Black market for buy and sell university exams. This young man earned £20,000 with each transaction

Hayder Aljayyash appeared to be just a systems student at the University of Wales, although an investigation would reveal many secrets about him. According to British authorities, the 29-year-old is responsible for the cyberattack on some computers at the university, which he was doing in order to sell exam answers to other students. 

Cardiff authorities mentioned that Aljayyash, of Iraqi origin, managed to evade detection thanks to the use of sophisticated hacking techniques, acting in collaboration with his roommate to search and contact students interested in the information sold. Aljayyash was sentenced to 20 months in prison, while his accomplice will spend 9 months on probation.

Apparently the improper intrusion into these systems was detected by Liam Harris, a professor of mathematics at the University of Wales, while scoring some exams a couple of years ago. It became obvious to the teacher that his students were answering the exams by copying the same scheme of solutions.

In total, five students were found using the same test, even copying spelling errors into Professor Harris’ original documents. After this finding the University created a team to investigate the possible intrusion into internal systems.

Subsequently, this team managed to identify an IP address linked to a house on Brook Street, the place of residence of the defendants. Both were studying at the university’s faculty of engineering and computer science. In May 2019, authorities arrested the individuals, in addition to confiscating multiple USB sticks and a laptop where multiple files matching the stolen exams were stored.

During his hearing, Aljayyash mentioned winning around £20,000. The defendant also commented that a certain student paid almost £7,000 in exchange for exam answers; on the other hand, Aljayyash paid his accomplice between £300 and £400 for each new client he contacted.

Finally, the University’s administration claims that stopping the intrusion and implementing new security measures will cost more than £100,000, which they hope to settle with part of the profits made by the hacker.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.