The Hacker Who Tried to Fake His Own Death: How the FBI and Mandiant Brought Him Down

In January 2023, a hacker named Jesse Kipf attempted to avoid his responsibilities by faking his own death. Using the alias "FreeRadical," Kipf hacked into the Hawaii Electronic Death Registration System to create a fraudulent death certificate. He listed the cause of death as "acute respiratory distress syndrome" due to COVID-19. This elaborate plot was motivated by Kipf’s desire to avoid paying $116,000 in child support to his ex-wife.

The Plot and Mistakes

Kipf's plan involved using a doctor’s stolen credentials to log into the death registration system and certify his own death. After creating the fake certificate, Kipf posted it on a hacking forum to sell access, claiming that he could create and certify deaths for others as well.

However, Kipf made some critical mistakes:

Revealing Details: In the post, he forgot to redact some information, including the state of birth and part of the government seal. This allowed cybersecurity researchers at Mandiant to identify that the hack was connected to Hawaii’s government system.

Using Home Internet: Instead of hiding his digital tracks, Kipf used his home IP address in Somerset, Kentucky, to access the system. This blunder led federal agents straight to his doorstep.

How Mandiant and the FBI Tracked Him

In Colorado, Austin Larsen, a senior threat analyst at Mandiant, was monitoring cybercrime forums when he noticed the suspicious post. Larsen’s expertise led him to analyze the badly cropped screenshot of the death certificate. His team quickly realized that a hacker had infiltrated the Hawaii state government’s system.

Three days after discovering the post, Mandiant alerted Hawaii state officials, triggering a federal investigation. The investigation revealed that the compromised doctor’s account had been used by none other than Jesse Kipf—the person who was supposed to be dead.

The FBI, working alongside Mandiant, traced Kipf by connecting his online activities. Kipf used multiple aliases, including "GhostMarket09" and "theelephantshow," to commit various cybercrimes. He even admitted to hacking into systems in other states, such as Arizona, Connecticut, Tennessee, and Vermont, just to see how easy it was. In one instance, he filed a fake death certificate for “Crab Rangoon,” showing the extent of his recklessness.

Kipf’s Cybercriminal Activities

Kipf wasn't just a hacker trying to fake his death—he was a prolific cybercriminal:

He was an initial access broker, which means he hacked into systems and then sold access to other criminals.

He hacked Marriott hotel vendors and food delivery services using fake credit cards.

He even sold stolen credentials on hacking forums, which were later used by other hackers to exploit major companies.

In one notable example, Kipf sold credentials for the shipping giant UPS to a hacker associated with a criminal group called “the Com,” which was linked to multiple violent crimes. Kipf was indirectly enabling other hackers, providing them with stolen credentials to facilitate more attacks.

Despite his technical skills, Kipf made several blunders that led to his downfall. He didn’t use a VPN consistently, which allowed investigators to track his real IP address. Additionally, he accessed Marriott’s internal systems over 1,400 times using his home IP, leaving an unmistakable trail.

The Arrest and Confession

On July 13, 2023, Kipf was arrested at his home in Kentucky. During his interrogation, he admitted to faking his death and to a series of cybercrimes. He explained that he had not held a regular job in five years, relying on cybercrime as his main source of income. When questioned about his mistakes, Kipf stated that he was lazy and had stopped caring—he “quit giving a f—.”

Federal agents also found that Kipf had forged a credit profile with a fake Social Security number to use after his fake death. In addition, he confessed to selling stolen personal information to individuals in Algeria, Ukraine, and Russia, and providing access to Marriott’s systems to Russian cybercriminals.

Mental Health and Sentencing

Kipf’s lawyer, Thomas Miceli, stated that Kipf struggled with mental health issues, including paranoid delusions and schizophrenic tendencies, which were exacerbated after his military service in Iraq. Despite his mental health challenges, Kipf understood the severity of his actions.

In the end, Kipf was sentenced to 81 months (almost seven years) in prison. He was ordered to pay for the damages he caused—$80,000 for the hacking activities and $116,000 in unpaid child support. The Department of Justice highlighted the seriousness of his offenses, noting how his actions continued to victimize his ex-wife and daughter.

The case of Jesse Kipf is a dramatic example of how a hacker tried to evade justice through deception but ultimately failed due to a combination of overconfidence, digital mistakes, and the thorough work of cybersecurity professionals. The collaborative effort between Mandiant and the FBI showcased the importance of monitoring cybercrime forums and highlighted how even the smallest mistakes can unravel the most elaborate plans.

Kipf’s story is not just about the technical aspects of hacking—it’s also a cautionary tale of how arrogance, disregard for the law, and a failure to understand the consequences of one’s actions can lead to a steep fall. Despite his efforts to fake his death and live a life free of consequences, Kipf is now facing years behind bars, proving that even the most cunning cybercriminals are not beyond the reach of justice.