Elliott Gunton

Early Offenses and the TalkTalk Data Breach

Elliott Gunton, born around 1999 and operating under the online pseudonyms Glubz and planet, first came to the attention of law enforcement in connection with the October 2015 TalkTalk data breach. On 21 October 2015, Gunton carried out what was described as a "sustained cyberattack" against the British telecommunications company TalkTalk, exfiltrating the names, addresses, email addresses, and bank details of its customers. During a subsequent search of his home, law enforcement also discovered indecent images of children on his devices. He additionally confessed to probing the websites of Manchester University and Cambridge University.

In November 2016, Gunton pleaded guilty to his role in the TalkTalk breach in youth court, stating that he had acted to impress friends, describing his motivation as "just showing off to [his] mates." He received a 12-month youth rehabilitation order as a result of that proceeding.

Further Criminal Activity and 2019 Conviction

Despite the earlier legal proceedings, Gunton continued to engage in criminal activity. In April 2019, an unannounced police visit to his home revealed the presence of CCleaner on his computer, which constituted a violation of a Sexual Harm Prevention Order (SHPO) that had been imposed on him. The subsequent investigation uncovered a broader pattern of offenses committed between 2017 and 2018.

Gunton was found to have laundered money, committed offenses under the Computer Misuse Act, and breached his SHPO. He had also probed the websites of local high schools for security vulnerabilities and illegally accessed the systems of Australian telecommunications company Telstra. Through that access, he gained control of the Instagram account @adesignersmind and used it to send messages described as "grotesquely offensive" to the account owner's customers.

During the search of his home, police discovered £407,359.35 in cryptocurrency, which investigators alleged Gunton had accumulated by selling Instagram user account details on cybercrime forums. In August 2019, he pleaded guilty to the relevant charges and was sentenced to 20 months of imprisonment, though he was immediately released due to time already served. His mother and father received three- and five-month suspended sentences, respectively, for their roles in transferring stolen funds. Following his conviction, Gunton's seized cryptocurrency was auctioned off in what was reported as the first such auction conducted on the instruction of a police force in the United Kingdom.

EtherDelta Cryptocurrency Theft

On 13 August 2019, a federal grand jury in the United States indicted Gunton alongside Anthony Tyler Nashatka, known online as psycho, of Michigan, in connection with a scheme carried out in December 2017. The two were accused of executing a SIM-swapping attack — commonly referred to as simjacking — against the chief executive officer of the cryptocurrency exchange EtherDelta. Using the access obtained through that attack, Gunton and Nashatka allegedly redirected EtherDelta's users to a fraudulent clone of the platform, which captured the cryptocurrency wallet credentials entered by unsuspecting users. The scheme resulted in the theft of more than US$1.4 million in Ethereum.

In July 2024, Gunton was sentenced to three and a half years of imprisonment for his involvement in the EtherDelta scheme.