Second Defendant Pleads Guilty To Hacking Fantasy Sports And Betting Website

Damian Williams, the United States Attorney for the Southern District of New York, announced the guilty plea today of KAMERIN STOKES, a/k/a “TheMFNPlug,” in connection with a scheme to hack user accounts at a fantasy sports and betting website (the “Betting Website”) and sell access to those accounts in order to steal hundreds of thousands of dollars from them.  STOKES pled guilty today to conspiracy to commit computer intrusion before U.S. District Judge Naomi Reice Buchwald.

U.S. Attorney Damian Williams said: “With today’s guilty plea, this Office has successfully prosecuted a second member of a scheme to hack fantasy sports and betting accounts and sell access to them online.  Kamerin Stokes and his co-defendants greedily lined their own pockets by profiting off of harmful hacks that drained victims of hundreds of thousands of dollars and erode the public’s trust in online platforms.  Hackers and cybercriminals who sell stolen information online should be warned that this Office is watching and will continue to protect internet-users from malicious actors.” 

According to the charging documents and other filings and statements made in court

On or about November 18, 2022, several individuals launched a “credential stuffing attack” on the Betting Website.  During a credential stuffing attack, a cyber threat actor collects stolen credentials, or username and password pairs, obtained from other large-scale data breaches of other companies, which can be purchased on the darkweb.  The threat actor then systematically attempts to use those stolen credentials to obtain unauthorized access to accounts held by the same user with other companies and providers in order to compromise accounts where the user has maintained the same password.  Here, in connection with the attack on the Betting Website, there was a series of attempts to log into the Betting Website accounts using a large list of stolen credentials.

Those individuals successfully accessed approximately 60,000 accounts at the Betting Website (the “Victim Accounts”) through the credential stuffing attack.  In some instances, the individuals who unlawfully accessed the Victim Accounts were able to add a new payment method on the account, deposit $5 into that account through the new payment method to verify that method, and then withdraw all the existing funds in the Victim Account through the new payment method (i.e., to a newly added financial account belonging to the hacker), thus stealing the funds in the Victim Account. 

Access to the Victim Accounts were sold on various websites that traffic in stolen accounts, which are frequently referred to as “Shops.”  STOKES controlled his own Shop, used the alias, “TheMFNPlug,” and purchased Victim Accounts in bulk.  STOKES obtained Victim Accounts from the Betting Website with a total listed account value of over $125,000 and then offered access to those accounts for sale on his Shop.

*                *                *

STOKES, 21, of Memphis, Tennessee, pled guilty to one count of conspiracy to commit computer intrusion, which carries a maximum sentence of five years in prison.

The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.  STOKES is scheduled to be sentenced by Judge Buchwald on August 15, 2024, at 11:00 a.m.

Mr. Williams praised the outstanding work of the Federal Bureau of Investigation. 

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorneys Kevin Mead and Micah Fergenson are in charge of the prosecution.