An autistic British teenager who was a key member of the international hacker gang Lapsus$ and leaked 90 clips of the yet-to-be-released game Grand Theft Auto 6 (GTA6) was involuntarily committed to a secure hospital on Thursday. The court specified that he should remain there until doctors deem him no longer dangerous.
While in custody, 18-year-old Arion Kurtaj of Oxford demonstrated violent behavior and damaged property, multiple news outlets reported. Following an assessment, the teen was deemed “not fit to stand trial” due to a medical diagnosis of acute autism, so the jury was instructed to decide if he had carried out the incursions, according to a City of London police press release published Thursday.
The Guildford Crown Court judge who sentenced Kurtaj took into account his mental health assessment, which said the teen “continued to express an intention to return to cybercrime as soon as possible” and was “highly motivated” to do so, according to British media.
Kurtaj was arrested in January and March of 2022 and charged with involvement in hacking activities; both times he was released on bail. In April and September 2022, Kurtaj was charged with six violations of the Computer Misuse Act, three counts of blackmail, two counts of fraud and failing to disclose a password that allows access to electronic data to legal authorities, according to police.
In September 2022, he was staying in a hotel under police surveillance. Despite having only a TV, a phone, and an Amazon Firestick streaming device, he managed to break into the corporate messaging system of GTA6 developer Rockstar Games, where he began threatening the company.
“If Rockstar doesn’t contact me on Telegram within 24 hours, I will start revealing the source code,” his message read. The young hacker then posted snippets of the game, which is expected to be released in 2025, and its code. The company reportedly told the court that recovering from this attack would cost it $5 million.
The hacker group Lapsus$ is believed to be involved in numerous attacks on a range of companies, including telecoms, a computer parts manufacturer and game makers, between August 2020 and September 2022. Tech giants such as Nvidia, BT/EE, Uber, Revolut, and Rockstar Games were among those affected.
The police also said that another 17-year-old Lapsus$ member, whose name is being withheld for legal reasons, was found guilty of computer misuse and blackmail in the same trial. He was sentenced to a youth rehabilitation center with 18 months of supervision.
You can share this story on social media: