Rogue ex-Motorola techie admits cyberattack on former employer, passport fraud

Rogue ex-Motorola techie admits cyberattack on former employer, passport fraud

November 29, 2023 at 08:23PM

Andrew Mahn, ex-Motorola technician, pleaded guilty to passport and wire fraud after launching a cyberattack on the company and attempting to acquire a passport with false credentials while pending trial. Mahn stole Motorola data, including code to unlock radio features, using employee credentials obtained via phishing. Sentencing is set for March next year.

Meeting Takeaways:

1. Andrew Mahn, former Motorola technician, pleaded guilty to passport fraud and wire fraud in federal court.
2. Mahn was previously charged in 2021 for breaking into Motorola’s network and stealing data but attempted passport fraud while awaiting trial.
3. Motorola was identified in the court documents as “Company A,” with Mahn accused of targeting the company through phishing emails and stealing login credentials.
4. He infiltrated Motorola’s IT network, accessing their Bitbucket repository and stole source code linked to radio equipment, estimating a value of up to $175 per radio.
5. Investigators were able to trace Mahn’s cyberattack to a Comcast IP address associated with his Massport work email and his personal accounts.
6. A grand jury indicted Mahn on multiple offenses related to the cyber intrusion at Motorola in October 2021.
7. While on pretrial release, Mahn attempted to acquire a passport using a fake name, false identification, and citing a fabricated family emergency in Germany, presumably to flee the country.
8. Mahn is scheduled for sentencing in March, facing a maximum of 20 years for wire fraud, and a possible 10 years for passport fraud, both with substantial fines.

Actions Required:
– Monitor the sentencing phase of Mahn’s trial in March for final outcomes.
– Ensure updates on Mahn’s case are communicated to relevant parties involved with Motorola’s security and legal proceedings.
– Reinforce cybersecurity measures and employee training on phishing to prevent similar incidents.
– Review the process for monitoring telemetry and network security to identify and mitigate unauthorized access.

Full Article