Andrew Mahn, a 28-year-old former technician at Motorola and resident of Derry, New Hampshire, recently appeared in federal court facing serious legal challenges. Mahn confessed to attempting to acquire a fraudulent passport, compounding his existing legal troubles stemming from a cyberattack on his former employer, Motorola.
In a federal court proceeding, Mahn entered a guilty plea to charges of passport fraud and wire fraud. The latter charge relates to his unauthorized access to Motorola’s network. His sentencing is scheduled for next March.
Stay One Step Ahead of Cyber Threats
The initial charges against Mahn date back to 2021, when he was indicted for infiltrating Motorola’s computer systems and exfiltrating sensitive data. In the indictments, prosecutors initially referred to Motorola as “Company A,” though it was later explicitly identified in court, supported by a victim impact statement from Motorola.
Following his tenure at Motorola, Mahn was employed by the Massachusetts Port Authority (Massport). During this period, he executed a phishing scheme targeting 31 Motorola employees, sending emails containing a malicious link to a counterfeit Motorola payroll website. His objective was to capture their corporate login credentials.
After obtaining these credentials, Mahn employed further deceptive tactics. He dispatched text messages mimicking security verification requests to obtain multi-factor authentication codes from at least one employee. Utilizing these codes, he accessed Motorola’s IT network, breached their Bitbucket repository, and acquired vital source code related to radio equipment features, each valued at approximately $175.
Mahn attempted to obscure his activities using anonymized IP addresses from Amazon Web Services. However, investigators successfully traced the activities back to a Comcast IP address and his Massport email account.
Passport Fraud
Adding to his legal troubles, while out on bail, Mahn submitted a passport application under a fictitious name but used his own photograph. He even contacted U.S. Senator Maggie Hassan, seeking expedited processing for the passport, under the pretense of needing to travel to Germany for a family emergency, which was later revealed to be nonexistent.
Mahn now awaits sentencing, facing a potential maximum of 20 years imprisonment for wire fraud and an additional 10 years for passport fraud, alongside significant financial penalties. A remarkable turn of events indeed.
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
