Torrance, Cali. resident Billy Ribeiro Anderson - also known as Anderson Albuquerque or AlfabetoVirtual” pleaded guilty on Tuesday to obtaining unauthorized access to government websites and defacing them over the course of more than four years.
Geoffrey Berman, the United States Attorney for the Southern District of New York, announced that Anderson has admitted to “obtaining unauthorized access to, and committing more than 11,000 defacements of, various U.S. military, government, and business websites around the world under the online pseudonym ‘AlfabetoVirtual’ from 2015 through March this year.
“Website defacements are acts of computer intrusion in which a hacker obtains unauthorized access to computers hosting Internet websites and then replaces the publicly available contents of the website with content generated by the hacker, thereby ‘defacing’ the website. Hackers frequently claim responsibility for defacements by listing their online pseudonyms as part of the defaced content,” Berman noted.
Berman said that on July 10, 2015, a website owned by the New York City Comptroller was defaced, and Anderson took responsibility. The contents of the website were modified to display the text “Hacked by AlfabetoVirtual,” “#FREEPALENSTINE,” and, “#FREEGAZA.” The hack was performed by exploiting security vulnerabilities associated with the version of a plugin being used on the website.
On Oct. 4 the following year, Anderson admitted to hacking the Combating Terrorism Center at West Point. Berman said the content of the Combating Terrorism Center website was modified to display the text “Hacked by AlfabetoVirtual.” The defacement was performed by an unauthorized administrative account that exploited a known cross-site script vulnerability, thereby enabling Anderson to bypass access controls and target an internal Combating Terrorism Center website address.
Berman noted that Anderson “also committed unauthorized intrusions of thousands of web servers located around the world by surreptitiously installing malicious code on victim web servers that provided Anderson with administrative rights to the victimized web servers, thereby enabling Anderson to commit defacements and to maintain persistent unauthorized access to the victimized web servers.”
Anderson, 41, has pleaded guilty to two counts of computer fraud for causing damage to a protected computer, each of which carries a maximum sentence of 10 years in prison. He is scheduled to be sentenced on Feb. 13 next year.
“Billy Anderson hacked the websites of the New York City Comptroller and West Point, one of the most prestigious military academies in the world,” Berman said. “He has now pled guilty to those crimes and faces time in federal prison. This case demonstrates that those who seek to commit cyber intrusions of government websites will be prosecuted to the fullest extent of the law.”
Click here to follow Daily Voice Poughkeepsie and receive free news updates.