Officials said Livingston began the business as early as 2011 and specialized in sending spam emails for his clients.
NEWARK – A Whole Lot of Nothing made a whole lot of something – $1.3 million from an email hijacking scheme, officials said Thursday.
Timothy Livingston, 31, of Boca Raton, Florida, pled guilty Thursday to operating a spam email business, A Whole Lot of Nothing, LLC, and illegally generating more than a million dollars by hacking customer email accounts, U.S. Justice Department attorneys said.
Livingston faces up to 10 years in prison once he is sentenced Jan. 27, 2017 for numerous counts of fraud and aggravated identity theft, said U.S. Attorney Paul J. Fishman and Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division.
The two attorneys also said Livingston agreed to pay back $1,346,442 and relinquish a 2009 Cadillac Escalade and 2006 Ferrari F430 Spider he bought with the illegal funds.
Livingston began the business as early as 2011 and specialized in sending spam emails for his clients, Fishman and Caldwell said.
Fishman and Caldwell said some of Livingston’s customers included insurance companies that wanted to send mass emails to advertise, and illegal groups, such as online pharmacies that sold narcotics without prescriptions.
Livingston said in court he recruited New Jersey resident Tomasz Chmielarz, 33, of Rutherford, to code at least three computer programs that would send spam, hack email accounts and hijack a corporate website’s servers, Fishman and Caldwell said.
ALSO: Hyundai, Kia to pay NJ $1.6M in settlement
The attorneys said Chmielarz wrote the computer programs in a way that shot past most spam filters and hid the origin of the emails.
Livingston successively used Chmielarz’s work to send spam while also relying on proxy servers and botnets, which hid the origin of the spam and evaded filters, Fishman and Caldwell said.
The two brains behind the scheme also created custom software intended to hack into customer email accounts of a company Fishman and Caldwell only identified as “Corporate Victim 1” in the indictment.
Livingston said in court he used a customer’s username and password that was protected under the first corporate victim’s security setup.
CRIME: Pumpkin thieves hit Wayne farm
When Livingston and Chemielarz hacked into customer emails, Fishman and Caldwell said Livingston sent out massive amounts of spam without labeling himself as the sender.
The two men targeted “Corporate Victim 2” when they created another one-of-a-kind program that took over a company’s website so Livingston could send clients spam that appeared to be from the company, Fishman and Caldwell said.
In addition to prison time, Livingston faces a fine of $250,000, or twice the gross gain or loss from the offense, the attorneys said. Fishman and Caldwell sai dChiemielarz pled guilty to his role in the scheme on June 2 and awaits sentencing.