KC Man Hacked Computers to Pitch For Cybersecurity Services Pleaded Guilty

A Kansas City man has admitted to infiltrating a nonprofit organization’s computer network using sophisticated hacking techniques in what authorities describe as an elaborate scheme to demonstrate cybersecurity vulnerabilities. 

Nicholas Michael Kloster, 32, pleaded guilty on Wednesday to federal computer fraud charges, revealing how he exploited system weaknesses to potentially market his cybersecurity services.

Summary
1. Nicholas Kloster, 32, a Kansas City man pleaded guilty to hacking a nonprofit's computer network on May 20, 2024.
2. Used boot disk to bypass passwords, accessed multiple accounts, and installed VPN for remote network access.
3. Cyberattack likely intended to demonstrate vulnerabilities and pitch his cybersecurity services.
4. Faces up to 5 years prison, $250,000 fine, and mandatory restitution to the nonprofit organization.

Boot Disks, Hashes, and VPNs Bypass

Kloster’s cyberattack employed multiple technical methodologies that demonstrate significant knowledge of computer security systems. 

On May 20, 2024, he physically infiltrated the nonprofit’s premises, gaining unauthorized access to restricted areas not available to the public. 

Court documents reveal that Kloster utilized a boot disk, a specialized storage device containing an operating system that can bypass normal computer startup procedures to gain administrative control over the target machine.

The defendant specifically leveraged this boot disk technology to access the computer through multiple user accounts simultaneously, effectively escalating his privileges within the network infrastructure. 

By manipulating the system’s authentication protocols, Kloster circumvented existing password requirements through direct password modification techniques. 

This process, known as password hash manipulation, allowed him to alter credentials assigned to legitimate users without triggering standard security alerts. 

The technical sophistication of this approach suggests familiarity with penetration testing methodologies commonly used in legitimate cybersecurity assessments.

Following his initial system penetration, Kloster established persistent access by installing a Virtual Private Network (VPN) on the compromised computer. 

This VPN installation created an encrypted tunnel that would allow remote access to the nonprofit’s internal network infrastructure from external locations. 

Such techniques are typically associated with Advanced Persistent Threats (APTs), where attackers maintain long-term access to compromised systems for ongoing surveillance or data exfiltration purposes.

The VPN implementation effectively created a backdoor into the organization’s network, potentially exposing sensitive donor information, financial records, and operational data. 

This type of network intrusion represents a serious violation of the Computer Fraud and Abuse Act (CFAA), as it involves unauthorized access to protected computer systems with the intent to cause damage or obtain information.

Federal Sentencing 

Under federal cybercrime statutes, Kloster faces substantial penalties reflecting the severity of his unauthorized network intrusion. 

The court may impose up to five years imprisonment in federal prison without parole, financial penalties reaching $250,000, and up to three years of supervised release following incarceration. 

Additionally, the defendant faces mandatory restitution orders to compensate the nonprofit organization for remediation costs and operational disruptions caused by the security breach.

The United States Probation Office will conduct a presentence investigation to determine the final sentencing decision, which will be made once the comprehensive background review process is completed.

Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions -> Try ANY.RUN now