Cyber Law & Crime News

TEXAS MAN SENTENCED TO 41 MONTHS IN PRISON FOR SELLING COUNTERFEIT SOFTWARE WORTH $1 MILLION ON WEB SITES

WASHINGTON – Timothy Kyle Dunaway, 24, of Wichita Falls, Texas, was sentenced today to 41 months in prison by U.S. District Court Judge Reed O’Connor in Wichita Falls for selling counterfeit computer software through the Internet in violation of criminal copyright infringement laws, Acting Assistant Attorney General Rita M. Glavin of the Criminal Division and Acting U.S.

Attorney James T. Jacks for the Northern District of Texas announced. The software sold by Dunaway had a combined retail value of more than $1 million.

Dunaway was also sentenced to two years of supervised release and ordered to pay $810,257 in restitution. Judge O’Connor also ordered Dunaway to forfeit a Ferrari 348 TB and a Rolex watch purchased with illegal proceeds of the scheme. Dunaway pleaded guilty in Wichita Falls on Oct. 30, 2008, to one count of criminal copyright infringement for selling pirated business software through the Internet.

According to court documents, from July 2004 through May 2008, Dunaway operated approximately 40 Web sites that sold a large volume of downloadable counterfeit software without authorization from the copyright owners. Dunaway admitted he operated computer servers in
Vienna, Austria and Malaysia. Agents of U.S. Immigration and Customs Enforcement (ICE), working in cooperation with foreign law enforcement, seized Dunaway’s international computer servers. According to court documents, Dunaway promoted his illicit scheme by purchasing
advertising for his Web sites from major Internet search engines. Throughout the entire course of the scheme, the defendant processed more than $800,000 dollars through credit card merchant accounts
under his control.

The case is part of the Department of Justice’s ongoing initiative to combat the sale of pirated software and counterfeit goods through commercial Web sites and online auction sites such as eBay. To date, the Department has obtained 33 convictions involving online auction and commercial
distribution of counterfeit software. The Department’s initiative to combat online auction piracy is just one of several steps being undertaken to address the losses caused by intellectual property theft and hold responsible those engaged in criminal copyright infringement. The case is being prosecuted by Trial Attorney Marc Miller of the Criminal Division’s
Computer Crime and Intellectual Property Section as well as Assistant U.S. Attorneys Alex C. Lewis and Diane Kozub for the Northern District of Texas. The case was investigated by the multi-agency Intellectual Property Rights Coordination Center, the ICE Cyber Crimes Center and the Dallas office
of ICE.

Source: www.cybercrime.gov

INFORMATION SECURITY CONSULTANT SENTENCED TO 4 YEARS IN PRISON IN FEDERAL WIRETAPPING AND IDENTITY THEFT CASE

Concluding the first prosecution of its kind in the nation, a man associated with the “botnet underground” was sentenced late today to 48 months in federal prison for using his “botnets” – armies of compromised computers – to steal the identities of victims throughout the country by extracting information from their personal computers and wiretapping their communications.

John Schiefer, 27, of Los Angeles, who used the online handle “acidstorm,”
pleaded guilty last year to accessing protected computers to conduct fraud,
disclosing illegally intercepted electronic communications, wire fraud and bank fraud. Schiefer was sentenced by United States District Judge A. Howard Matz, who also ordered the defendant to pay a $2,500 fine.

When he pleaded guilty, Schiefer admitted that he illegally accessed hundreds of thousands of computers in the United States and that he remotely controlled these compromised machines through computer servers. Once in control of the “zombie” computers, Schiefer used his botnets to search for vulnerabilities in other computers, intercept electronic communications and engage in identity theft.

In connection with the wiretapping scheme, Schiefer admitted that he and
others installed malicious computer code, known as “malware,” on zombie computers that captured electronic communications as they were sent from users’ computers. Because victims with compromised computers did not know that their computers had become infected and were “bots,” they continued to use their computers to engage in commercial activities, such as making online purchases. Schiefer’s “spybot” malware allowed him to intercept communications sent between victims’ computers and
financial institutions, such as PayPal. Schiefer sifted through those intercepted communications and mined usernames and passwords to accounts. Using the stolen usernames and passwords, Schiefer made purchases and transferred funds without the consent of the victims. Schiefer also gave the stolen usernames and passwords, as well as the wiretapped communications, to others. Schiefer is the first person in
the nation to plead guilty to wiretapping charges in connection with the use of botnets.

Schiefer also admitted stealing information from numerous computers by
accessing the PStore, which is intended to be a secure storage area of computers running Microsoft operating systems. To accomplish this, Schiefer installed malware on computers that caused them to send account access information, including usernames and passwords for PayPal and other financial websites, to computers controlled by Schiefer and others. Schiefer used that information to make unauthorized purchases using funds transferred directly from victims’ bank accounts.

Finally, Schiefer admitted defrauding a Dutch Internet advertising company with his armies of zombie computers. Schiefer signed up as a consultant with the advertising company and promised to install the company’s programs on computers only when the owners of those computers gave consent. Instead, Schiefer and two co-schemers installed that program on approximately 150,000 zombie computers whose owners did not give consent. Schiefer was ultimately paid more than $19,000
by the advertising company.

In addition to his guilty pleas to the criminal charges, Schiefer has agreed to
pay approximately $20,000 in restitution to the Dutch advertising company and financial institutions that he defrauded.

This case was investigated by the Federal Bureau of Investigation.

souce: www.cybercrime.gov