Simple Mistake Leads to the Capture of Notorious Hacker Jesse Kipf
In a surprising turn of events, Jesse Kipf, a hacker known for his extensive technical knowledge and criminal exploits, was apprehended by the FBI after a simple yet critical mistake. On January 20, 2023, a doctor’s user account logged into Hawaii’s electronic death registration system from out of state to certify Kipf’s death. The death certificate, which falsely claimed he died from COVID-19, was posted online by a hacker known as FreeRadical, who attempted to profit from the exploit.
However, FreeRadical made a significant oversight by failing to remove Kipf's date of birth and leaving a fragment of the state government seal visible in the screenshot. This error caught the attention of Austin Larson, a senior threat analyst at Google’s cybersecurity firm Mandiant, who was monitoring cybercrime forums as part of his intelligence gathering.
Upon discovering the post, Larson notified Hawaii state officials, leading to a federal investigation that revealed Kipf had faked his death to evade approximately $116,000 in child support payments. Prosecutors described him as a “serial hacker” who had previously hacked into systems across three states and two hotel supply chain companies.
Kipf’s downfall was further compounded by his use of a home internet connection to access the Hawaii death registration system without utilizing a VPN, which ultimately exposed his IP address, leading to his arrest in Somerset, Kentucky. Investigators also found evidence of his attempts to evade child support payments in his Google browsing history.
Charged with multiple hacking crimes, Kipf’s criminal activities included credit card fraud and identity theft, utilizing stolen credentials from a data-stealing program known as InfoStealer. He was sentenced to 81 months in federal prison, highlighting the consequences of his reckless actions and the importance of cybersecurity vigilance.
