Dutch court convicts hacker who exploited port networks for drug trafficking
Dutch court convicts hacker who exploited port networks for drug trafficking
January 13, 2026 
Dutch appeals court jails a 44-year-old hacker for 7 years for hacking port systems to help smuggle cocaine through European logistics hubs.
A Dutch appeals court sentenced a 44-year-old hacker to seven years in prison for hacking port systems to help smuggle cocaine through European logistics hubs into the Netherlands. The appeals court reduced the sentence from 10 to 7 years, citing a prolonged appeal process lasting more than 21 months.
Prosecutors said the scheme enabled the import of 210 kg of cocaine through the Port of Rotterdam. The hacker bribed an Antwerp port worker to insert a malware-infected USB, creating a backdoor that gave remote access to container, gate, and access-control systems.
“The defendant is sentenced to seven years in prison. He is guilty of complicity in computer hacking. The purpose of this was to gain access to port systems so he could then import drugs undetected and undetected, thus facilitating drug trafficking.” the Amsterdam Court of Appeal ruled.
“The defendant is also guilty of complicity in the importation of 210 kilos of cocaine into the Netherlands. Furthermore, he is guilty of attempted extortion. The defense regarding the acquisition and use of SkyECC messages as evidence is rejected. The injured party’s claim is granted and the court is ordered to pay joint and several legal costs.”
According to court documents, the defendant persuaded a port employee at a container terminal in Antwerp to plug a USB stick loaded with malware into a work computer. The malicious software created a digital backdoor, giving the hacker remote access to internal port systems used to manage containers, gates and personnel access.
The malware gave the group covert remote access to monitor containers, manipulate gates, and issue entry credentials, persisting for months while seeking admin rights. Investigators relied heavily on Sky ECC messages, where the defendant detailed his control of port systems and coached accomplices through the hacking.
“Investigators relied heavily on intercepted messages from Sky ECC, an encrypted communications platform widely used by criminal groups before authorities dismantled it in early 2021. In those chats, the defendant provided step-by-step instructions on how to deploy the malware.” reported The Record.
Investigators found malware hidden in port systems for months, repeatedly trying to gain admin rights. The attacker claimed full control, including access passes and gates.
“On September 18, 2020, a potential backdoor was installed on system AV150081C. Between September 19 and 27, 2020, the attackers used various privilege escalation tools in an attempt to gain control of an administrative account in the [affected party] environment. The attackers’ numerous attempts, using various exploitation tools, indicate that they likely failed to escalate their privileges. Furthermore, there is no evidence that the attackers were able to take over an account with administrative privileges. (…) Furthermore, there is evidence that the backdoor installed on September 18, 2020, remained active until at least April 24, 2021. (…)
Between September 21, 2020, and October 19, 2020, the threat actor gained access to the Solvo container management application on AV150081C numerous times.” states court documents.
“Based on the above findings, the court finds that [suspect], through [injured party]’s employee [name 1], logged into an automated workstation, being [injured party]’s computer, and had a USB stick inserted into that computer. The USB stick contained malware, which was then installed on [injured party]’s computer. This installed a backdoor, allowing [suspect] to remotely access [injured party]’s automated workstation. This automated workstation was protected against unauthorized access. Only employees with the necessary login credentials could legitimately access it. Given that there was close and deliberate cooperation between [suspect] and his accomplices, [suspect] thus jointly and in association with others gained access to the automated workstation.”
The group stole and shared sensitive data like camera locations, staff photos, and layouts. Judges said the hack aimed to support drug trafficking and seriously endangered port security.
The court found the man guilty of forging transport documents and Portbase records to move cocaine shipments. Judges also convicted the man of attempted extortion for threatening relatives over missing cocaine and demanding €1.2 million under the threat of violence.
The defendant remains imprisoned in the western Netherlands and has filed another appeal.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, port system)
About Author
