DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court

Posted on January 29, 2025January 29, 2025 by Dissent

With only two weeks until his trial was scheduled to start, Australian national David Kee Crees informed a federal court in Colorado that he wanted to change his plea to guilty. On January 15, he pleaded guilty to 14 out of 22 counts.

Background

Crees, a 26 year-old Australian, was known online as Abdilo, DR32, Notavirus, Surivaton, and Grey Hat Mafia’s Bitch. As DataBreaches reported in 2022, this site and blogger have been reporting on him since 2015 when his numerous attacks on the education sector caught this blogger’s attention.  Details of his background and information on the 22-count indictment of December 2021 can be found in that 2022 article. As reported at the time, Crees was his own worst witness against him as he repeatedly dealt with an undercover agent.

Although the Australian government granted the U.S. request for extradition in 2022, they did not put him on any plane right away. It wasn’t until February 2024 that Crees first set foot on U.S. soil to be arraigned and detained. He has been detained at FCI-Englewood in Colorado, a low security federal correctional institution with an adjacent minimum security satellite camp and a detention center.

Plea

On January 15, Crees pleaded guilty to Counts 1-14.  That worked out to two counts for each of seven victims:

Counts 1 -7  were violation of  18 U.S.C. §§ 1030(a)(2)(C), 1030(b), 1030(c)(2)(B)(i) & 2:  Access a protected computer without authorization for private financial gain

Counts 8-14 were violation of 18 U.S.C. §§ 1030(a)(5)(A), 1030(b), 1030(c)(4)(A)(i)(I) & 2: Cause damage to a protected computer without authorization, causing loss of at least $5,000

Consistent with U.S. procedures, Crees’ victims were never named in the indictment, but some additional details about them were provided in snippets of Crees’ interactions with the undercover agent.

A transcript of Crees’ plea hearing is not docketed, but sentencing is scheduled for April 23, 2025.

According to the indictment and according to what Crees was told prior to pleading guilty, the penalties for counts 1-7 could be:

  • No more than 5 years imprisonment;
  • No less than one year, but no more than 3 years supervised release;
  • No more than $250,000 fine; and
  • $100 special assessment

The penalties for counts 8 – 14 could be:

  • No more than 10 years imprisonment;
  • No less than one year, but no more than 3 years supervised release;
  • No more than $500,000 fine; and
  • $100 special assessment

It wasn’t stated whether the prison terms would definitely be served concurrently or consecutively. Neither were the fines definite in their maximum amount. Crees noted his understanding that the fines could be more from an alternative fine schedule and statute.  Crees also agreed that he would pay restitution to victims, which was listed as no more than $247,000 in his pre-plea statement.

Neither his pre-plea statement nor the docket for the plea hearing specifically mentions Counts 15-22. It is not clear to DataBreaches whether the prosecution has agreed to drop Counts 15-22, although it seems likely. There is much we may not find out because the government requested orally during the plea hearing that the plea agreement be restricted and the court granted that motion.

This post may be updated if more information becomes available, but DataBreaches suspects we may not find out much more if future filings are under seal because they relate to pre-sentencing reports and positions of the government and defense counsel.

 

Category: HackOf Note

Post navigation

← Personal medical information might have been exposed on Chicago Department of Public Health dashboard
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent (1) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.