Tomás Pedroso, better known as Zambrius among the international hacking community, founded the team of hackers called Cyberteam, which has existed since 2011 but became popular in 2019 and 2020, with attacks in Portugal and Brazil.
They became famous with DDOS attacks, targeting servers, Defacement of Websites, damaging Internet pages, and SQL-Infection, exploiting website vulnerabilities. He has now been sentenced to six years in prison for having committed 28 crimes of aggravated illegitimate access, misuse of data and computer damage within ten months.
The 21-year-old, who lives in Ericeira with his parents and maternal grandmother, was under house arrest between May and November 2020, and it was in this condition that he was arrested by the PJ in November of that year. It took place as part of a joint operation with the Brazilian federal police on suspicion of trespassing on the Superior Electoral Court (TSE) of Brazil, during the first round of municipal elections.
Zambrius had already been arrested in 2017, aged 16, and interned until the age of 18 in an Educational Center: the young man had been involved in an operation conducted by several hackers who had invaded State structures, such as the PJ and the Attorney General’s Office. .
In the judgment of the court that now convicted him of computer crimes, and to which Expresso had access, it is mentioned that his family environment is characterized by “harmony and the existence of bonds of solidarity and mutual help”. Tomás Pedroso was diagnosed with attention deficit hyperactivity disorder and difficulties in socializing.
In Portugal, while under house arrest, he invaded the website of the telecommunications operator MEO, as well as the website of the Portuguese Association of Football Referees, after obtaining the username e password of a member of that association.
In the attack on MEO, the hacker managed to access the databases of that application, “exfiltrated the data, including name and address, of customers contained in sales tables and of door-to-port sales employees”, says the Public Ministry. Zambrius did the same with the table of vendors, containing name, address and companies they worked for, telephone contact, name of the team leader, in a total of 123,325 records.
In March of that year, he illegally accessed the MyBenfica portal, used as a back office for the site of Fundação Benfica, which was used by the site administrators for the management and introduction of content. The hacker made the credentials of 114 club employees available. To restore the security levels on this “My Benfica” portal, it took more than 30 days for Benfica’s cybersecurity operations team to act, forcing the suspension and deactivation of the backoffice access accounts.
Universidade Nova as well as the General Staff of the Armed Forces were also targeted by the 21-year-old. Also, the Jornal da Madeira website did not escape Zambrius’ team, which caused a change in the newspaper’s homepage. On the site appeared an individual with his face covered, wearing a hood and working on a computer, with the message “Hacked by Ciberteam (…) CyberTeam was here!#antiventura André Ventura who f…! The system that f…! Ps: I’m out of patience to write a cute text with fancy words!”
Other public and private entities were attacked, such as the website of the Union of Judicial Employees, the Ministry of Foreign Affairs or the Directorate-General for the Budget.