and effectively control the identity of the next Prime Minister. He himself couldn’t stand for Parliament – but he used his money and standing in the media to lead the party as an outside figure.
In the general election, Kim’s party got 1.58% of the votes – not bad for a boy from Germany playing kingmaker in a foreign country, all while facing legal scrutiny, with the threat of imprisonment in the United States still looming over him. But it wasn’t enough: the Internet Party and the Internet Mana alliance failed to win any seats in parlment, and Kim’s plan failed.
Epilogue
This brings us to 2022. Over the last couple of years, despite countless rulings and P.R. stunts, Kim’s fortune seems to have soured. Recently, two of his co-defendants, co-founders of Megaupload, have struck deals with the prosecution.
“I want to congratulate my former friends and partners for having found a case resolution”, said Kim in response. “I’m happy for them. After ten years of U.S. lawfare, I understand why they have given up. I don’t blame them, and I sincerely wish them all the best. I’m now the last man standing in this fight, and I will continue to fight because, unlike my co-defendants, I won’t accept the injustice we have been subjected to. If I have to go to jail for what Megaupload users did on our site, then many Big Tech CEOs are in the same boat with me”.
Extradition and a jail sentence now seem more and more likely. For ten years, Kim managed to hold off the prosecution – but there aren’t many cards left up his sleeve. Once the king of file-sharing, he is now more isolated than ever.
But don’t count Kim Dotcom out just yet. After all, he did the impossible many times: in Germany, in Thailand, in New Zealand with ten years of surprise victories against the United States…And even when he’s facing the worst chances he ever faced, the eyes of the world are still on him. After all, Kim Schmitz, the kid from Kiel who climbed up in the world – was always and still is a Showman. They’ll drag him, screaming and fighting – but Kim won’t fall without a fight – and without a show.
The FBI and CISA issued a joint advisory on Cuba ransomware actors. The advisory is the latest in the government’s #StopRansomware campaign.
Cybereason is excited to announce the creation of a U.S. Government subsidiary, Cybereason Government Inc., dedicated to prevention, detection and response of malicious operations targeting U.S. Government agencies...
The FBI and CISA issued a joint advisory on Cuba ransomware actors. The advisory is the latest in the government’s #StopRansomware campaign.
Cybereason is excited to announce the creation of a U.S. Government subsidiary, Cybereason Government Inc., dedicated to prevention, detection and response of malicious operations targeting U.S. Government agencies...
Get the latest research, expert insights, and security industry news.
Subscribe