A report by Vincent Monnier in a French news magazine, L’OBS, claims that an alleged member of ShinyHunters was arrested on June 1 as he attempted to board a flight at Rabat to Brussels. In translation, the report says:
Arrested on June 1 at Rabat airport, Sébastien Raoult, a 21-year-old Frenchman from Epinal is claimed by American justice. The FBI suspects him of belonging to a group of hackers who recently hit the headlines. Four other people were reportedly interviewed in France at the request of the United States.
Raoult was reportedly detained because of a “red notice” issued by Interpol at the request of a Washington State prosecutor. Interpol’s site indicates that there are currently approximately 69,270 valid Red Notices, of which some 7,500 are public. A check of public ones did not return any results for Raoult.
Monnier reports that Raoult, who is known as Sezyo,
has been in the crosshairs of FBI agents for several months. The latter suspect him of being “one of the important members” of the ShinyHunters hacker group.
When asked about the arrest and Raoult, ShinyHunters told DataBreaches that they have no knowledge of Raoult aka “Sezyo” or any recent arrest of anyone connected to ShinyHunters. Nor have they personally been questioned by anyone in law enforcement, they also tell DataBreaches.
Raoult’s Twitter timeline reveals a young man who does not seem particularly concerned about opsec, as he uploaded a number of videos and pictures.
At this point, there is no confirmation from the FBI or DOJ and a search of PACER for court filings with Raoult’s name return no results (which may simply mean that there is a sealed case at this point).
As FranceBlue reports, Raoult’s lawyer sees a reported extradition request as some kind of legal nonsense:
“It’s a huge problem. This case falls under French jurisdiction because the acts were allegedly committed in France by people of French nationality. And yet, it is the United States, which is claiming this case”, proclaims Philippe Ohayon, the young man’s lawyer.
It may not seem to be nonsense for the country where the victims reside to want to prosecute on their home turf, but we have seen mixed results on other extradition requests (e.g., the U.K. declined to extradite Lauri Love to the U.S. but did extradite Nathan Wyatt), and Yevgeniy Nikulin was extradited from the Czech Republic to stand trial in the U.S. even though Russia tried to claim that he should be extradited there. Both Wyatt and Nikulin are currently in U.S. prisons.
Seeking extradition of a French citizen will not be an easy ask, as France generally refuses to extradite young people for hacking charges that could be tried there less punitively. None of the French citizens charged as part of GnosticPlayers have been extradited to the U.S. At this point, though, the U.S. is seeking extradition from Morocco.
But claims being repeated in French media that Raoult could be facing 116 years in prison should he be extradited here should not be taken seriously. Prosecutors may try to intimidate defendants into plea deals by dangling such big numbers as possibilities, but they are not realistic at all.