Company Held Hostage: IT Admin Redirects Company Website To Porn In Blackmail Attempt

A former information technology administrator was sentenced to four years of federal probation and hit with a large fine after being found guilty of sabotaging his former employer by hijacking the company website and redirecting it to a pornographic website.

The sentencing was announced by the United States Department of Justice on Tuesday following the conclusion of the trial of Travis Tso, the former IT administrator for an unnamed company operating out of Phoenix, Ariz.

Back in 2011, Tso renewed the company’s web hosting account with GoDaddy. Four years later in May 2015, the company attempted to update its contact information and requested the login information from Tso. Instead of providing it, he lied and claimed he didn’t have it.

After claiming not to have access, Tso hijacked the website domain by creating a two fake Microsoft accounts and transferring ownership to himself while moving control of the site between the two accounts to disguise his actions. Logs included in the charges against Tso show multiple logins between a two week period in May and June 2015 when he changed domain ownership.

With the domain under his control through a rogue account, Tso began his attempt to try to blackmail his employer. First, he made the home page for the company site blank, wiping out any pertinent information that a customer may be searching for. The IT administrator also blocked employees from accessing their work email accounts.

Tso was seeking a ransom payment of $10,000 to relinquish control of the website hand return ownership back to the company. The company refused, and Tso decided to increase the stakes by redirecting the business’ domain to a pornographic website.

The website continued to redirect visitors to the graphic site for several days before it was returned to normal. It’s unclear why Tso ended the domain redirect despite not receiving the ransom he demanded.

Despite the apparent change of heart, law enforcement did eventually get involved in the case. The FBI eventually tracked down Tso and connected him to the blackmail attempt after returning ownership of the site to the company.

His former employer decided to bring a criminal charge against Tso, and the IT expert was charged with wire fraud under the Computer Fraud and Abuse Act. As part of a plea deal, Tso will have to serve four years of federal probation and was ordered to pay $9,145 in damages to the company.

Interestingly, the prosecutors in the case decided not to seek any sort of prison sentence. In a sentencing memorandum, assistant United States Attorney Matthew Binford wrote :

“Given the fact that this appears to be a one-time lapse in judgment, a term of probation is the best way to address the seriousness of this offense, while affording adequate deterrence to future criminal conduct and protecting the public from future crimes.”

The charge under the CFAA was also dropped as part of the plea deal.