Man gets 30 months for selling thousands of hacked DraftKings accounts

Summary

Kamerin Stokes, 23, was sentenced to 30 months in prison for operating a shop that resold access to tens of thousands of hacked DraftKings accounts obtained through a November 2022 credential-stuffing attack by Nathan Austad and Joseph Garrison. The conspiracy resulted in approximately $635,000 stolen from roughly 1,600 compromised accounts, with attackers making over $2.1 million selling hijacked accounts across multiple platforms. Despite pleading guilty and being released pending trial, Stokes audaciously reopened his criminal operation with a "fraud is fun" tagline before being remanded into custody.

Full text

Man gets 30 months for selling thousands of hacked DraftKings accounts By Sergiu Gatlan April 17, 2026 03:10 AM 0 23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts. According to court documents, the accounts were hijacked by Nathan Austad (aka Snoopy) with the help of Joseph Garrison (a third accomplice charged in May 2023) in a massive November 2022 credential-stuffing attack that compromised nearly 68,000 DraftKings accounts. U.S. prosecutors said Austad and Garrison used a list of credentials stolen in multiple breaches to hack into DraftKings accounts, then sold access to others who stole around $635,000 from roughly 1,600 compromised accounts. While they made over $2.1 million selling some of these hijacked DraftKings accounts (as well as FanDuel and Chick-fil-A accounts) through their own "shops," they also sold many in bulk to Stokes (also known online as TheMFNPlug), who resold them through his own "shop." One month later, the sports betting giant said it had to refund hundreds of thousands of dollars stolen from hacked accounts, after all available funds were withdrawn following the addition of a new payment method and a $5 deposit to verify its validity. DraftKings "cash-out" instructions (BleepingComputer) ​After being arrested, pleading guilty, and released while awaiting trial, Stokes reopened his shop with a new "fraud is fun" tagline and continued selling access to compromised accounts for various retailers. Prosecutors said he also admitted "he had been running these types of shops for three years" and that he relaunched the shop because he needed money to pay his attorney. "Kamerin Stokes victimized thousands of users of an online betting website though [sic] a cyberattack," U.S. Attorney Jay Clayton noted in a Thursday press release. "After pleading guilty to federal crimes, Stokes audaciously reopened his criminal business, marketed using the tagline' fraud is fun,' and said that he opened the new Shop in part because 'gotta pay my attorneys,' referring to his prosecution in this case." After reopening his website, Stokes was again remanded into federal custody after being arrested for violating the conditions of his pretrial release. In addition to 30 months in prison, Stokes was given 3 years of supervised release and ordered to pay $1,327,061 in restitution and $125,965.53 in forfeiture. 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. Claim Your Spot Related Articles: US charges two more suspects with DraftKings account hacksAmtrak resets user passwords after Guest Rewards data breachUS nationals behind DPRK IT worker 'laptop farm' sent to prisonMicrosoft pays $2.3M for cloud and AI flaws at Zero Day QuestMicrosoft increases Zero Day Quest prize pool to $5 million

Indicators of Compromise

• malware — credential-stuffing attack

Entities