Cyber Law & Crime News

Justice Department Announces New Intellectual Property Task Force as Part of Broad IP Enforcement Initiative

Attorney General Eric Holder today announced the formation of a new Department of Justice Task Force on Intellectual Property as part of a Department-wide initiative to confront the growing number of domestic and international intellectual property (IP) crimes.

“The rise in intellectual property crime in the United States and abroad threatens not only our public safety but also our economic wellbeing. The Department of Justice must confront this threat with a strong and coordinated response,” said Attorney General Holder. “This Task Force will allow us to identify and implement a multi-faceted strategy with our federal, state and international partners to effectively combat this type of crime.”

The Attorney General’s announcement follows a summit meeting convened last December by Vice President Biden, a long-standing champion of U.S. intellectual property rights-holders. At that meeting, which was attended by Attorney General Holder and other cabinet heads, the Vice President discussed the importance of stronger enforcement and supported actions to raise the priority of combating IP theft and improving coordination — including the establishment of an intellectual property task force at the Department of Justice.

“Theft of intellectual property does significant harm to our economy and endangers the health and safety of our citizens,” said Vice President Biden. “This administration is committed to stronger and stricter enforcement of intellectual property rights, and this new task force is a step in the right direction.”

The Task Force, to be chaired by the Deputy Attorney General, will focus on strengthening efforts to combat intellectual property crimes through close coordination with state and local law enforcement partners as well as international counterparts. It will also monitor and coordinate overall intellectual property enforcement efforts at the Department, with an increased focus on the international aspects of IP enforcement, including the links between IP crime and international organized crime. Building on previous efforts in the Department to target intellectual property crimes, the Task Force will also serve as an engine of policy development to address the evolving technological and legal landscape of this area of law enforcement.

As part of its mission, the Task Force will work closely with the recently established Office of the Intellectual Property Enforcement Coordinator (IPEC), housed in the Executive Office of the President and charged with drafting an Administration-wide strategic plan on intellectual property. As part of its mission, the Task Force will assist IPEC in recommending improvements to intellectual property enforcement efforts.

“Americans produce more technologies, more brands, more creative works and more innovation than any other nation on Earth,” said Victoria Espinel, the U.S. intellectual property enforcement coordinator. “President Obama is committed to ensuring that the value created by American workers and enjoyed by communities around the world is protected. The Justice Department’s new task force will play a critical role in supporting the Administration’s ongoing efforts to protect American intellectual property and the millions of jobs that depend on it.”

The Task Force will include representatives from the offices of the Attorney General, the Deputy Attorney General, and the Associate Attorney General; the Criminal Division; the Civil Division; the Antitrust Division; the Office of Legal Policy; the Office of Justice Programs; the Attorney General’s Advisory Committee; the Executive Office for U.S. Attorneys and the FBI. As part of its broader intellectual property initiative, the Department will also step up policy engagement with foreign law enforcement partners, develop a plan to expand civil IP enforcement efforts, and leverage existing partnerships with federal agencies and independent regulatory authorities such as the Department of Homeland Security and the Federal Communications Commission.

Kingdom of Sweden accepts request for transfer of prosecution in case involving Swedish National charged with Hacking and Trade Secret Theft – Intrusions Involved Computers at NASA and Cisco, Theft of Trade Secret Source Code

The Kingdom of Sweden accepted the request to transfer the prosecution of Philip Gabriel Pettersson, aka “Stakkato,” United States Attorney Joseph P. Russoniello announced.

On May 5, 2009, Pettersson, a Swedish national, was indicted on five counts involving intrusion and trade secret theft charges. The indictment included one intrusion count and two trade secret misappropriation counts involving Cisco Systems, Inc. (Cisco), of San Jose, Calif., a leading provider of computer network equipment and a leading producer of internet routers. According to the indictment, between May 12, 2004, and May 13, 2004, defendant Pettersson intentionally committed an intrusion into the computer system and network of Cisco. During the intrusion, some Cisco Internetworking Operating System (Cisco IOS) code was misappropriated. Following the incident, Cisco reported that it did not believe that any customer information, partner information or financial systems were affected.

The indictment also included two intrusion counts involving the National Aeronautics and Space Administration, including computers at the Ames Research Center, and the NASA Advanced Supercomputing Division, located at Moffett Field, Calif. These intrusions by Pettersson occurred in May 19, 2004, May 20, 2004, and October 22, 2004.

United States Attorney Joseph P. Russoniello commended the involvement of the numerous investigative agencies that were involved in the extensive investigation since the original hacking incidents in 2004. The evidence eventually led to Sweden. He added that this case shows how the international law enforcement community will work together to identify individuals committing hacking and trade secret offenses regardless of where they are located. According to the Department of Justice, this is one of the few computer crime cases in which a transfer has been accepted in recent years.

“This was a significant intrusion and theft of trade secret case in our district that involved international law enforcement issues,” United States Attorney Russoniello said. “Now that the Kingdom of Sweden has accepted the transfer, we thank our law enforcement partners in Sweden for accepting our request to transfer prosecution of this case. We look forward to continuing to cooperate with Swedish authorities as the case progresses and on any case needs.”

Cisco and NASA cooperated in the government’s investigation.

The maximum statutory penalty for committing an intrusion (intentionally causing damage to a protected computer), in violation of Title 18, United States Code, Section 1030(a)(5)(A)(i), and theft of trade secrets, in violation of Title 18, United States Code, Section 1832(a)(2), is ten years in prison, a three year term of supervised release, and a fine of $250,000. However, any sentence following conviction would be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553, and factors such as the amount of the loss.

The prosecution is the result of a multi-year investigation by the Federal Bureau of Investigation, U.S. Secret Service, NASA Office of Inspector General, Office of Investigations, Computer Crimes Division, and numerous other federal agencies. Mark L. Krotoski, presently at the Computer Crime and Intellectual Property Section, is prosecuting the case with the assistance of Paralegal Lauri Gomez and Assistant Netterie Lewis. CCIPS Senior Counsel Kimberly Peretti also assisted in the prosecution. Trial Attorneys Sarah C. Santiago and Lynn C. Holliday, from the Office of International Affairs, Criminal Division, have assisted on international issues with the case.

Please note, an indictment contains only allegations against an individual and, as with all defendants, Pettersson must be presumed innocent unless and until proven guilty.

source: www.cybercrime.gov

A Nebraska man agreed today to plead guilty to participating in an attack on Church of Scientology websites in January 2008 that shut down the group’s websites.

Brian Thomas Mettenbrink, 20, of Grand Island, Nebraska, was previously indicted by a federal grand jury, but in documents filed today he agreed to plead guilty to the misdemeanor charge of unauthorized access of a protected computer and to serve a one-year prison sentence.

According to court documents, Mettenbrink participated in the attack on the Scientology websites that was orchestrated by a group that labeled itself “Anonymous.” That underground group has led protests against the Church of Scientology at various locations across the country, and in January 2008 announced a new offensive against Scientology. In the court documents, Mettenbrink admits that he downloaded computer
software from an “Anonymous” message board and used that software to bombard Scientology websites to the point that it impaired the integrity and availability of those websites in a variation of a distributed denial of service attack (DDOS) attack. A DDOS attack occurs where a large amount of malicious Internet traffic is directed at a website or a set of websites. The target websites are unable to handle the high volume of Internet traffic and therefore become unavailable to legitimate users trying to reach the sites.

Mettenbrink, who was scheduled to go to trial on the charges in the grand jury indictment on February 9, is expected to plead guilty in federal court in Los Angeles next week.

Previously in the investigation into the “Anonymous” computer attack, Dmitriy Guzner, of Verona, New Jersey, was sentenced last year to one year and one day in federal prison after pleading guilty to participating in the “Anonymous” attack against the Scientology websites.

The cases against Mettenbrink and Guzner are part of an ongoing investigation by the United States Secret Service Electronic Crimes Task Force in Los Angeles. The agencies involved in the investigation are the United States Secret Service, the Federal Bureau of Investigation, the Los Angeles Police Department and the Los Angeles County District Attorney’s Office Bureau of Investigation.

source: www.cybercrime.gov

Nora R. Dannehy, United States Attorney for the District of Connecticut, announced that CORNEL IONUT TONITA, 28, of Galati, Romania, pleaded guilty today before United States Magistrate Judge Holly B. Fitzsimmons in Bridgeport to one count of conspiracy to commit fraud in connection with electronic mail (“spamming”). The charge stems from a “phishing” scheme that victimized individuals, financial institutions and companies. A phishing scheme uses the Internet to target large numbers of unwary individuals, using fraud and deceit to obtain private personal and financial information such as names, addresses, bank account numbers, credit card numbers and Social Security numbers. Phishing schemes often work by sending out large numbers of counterfeit email messages, or “spam,” which are made to appear as if they
originated from legitimate banks, financial institutions or other companies.

In pleading guilty, TONITA admitted that, from approximately February 2005 through April 2005, he conspired with others to engage in spamming. TONITA was paid to use software tools to harvest email addresses from Internet sites, focusing primarily on colleges and universities in the United States. TONITA then provided the email addresses to others with the knowledge that they would send spam to those email addresses.

Specifically, on approximately March 19, 2005, TONITA sent a file containing approximately 9,811 email addresses to a co-conspirator.

On January 18, 2007, a federal grand jury in New Haven returned an indictment charging TONITA and five other Romanian citizens for their alleged participation in the phishing scheme.

On July 18, 2009, TONITA was arrested on an Interpol warrant at the sea border crossing in Dubrovnik, Croatia. He was extradited to the U.S. on September 4, 2009.

The investigation of this matter stemmed from a citizen’s complaint concerning a fraudulent e-mail message made to appear as if it originated from Connecticut-based People’s Bank. In fact, the e-mail message directed victims to a computer in Minnesota that had been compromised, or “hacked,” and used to host a counterfeit People’s Bank Internet site. During the course of the investigation, it was determined that the defendants had allegedly engaged in similar phishing schemes against many other financial institutions and companies, including Citibank, Capital One, JPMorgan Chase & Co., Comerica Bank, Wells Fargo & Co., eBay and PayPal. TONITA is scheduled to be sentenced by United States District Judge Janet C. Hall on April 5, 2010, at which time TONITA faces a maximum term of imprisonment of five years.

This matter has been investigated by the Federal Bureau of Investigation in New Haven, Connecticut, and the Connecticut Computer Crimes Task Force. Critical assistance to the investigation also has been provided by the FBI Legal Attachés in Vienna, Bucharest and Ottawa; Interpol in Zagreb and Washington, D.C.; the Romanian National Police; the Croatian Criminal Police Directorate and Croatian General Police Directorate; the U.S. Embassy in Sarajevo; the Royal Canadian Mounted Police; Canada Border Services Agency in Montreal; and the United States Marshals Service.

The case is being prosecuted by Assistant United States Attorney Edward Chang.

source: www.cybercrime.gov

A federal grand jury in Dallas returned a superseding indictment this week charging 19 defendants in a massive cybercrime conspiracy, announced U.S. Attorney James T. Jacks of the Northern District of Texas. This indictment supersedes a September 2, 2009, indictment that charged nine of the defendants in the conspiracy.

The following 19 defendants are each charged with one count of conspiracy to commit wire and mail fraud. Defendants (3) through (7), who were charged in the original indictment, have made their initial appearances in federal court and, with the exception of defendant (6), are on pretrial release. Defendant (6) remains in custody. Defendants (10) through (15) and (18) and (19) were either arrested or have surrendered to federal authorities this week. Defendants (16) and (17) are outside of the United States.

Defendants (1), (2), (8) and (9) are believed to have fled the United States to avoid prosecution. One anonymous internet report suggested that Michael Faulkner was killed attempting to reenter the U.S. from Mexico. This report has not been confirmed.

(1) *Chastity Lynn Faulkner, 34, of Southlake, Texas (fugitive)
(2) *Michael Blaine Faulkner, 36, of Southlake, Texas (fugitive)
(3) *Brian Patrick Haney, 36 of Plano, Texas
(4) Eric Byron Littlejohn, II, 19, of Desoto, Texas
(5) Nathan Todd Shafer, 31 of Irving, Texas
(6) *Matthew Norman Simpson, 25, of Red Oak, Texas
(7) *Alicia Nicole Cargill Smallwood, 28, of Midlothian, Texas
(8) *Jason Carter Watts, 32, of Plano, Texas (fugitive)
(9) *William Michael Watts, 38, of Plano, Texas (fugitive)
(10) *Logan L. Vig, 22, of Dallas, Texas
(11) *Arya Neal Behgooy, 33, of Plano, Texas
(12) *Christopher Wayne Sigler, 27, of Roanoke, Texas
(13) *Marcus William Wentrcek, 29, of Frisco, Texas
(14) *Valerian James Stock, 42, of New Orleans, Louisiana
(15) *Ricky J. Keele, 55, of Coppell, Texas
(16) *Dmitri Siiatski, 22, of Canada
(17) *Milos Vujanic, 29, of Eastern Europe
(18) Jennifer Jo Gilliland, 29, of Phoenix, Arizona
(19) Casimir A. Wojciechowski, a/k/a Casey, 56, of Illinois

The eight-count indictment also charges 15 of the defendants (*) with fraud and related activity in connection with electronic mail and aiding and abetting. Michael Blaine Faulkner is also charged with one count of obstruction – threatening a witness or informant; one count of obstruction – hiding assets; one count of obstruction – destruction of evidence; and one count of false registration of a domain name. Matthew Norman Simpson is also charged with one count of obstruction – destruction of evidence and one count of false registration of a domain name. Logan L. Vig and Milos Vujanic area also each charged with one count of obstruction – destruction of evidence. The indictment also includes a forfeiture allegation which would require that the defendants, upon conviction, forfeit any proceeds obtained, directly or indirectly, as a result of the offense.

The indictment alleges that from March 2003 through July 2009, the defendants conspired to defraud various telecommunications companies, including AT&T; Verizon; XO Communications; SMARTnet VOIP; Waymark Communications; the lessors of properties at 2020 Live Oak, 2323 Bryan Street and 1950 Stemmons Freeway, in Dallas; various financial institutions; leasing companies and creditors, including Wells Fargo, AT&T Capital Services, and the credit reporting agencies; and various other service providers, such as power companies, insurance companies, air-conditioning companies, web site developers, and others for goods and services amounting to more than $15 million.

The indictment further alleges, that as part of the conspiracy, the conspirators made false representations to obtain goods, such as computer and telecommunications equipment and infrastructure, to include racks to hold computer equipment, generators to provide power for the equipment, and office space to install the equipment, as well as services related to the operation and use of computers and telecommunications. The conspirators created, purchased and used shell companies to hide the true identity of the owners or operators of the companies, or the relationships between the companies. They also established P.O. Boxes, commercial remailer services, shell offices, apartments, or other physical locations to hide owners’ or operators’ identity or the relationships between the companies. They assumed multiple fake identities to hide true ownership of the shell companies and made materially false representations to their victims, by mail, fax, telephone, email, or other communications, to obtain goods and services from them.

A series of search warrants were conducted by FBI agents in March and April 2009 at Chastity and Michael Faulkner’s residence in Southlake, and at a Faulkner business, Crydon, located at 1950 Stemmons Freeway in Dallas. Searches were also conducted at Core IP, located at 2323 Bryant Street in Dallas, and at other related businesses.

An indictment is an accusation by a federal grand jury and a defendant is entitled to the presumption of innocence unless proven guilty. However, if convicted, the conspiracy charge carries a maximum statutory sentence of 30 years in prison and a $1 million fine. Each of the obstruction charges carries a maximum statutory sentence of 20 years in prison and a $250,00 fine. If a defendant is convicted on a felony and also on false registration of a domain name, the penalty for that felony conviction is doubled, or increased by seven years, whichever is less. Restitution could be ordered.

U.S. Attorney Jacks praised the investigative efforts of the FBI, as well as the assistance provided by the Texas Workforce Commission, the Texas Secretary of State, the Dallas Police Department, the Southlake Police Department, Dallas Sheriff’s Office, Ellis County Sheriff’s Office, the Duncanville Police Department, the Longview Police Department, the New Orleans Police Department, and the American Registry for Internet Numbers (ARIN).

Assistant U.S. Attorney C.S. Heath is in charge of the prosecution. The investigation is ongoing.

source: www.cybercrime.gov

Kyle Jeffrey Tschiegg, 39, of Sarasota, Florida was sentenced in United States District Court here today to 90 months imprisonment for emailing threats including threats to cause a candidate to drop out of a race for statewide office in Florida, hacking into email accounts of individuals and companies, and using stolen identity information to commit computer crimes.

Carter M. Stewart, United States Attorney for the Southern District of Ohio, and Keith L. Bennett, Special Agent in Charge, of the Cincinnati Division of the Federal Bureau of Investigation (FBI) announced the sentence handed down today by Senior United States District Court Judge James L. Graham.

Tscheigg pleaded guilty on September 4, 2009 to one count each of interstate transmission of threatening communications, interstate extortion, computer intrusion, and identity theft. On August 4, 2008, Tscheigg sent an email to a Columbus company he picked at random and two company employees threatening to “start shooting the whole place up, blowing your heads off…”

In part, Tscheigg’s email said, “I want to come to “RF” company in columbus and just start shooting the whole place up, blowing your heads off, and then I’m gonna go to “Pro” in sarasota and and kill all of them too, see ya soon!! Im looking forward to painting walls with brain matter:)”

A group of approximately 40 individuals and businesses received repeated email and telephone threats or harassment by Tschiegg. At one point, approximately 3500 email accounts were being copied on the threatening emails.

Tschiegg used several methods to conceal his identity online including using his laptop computer to access the Internet through neighbors’ unsecured, wireless networks in Sarasota. Tschiegg also hacked into a Florida state legislator’s email account in October 2008. He used personal information he found about the legislator on the Internet to reset the legislator’s password. Less than two weeks before the November 4, 2008 election, Tscheigg sent two emails threatening to injure the legislator, her family and supporters unless she withdrew from the race. Tscheigg has been in custody since FBI agents arrested him at his parents’ Sarasota home on February 12, 2009.

Stewart commended the investigation by FBI agents and investigators in the Sarasota County Sheriff’s Office, as well as Assistant U.S. Attorney Deborah A. Solove and Department of Justice Attorney Joseph Springsteen of the Computer Crime and Intellectual Property Section, who prosecuted the case. Stewart also acknowledged the assistance of Assistant U.S. Attorney Laurel Moore in the Middle District of Florida.

source: www.cybercrime.gov

WASHINGTON- Albert Gonzalez, 28, of Miami, pleaded guilty today to conspiring to hack into computer networks supporting major American retail and financial organizations, and to steal data relating to tens of millions of credit and debit cards, announced Assistant Attorney General of the Criminal Division Lanny A. Breuer, U.S. Attorney for the District of New Jersey Paul J. Fishman, U.S. Attorney for the District of Massachusetts Carmen Milagros Ortiz and Director of the U.S.
Secret Service Mark Sullivan.

Gonzalez, aka “segvec,” “soupnazi” and “j4guar17,” pleaded guilty to two counts of conspiracy to gain unauthorized access to the payment card networks operated by, among others, Heartland Payment Systems, a New Jersey-based card processor; 7-Eleven, a Texas-based nationwide convenience store chain; and Hannaford Brothers Co. Inc., a Maine-based supermarket chain. The plea was entered in federal court in Boston before U.S. District Court Judge Douglas P. Woodlock.

The case is one of the largest data breaches ever investigated and prosecuted in the United States. According to information contained in the plea agreement, Gonzalez leased or otherwise controlled several servers, or “hacking platforms,” and gave access to these servers to other hackers, knowing that they would use them to store malicious software, or “malware,” and launch attacks against corporate victims. Malware used against several of the corporate victims was also found on a server controlled by Gonzalez. Gonzalez tested malware by running multiple anti-virus programs in an attempt to ascertain if the programs detected the malware. According to information in the plea
agreement, it was foreseeable to Gonzalez that his co-conspirators would use malware to steal tens of millions of credit and debit card numbers, affecting more than 250 financial institutions. Gonzalez
was indicted in New Jersey in August 2009 for this criminal conduct.
Based on the terms of the plea agreement, Gonzalez will not seek a prison term under 17 years and the government will not seek a prison term of more than 25 years. Gonzalez pleaded guilty in September 2009 in Boston to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft relating to hacks into numerous major U.S. retailers including TJX Companies, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority.

Gonzalez was indicted for those offenses in August 2008 in the District of Massachusetts. Gonzalez also pleaded guilty in September 2009 in Boston to one count of conspiracy to commit wire fraud relating to hacks into the Dave & Buster’s restaurant chain, which were the subject of a May 2008 indictment in the Eastern District of New York.

As part of the plea agreement with the government, the New Jersey case was transferred to the District of Massachusetts for plea and sentencing. According to the terms of the New Jersey plea agreement, the parties agree that Gonzalez’ sentence in the New Jersey case should run concurrently with the sentence imposed in the Boston and New York cases. Gonzalez remains in federal custody.

Sentencing in the Boston and New York cases is currently scheduled for March 18, 2010, in Boston. Sentencing in the New Jersey case is scheduled for March 19, 2010. “The Department of Justice will not allow computer hackers to rob consumers of their privacy and erode the public’s confidence in the security of the marketplace,” said Assistant Attorney General Breuer. “Criminals like Albert Gonzalez who operate in the shadows will be caught, exposed and held to account. Indeed, with timely reporting of data breaches and high-tech investigations, even the most sophisticated hacking rings can be uncovered and dismantled, as our prosecutors and agents demonstrated in this case.”

“Commercial hackers like Gonzalez believe they are immune from detection and prosecution as they lurk in the shadows of the Internet,” said U.S. Attorney Fishman of the District of New
Jersey. “But time and again they are caught, prosecuted and sentenced to lengthy federal prison terms. Other hackers should sit up and take notice.”

“The conviction of Mr. Gonzalez, and the unraveling of one of the most complex and large scale identity theft cases in history, should serve as a reminder to hacker organizations, that the Department of Justice will vigorously investigate and prosecute cybercrimes, regardless of their sophistication and global reach. Mr. Gonzalez’s conviction is the result of unprecedented coordination across agency and geographical lines, and I want to commend the investigators and
prosecutors who have worked tirelessly to bring this case to fruition,” said U.S. Attorney Ortiz of the District of Massachusetts.

“Today’s plea proves that although cyber criminals can threaten our nation’s financial sector, the Secret Service and its many partners around the world will pursue and prosecute them,” said U.S. Secret Service Director Sullivan. “Time and again, cooperation and advanced methodologies have allowed us to focus our resources in order to detect and prevent these types of crimes, wherever they
originate.”

The New Jersey case is being prosecuted by Assistant U.S. Attorneys Erez Liebermann and Seth Kosto of the District of New Jersey, Assistant U.S. Attorneys Stephen Heymann and Donald Cabell of the District of Massachusetts, and Senior Counsel Kimberly Kiefer Peretti of the Criminal Division’s Computer Crime and Intellectual Property Section. All of these cases are being investigated by the U.S. Secret Service.

source: www.cybercrime.gov

Sanchez, 47, who resides in The Bronx, was arrested at his home
without incident. This morning’s arrest follows an indictment returned on December 10 by a federal grand jury in Los Angeles that charges Sanchez with uploading the copyrighted “X-Men Origins: Wolverine to www.Megaupload.com last spring. The indictment was unsealed after Sanchez’ arrest this morning. Sanchez is expected to make his initial appearance today before a United States Magistrate Judge in New York.

The charge of uploading a copyrighted work to the Internet carries a statutory maximum penalty of three years in federal prison and a $250,000 fine or twice the gross gain or gross loss attributable to the offense, whichever is greater.

An indictment contains allegations that a defendant has committed a crime. Every defendant is presumed to be innocent until proven guilty in court. This case is the result of an investigation by the Federal Bureau of Investigation.

United States Attorney Karen P. Hewitt announced that Jeffrey Steven Girandola and Kajohn Phommavong have been charged in a previously sealed 16-count indictment handed up by a federal grand jury on November 20, 2009, with Conspiracy, Computer Fraud, Access Device Fraud and Aggravated Identity Theft. The indictment was unsealed upon the initial appearance of Mr. Phommavong today before United States Magistrate Judge Nita L. Stormes, in federal court in San Diego. Mr. Girandola is presently in custody in San Diego County on other charges.

According to the indictment, the defendants installed peer-to-peer file sharing software on computers under their control and searched the available peer-to-peer file sharing networks for account login information and passwords inadvertently exposed to the file sharing network by other users of the peer-to-peer file sharing software. Peer-to-peer or “P2P” software programs, the indictment explains, allow users to share files and other data with other users of that software. Most P2P software is free and available to download to anyone with a computer and an Internet connection. After installation, the user can search all files made available

for sharing by any other users of that program and download files of interest. Users can place files that the user wants to share into a folder on the user’s computer designated for sharing. It is not unusual, however, for users to download corrupt P2P programs or to misconfigure the software and unintentionally allow all of the files on their computer to be shared to the community.

The defendants are charged with using the account information and passwords that they obtained by searching the P2P networks to access the bank accounts of the victims and transfer funds to prepaid credit cards which they obtained in their own names. The defendants are alleged to have used the prepaid credit cards to purchase goods and to obtain cash in and around San Diego County. The victims include five users of the online payroll system of the United States Department of Defense (“DoD”). DoD, through its Defense Finance and Accounting Service (“DFAS”) provides an Internet accessible website to DoD personnel, including the Armed Forces, known as “DFAS MyPay,” to view and change information relating to their paychecks and other benefits. According to the indictment, the defendants accessed the accounts of the five individuals, consisting of active duty military, retired military and a civilian employee of the Air Force, Navy and Marine Corps, and re-directed their paychecks to the defendants’ prepaid credit card accounts. The defendants also are charged with victimizing a company in Florida that is in the business of selling products to assist senior citizens. All together, during the commission of these offenses from November 22, 2005, until September 12, 2006, according to the indictment, the defendant redirected and attempted to redirect over $20,000 in funds to themselves.

Bail was set at $20,000 for Mr. Phommavong. His next appearance will be on January 8, 2010, before United States District Judge Jeffrey T. Miller for hearing motions and setting a trial date. Mr. Girandola’s appearance will be arranged with the County of San Diego.

This case was investigated by Special Agents of the Cybersquad of Federal Bureau of Investigation in San Diego and by Special Agents of the Defense Criminal Investigative Service.

An indictment itself is not evidence that the defendants committed the crimes charged. The defendants are presumed innocent until the Government meets its burden in court of proving guilt beyond a reasonable doubt.

source: www.cybercrime.gov

Six Individuals Sentenced for Multi Million Dollar E-mail Stock Fraud Scheme

Six individuals were sentenced today in federal court in Detroit for their roles in a wide-ranging international stock fraud scheme involving the illegal use of bulk commercial e-mails, or “spamming,” announced Assistant Attorney General of the Criminal Division Lanny A. Breuer and U.S. Attorney for the Eastern District of Michigan Terrence Berg. The defendants were sentenced by U.S. District Judge Marianne O. Battani.

Frank Tribble, 42, of Bayside, N.Y., was sentenced to 51 months in prison for conspiring to commit wire fraud, mail fraud and to violate the CAN-SPAM Act, and also for committing wire fraud and engaging in money laundering. Tribble was also sentenced to five years of supervised release following his prison term and agreed to forfeit $500,000 to the United States.

Judy Devenow, 56, of East Lansing, Mich., was sentenced to 18 months in prison for conspiring to commit wire fraud, mail fraud and to violate the CAN-SPAM Act, and also committing a substantive violation of the CAN-SPAM Act. Devenow was also sentenced to three years of supervised release following her prison term and ordered to pay a $7,500 fine.

William Neil, 46, of Fresno, Calif., was sentenced to 35 months in prison for conspiring to violate the CAN-SPAM Act and committing a substantive violation of the CAN-SPAM Act. Neil was also sentenced to three years of supervised release following his prison term and agreed to forfeit $56,000 to the United States.

James Bragg, 40, of Sun Lakes, Ariz., was sentenced to 12 months and one day in prison for conspiring to commit wire fraud, mail fraud and to violate the CAN-SPAM Act, and also committing a substantive violation of the CAN-SPAM Act. Bragg was also sentenced to three years of supervised release following his prison term and agreed to forfeit $120,000 to the United States.

James Fite, 36, of Culver City, Calif., was sentenced to 12 months and one day in prison for conspiring to commit wire fraud, mail fraud and to violate the CAN-SPAM Act, committing a substantive violation of the CAN-SPAM Act and making a false statement to federal agents. Fite was also sentenced to three years of supervised release following his prison term and agreed to forfeit $20,000 to the United States.

David Patton, 49, of Centreville, Va., was sentenced to one day in prison for aiding and abetting Alan Ralsky and others in committing substantive violations of the CAN-SPAM Act. Patton was also sentenced to one year of supervised release following his prison term and was ordered to forfeit $50,100 to the United States, which was paid in full today. He also was ordered to pay a $3,000 fine.

According to court documents, from January 2004 through September 2005, Alan Ralsky, Scott Bradley, Devenow, John Bown, William Neil, Bragg, Fite, Tribble, How Wai John Hui and others engaged in a related set of conspiracies designed to use spam e-mails to manipulate thinly traded stocks and profit by trading in those stocks once their share prices increased after recipients of the spam e-mails traded in the stocks being promoted.

The defendants, with the exception of Patton, were indicted in the Eastern District of Michigan in December 2007. Tribble and Devenow pleaded guilty in October 2008. William Neil, Bragg and Fite pleaded guilty in June 2009. Patton pleaded guilty to a criminal information in the Eastern District of Michigan in July 2009.
Tribble planned and directed the stock trading carried out in furtherance of the conspiracy. Devenow served as a manager for the spam e-mail operation and also sent spam emails.

William Neil, who was the chief operating officer of Internet services company GDC Layer One, served, created and maintained a computer network used to send e-mail in furtherance of the conspiracy. Bragg and Fite were contract mailers for the spam e-mail operation, and Patton created, marketed and sold to Ralsky specialized spamming software that the conspirators then used to send out millions of illegal spam e-mails.

According to court documents, many of the spam e-mails promoted thinly traded “pink sheet” stocks for U.S. companies owned and controlled by individuals in Hong Kong and China. The spam e-mails contained materially false and misleading information or omissions and were created and sent using software programs that made it difficult to trace them back to the conspirators. According to the indictment, the conspirators used wire communications, the U.S. mail and common carriers to perpetrate their frauds. The conspirators also engaged in money laundering involving millions of dollars generated by their manipulative stock trading.
According to the indictment, the defendants used various illegal methods in order to maximize the amount of spam that evaded spam-blocking devices and tricked recipients into opening, and acting on, the advertisements in the spam. These included using falsified “headers” in the e-mail messages, using proxy computers to relay the spam, using falsely registered domain names to send the spam, and also making misrepresentations in the advertising content of some of the underlying e-mail messages.

Anki Neil and Peter Severa are also named as defendants in the indictment returned in the Eastern District of Michigan and their cases are still pending. An indictment is merely an accusation and defendants are presumed innocent until and unless proven guilty at trial beyond a reasonable doubt.

Ralsky, Bradley, Hui and Bown were sentenced yesterday for their roles in the scheme. Ralsky was sentenced to 51 months in prison; Bradley was sentenced to 40 months in prison; Hui was sentenced to 51 months in prison; and Bown was sentenced to 32 months in prison. The four defendants were also sentenced to supervised release following their prison terms as well as ordered to forfeit various amounts and/or pay fines.

The charges arose after a three-year investigation, led by the FBI with assistance from the U.S. Postal Inspection Service and IRS-CI revealed a sophisticated and extensive spamming operation. The U.S. Securities and Exchange Commission’s Philadelphia Regional Office has provided significant ongoing assistance in this case. The case is being prosecuted by U.S. Attorney Terrence Berg and Trial Attorneys Thomas Dukes and Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section.

source: www.cybercrime.gov