U.S. prosecutors indicted Swiss national Till Kottmann, also known as "deletescape" and "tillie crimew," on charges including conspiracy, wire fraud, and aggravated identity theft for allegedly hacking dozens of companies and government entities, stealing confidential data and credentials, and publishing material from more than 100 victims online. The indictment says the activity began in 2019 and included intrusions into source code repositories and other systems at major organizations including Microsoft, Intel, Nintendo, Nissan, Daimler, Disney, a Washington state agency, and a U.S. government contractor; the FBI also seized the git.rip domain that investigators said was used to leak stolen data.
The case also linked Kottmann to the high-profile Verkada intrusion, in which exposed super-admin credentials were allegedly used to access more than 150,000 surveillance cameras at prisons, hospitals, warehouses, schools, and Tesla facilities. U.S. authorities, working with Swiss counterparts, said search warrants were executed in Lucerne and devices were seized, while media reports noted Kottmann had described the attacks as anti-capitalist hacktivism and "easy" acts of anarchism; prosecutors instead characterized the campaign as criminal theft, fraud, and identity abuse affecting both private companies and public-sector targets.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
In March 2021, Swiss authorities executed search warrants tied to the U.S. investigation and raided Kottmann’s premises in Lucerne, seizing devices.
The FBI seized a website domain allegedly used by Kottmann’s group to publish hacked data from more than 100 victim entities online. The seized platform was identified in reporting as git.rip.
According to the indictment, Till Kottmann and co-conspirators engaged in computer intrusion, credential theft, and data theft activities beginning in 2019 and targeting dozens of companies and government entities.
On 2021-03-18, a federal grand jury in the Western District of Washington indicted Swiss national Till Kottmann on charges including conspiracy, wire fraud, and aggravated identity theft related to alleged intrusions and data theft.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
7 references tracked. Mallory keeps watching after this page renders.
web.archive.org
Open sourcethehill.com
Open sourcegizmodo.com
Open sourcewashingtonpost.com
Open sourceforbes.com
Open sourcetheverge.com
Open sourcejustice.gov
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.