DOJ: Creep Coach Finagles Nude Athlete Photos | Threatpost

A former track-and-field coach who worked at several universities has been arrested and is facing up to five years in prison for attempting to solicit nude photos of his athletes through sham social-media accounts and cyberstalking.

The Department of Justice alleged that Steve Waithe, while coaching at Northeastern University, would often ask his athletes to give him their phones during competition and practices, ostensibly, so he could film their form, the U.S. Attorney for the District of Massachusetts said. While he had access, Waithe would steal their photos. Witnesses told law enforcement they saw him “scrolling through” the devices.

Asked for Nudes to ‘Help’ Recover Photos

Waithe then contacted those same college athletes through fake social-media accounts in Feb. 2020 and told them he had discovered the photos online — and offered to “help” recover them, the U.S. Attorney’s office added. Posing as a “privacy protector,” or operating under the name “Katie Janovich” he would tell the girls the stolen photos could be scraped from the internet if they sent nude or semi-nude pictures, which would help with a “reverse image search” on the internet.

Feeling a lack of options, they complied.

But that wasn’t Waithe’s only alleged scam. From last June to Oct. 2020, he used fake social-media accounts and an anonymized phone number to cyberstalk one of his athletes, even breaking into her Snapchat account, the U.S. Attorney said. A check of his internet search history turned up phrases like, “Can anyone trace my fake Instagram account back to me?”

Now he has his answer.

Fake ‘Body Development’ Study

He also recycled his Katie Janovich persona, who along with another, “Kathryn Svoboda,” would contact athletes with an offer for them to participate in their research on “body development,” the complaint alleged. In addition to asking for the athletes to provide detailed height, weight and nutrition information, Waithe allegedly asked them to send photos of themselves wearing a “uniform or bathing suit to show as much skin as possible.”

For science.

He would even include a sample image of “Katie,” (an oddly recurring pseudonym in his alleged schemes), the U.S. Attorney said, to help show the athletes the kind of images he was looking for.

Waithe coached at several institutions during his career in addition to Northeastern, including Concordia University in Chicago, Illinois Institute of Technology, Penn State University and the University of Tennessee. The Justice Department is actively looking for additional victims to come forward, they said.

Part of Wider Cybercrime Crackdown

The arrest comes amid a wave of high-profile cases brought against those using online tools to perpetrate crimes.

Last month, a mother-daughter duo was charged in Florida for breaking into the school district’s computer system to rig the Homecoming Queen election.

And the teen behind the Bit-Con Twitter hack from last year recently cut a plea deal that allowed him to be charged as a juvenile in exchange for copping to the crime, instead of the 10 years in adult prison he initially faced. Even charged as a juvenile, Graham Ivan Clark will be under supervision until 2026.

An international takedown of Emotet and NetWalker‘s Dark Web site has caught the attention of at least one former threat actor. Ziggy ransomware gang announced in early February it is getting out of the ransomware business altogether, and even offered refunds to many of its victims.

“We decided to return victims’ money because we fear law-enforcement action,” Ziggy’s admin told Threatpost late last month.

Waithe is just the latest example of what appears to be a wider crackdown on U.S. cybercrime.

Ever wonder what goes on in underground cybercrime forums? Find out on April 21 at 2 p.m. ET during a FREE Threatpost event, “Underground Markets: A Tour of the Dark Economy.” Experts will take you on a guided tour of the Dark Web, including what’s for sale, how much it costs, how hackers work together and the latest tools available for hackers. Register here for the Wed., April 21 LIVE event.