Originally, being a «ShinyHunters» is nothing criminal. The name denotes a type of player from Pokémon, the cult Japanese franchise. But in recent years and the arrest of one of its alleged representatives, the term evokes a completely different community, accused by American justice of being the author of numerous hacks around the world. Since «at least 2019», its «prolific» members, including several French people, have targeted more than sixty companies, reselling their data at exorbitant prices.
The American authorities are calling in particular for the extradition of a 21-year-old student from Epinal, Sébastien Raoult, imprisoned since June 2 in the prison of Tiflet 2, near Rabat. He is liable to a sentence of 116 years in prison in the United States for his alleged involvement in a case of cybercrime targeting in particular a subsidiary of Microsoft Github. According to the American indictment sent to Morocco and consulted by AFP, American justice issued an arrest warrant against Sébastien Raoult on June 23, 2021, accusing him in particular of «electronic fraud» and «theft of serious identity».
According to another American court document, consulted by Le Monde, Sébastien Raoult alone, the value of this data would amount to millions of dollars. The cybersecurity site Interl471 specifies for its part that the ShinyHunters would also have attacked companies such as Pixlr, Bonobos, PDF Nitros, Tokopedia or Big Basket. The IP address of a certain Sezyo was discovered during the American investigation and attributed to Sébastien Raoult.
According to Le Monde, the ShinyHunters operated by phishing. This is to usurp the identity of a relative, to get in touch with targeted people in order to extract their access to the servers of the targeted companies. Other pirates also copy the appearance of a site, so that the victims enter their passwords there, and thus bequeath them to their executioners. The ShinyHunters allegedly first contacted the targeted developers via email, luring staff to fake sites.
According to American justice, the ShinyHunters would be linked to other French accused of hacking a cryptocurrency platform in June 2019, named GateHub. The cybercriminals had seized 9.5 million euros. Among the accused at the time was Gabriel K.A-B, a 23-year-old young man from Tarbes who suffered from Asperger’s syndrome, according to Le Parisien. According to the newspaper, the culprits of these thefts would have bought several luxury cars with the money from the heist.
Gabriel B had notably hacked the broadcaster Vévo, before being declared criminally irresponsible for the case. According to Le Monde, he was interviewed by the Central Office for the Fight against Crime Related to Information and Communication Technologies, in parallel with the arrest of Sébastien Raoult in Morocco.
In a decision rendered on July 20, the Court of Cassation of Morocco took a first step towards the extradition of Sébastien Raoult, declaring itself «favorable». The extradition itself can only be decided «by the Prime Minister on the proposal of a commission also bringing together the Ministers of Foreign Affairs and Justice», specified a Moroccan source familiar with the matter.
This decision «strengthens us in our determination to obtain the extradition to France of Sébastien Raoult», reacted to AFP his lawyer Me Philippe Ohayon. This opinion of the Moroccan justice «means that there is little time left for France to officially regain control of a file that it has been subcontracting for years to the Americans», reacted the father of the young man, Paul Raoult. , joined by AFP. The latter urged Emmanuel Macron to repatriate him to France.