Northern Ireland

Teenager who created a computer virus which attacked police and financial websites gets suspended sentence

Josh Maunder
Josh Maunder

A CO Down teenager has received a suspended sentence for creating a computer virus which attacked police and financial institution websites.

Josh Maunder (19), of Abbey Park, Bangor, had pleaded guilty to a total of 19 charges which included 13 counts of unauthorised act impairing the operation of a computer, making an article intended to be used for computer misuse, obtaining an article to commit an offence and possessing articles in connection with fraud.

Maunder also admitted single counts of conspiring to commit an unauthorised act and supplying an article to be used in computer misuse.

All of the offences were committed between December 1, 2017 and September 13, 2018 when he was aged 15.

He received a 20-month prison sentence suspended for three years.

Downpatrick Crown Court, sitting in Belfast, heard how Maunder created a "distributed denial of service (DDOS) attack which is a form of "cyber attack'' in which target websites are "flooded with requests so they become overloaded and cease to function''.

Prosecution counsel David McNeill told the court that the investigation was sparked after online gaming company had been bombarded with DDOS attacks in 2018 which cost them $61,000 US dollars.

"The company identified the attacker as using the name 'Metzi' who posted abuse and threats on's chatroom.''

Internet research by the company found YouTube videos of the defendant using the 'Metzi' name and "speaking with a Northern Ireland accent'. It made a complaint to Action Fraud who passed it to the PSNI.

Mr McNeill said that on September 13, 2018, police searched Maunder's home who was "at his computer and in control of the online programme '' which co-ordinated the DDOS attacks''.

Police seized his computer and his phone and during interviews he made "full and frank admissions'' to his offences, admitting he knew DDOS attacks were illegal and had carried out "hundreds of attacks''.

One data file showed that '' had been used in 10,763 DDOS attacks between January and March 2018 by 857 users, which included his customers who paid money into his Paypal account.

The prosecution lawyer added that other websites targeted for DDOS attacks were the Nationwide Building Society,, the US Department of Justice, Nuclear Fallout servers, a Czech police force and a server hosting an amateur boxing match.

Maunder told the Probation Service that he was not motivated by financial greed, that he only made a small amount of money which he spent on "running the website and on takeaway food''.

Defence counsel David McDowell KC said Maunder had a previous clear record and has no matters pending.

Judge Geoffrey Miller KC acknowledged Maunder had been "frank and honest'' at police interview during which he expressed remorse for his crimes.

Following the sentencing Detective Sergeant McCarragher said:

"In this case, the defendant was involved in targeting and crashing a vast range of websites worldwide, including a gaming company causing a substantial loss, a financial company, numerous police public information websites, a human rights group and also had involvement in organising an orchestrated Cyber-attack on a pay-per-view celebrity boxing event.

"Further to this, he was in possession of malicious software and managed an online community of peers engaged in prolific computer misuse offences which was also successfully impacted by the investigation.

"This should send a clear message to those involved in this type of crime that they will be vigorously pursued and brought before the courts to face the consequences of such activity."