The 18-year-old GTA 6 hacker, Arion Kurtaj, has been sentenced to life in a hospital prison for his role in stealing and releasing confidential material related to Grand Theft Auto 6 (GTA 6).
The GTA 6 hacker sentencing, which came after a trial associated with cybercrimes linked to the hacking group Lapsus$ ransomware group, has turned into a nightmare for companies associated with the breach.
Kurtaj’s arrest took place in Oxford in September 2022, following a series of cyber intrusions that culminated in the unauthorized release of in-development footage from Rockstar Games, the creators of GTA 6.
The leaked material, comprising 90 clips of the highly anticipated game, stirred widespread controversy and prompted legal action against the young hacker.
GTA 6 Hacker Sentenced to Life in Hospital
During the trial, Kurtaj pleaded not guilty to charges related to breaching Uber and Nvidia, in addition to the high-profile leak of GTA 6 material. The court, however, found him guilty, and the judge emphasized the ongoing risk he posed to the public due to his cybercrime skills and intent.
The sentencing revealed that Kurtaj, who exhibited violent behavior while in custody, has been deemed unfit to stand trial due to his autism. The court relied on a jury to determine whether he committed the alleged acts, irrespective of criminal intent, given his mental health condition.
The GTA 6 hacker sentencing included a mental health assessment that indicated Kurtaj’s continued intent to engage in cybercrime. Despite being under police protection at a Travelodge hotel, he managed to carry out his most notorious GTA 6 hack by breaching Rockstar via basic tools like a TV and Amazon Fire TV Stick.
The GTA 6 Data Leak Saga Finally Closes
His threat to release the source code if Rockstar did not contact him within 24 hours added a layer of urgency to the situation. Posting the clips and source code on a forum under the username “TeaPotUberHacker,” Kurtaj triggered a series of events that ultimately led to his rearrest and detention until the trial.
Along with Kurtaj, another Lapsus$ member, a 17-year-old whose identity remains undisclosed for legal reasons, was found guilty in the same trial. This member faced charges of fraud, Computer Misuse Act offenses, and blackmail, resulting in a youth rehabilitation order.
The cyber attacks orchestrated by the Lapsus$ ransomware group between August 2020 and September 2022 affected various entities, including a telecoms company, a computer parts manufacturer, and gaming companies. The broader implications of Lapsus$ ransomware attack, especially involving young individuals, highlight the growing risk of young hackers — who often commit crimes without releasing them.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.