Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label DOJ. Show all posts

Russian Nationals Charged in Billion-Dollar Cryptocurrency Fraud

 




A tremendous blow has been dealt to global cybercrime after US authorities charged two Russian nationals with masterminding a giant cryptocurrency money laundering network. After being charged by the U.S., the two Russian nationals are alleged to have headmastered a giant cryptocurrency money laundering network. The couple laundered the billions through crypto exchange services, concealing ill-gotten gains from cyber frauds, ransomware, and dark web narcotics.

DOJ officials collaborated with worldwide law enforcement to obtain servers and USD 7 million in cryptocurrency from the network, effectively crippling the criminal organisation.

Vast Money Laundering Scheme Exposed

DOJ says the two Russians to be arraigned, Sergey Ivanov and Timur Shakhmametov, played a significant role in one of the largest money laundering operations. They traded billions of dollars for international cybercriminals through various cryptocurrency exchanges, including platforms like Cryptex and Joker's Stash. Their operation enabled criminals to avail themselves of the anonymity associated with cryptocurrencies, avoiding financial regulations, and even making their laundered funds more portable and unobservable.

Investigators said Ivanov operated Cryptex, a site that processed more than $1.15 billion in cryptocurrency transactions. Of that, $441 million was directly linked to crimes, including $297 million in fraud and $115 million in ransomware payments. Cryptex offered criminals a loophole because it didn't require users to have their IDs verified—a "know-your-customer" (KYC) compliance process would have made their transactions traceable.

The medium to support darknet criminals

Besides Cryptex, the operation made it possible to conduct many other illegal activities on the dark web like carding sites-Rescator and Joker's Stash. The said platforms, especially Joker's Stash, deal in stolen payment card information. Estimated proceeds from these operations ranged around $280 million to up to $1 billion. One of the defendants, Shakhmametov was said to manage Joker's Stash, and hence the extent of this criminal network increased.

Seizing Servers and Crypto Currency

Indeed, international cooperation figured quite largely into taking down this elaborate criminal enterprise. US authorities teamed with law enforcement agencies from other countries, such as Dutch authorities, to take down servers hosting such platforms as PM2BTC and Cryptex, located in several different countries, which have disrupted the operation. Moreover, law enforcement seized more than $7 million in cryptocurrency on those servers from the organisation.

According to the Justice Department, bitcoin transactions through Cryptex were pegged at 28% to the darknet markets that are U.S.-sanctioned, as well as other crime enterprises. This percentage emphasises the colossal level of participation that such exchanges provided in furthering cybercrimes at a worldwide level.

Global Crackdown on Cybercrime

The case reminds everyone that efforts at a global level are aimed at fighting the same cybercrime supported by cryptocurrencies. The DOJ has already communicated while working with other U.S. agencies, including the Department of State and the Treasury, that it will continue the crusade against those who use digital currencies for nefarious activities. In this case, the dismantling of this billion-dollar laundering network makes it a milestone victory for law enforcement and a warning to others in similar operations.

As cryptocurrency increases in usage, so does its misuse. Even though digital currencies offer immense legitimate advantages, they also provide criminals with a conduit to bypass traditional financial systems. This makes it pretty evident that the breaking down of Cryptex and Joker's Stash serves as a harsh reminder of how much importance needs to be given to strict security and regulatory measures so that such practices cannot be made using the system for nefarious purposes.

The recent charges suggest that U.S. and international law enforcement agencies are attacking cybercrime networks, especially those using cryptocurrency as a cover for under-the-radar activities. By taking down these systems, the authorities would find it more challenging for cybercrimes to cover up their illegal sources of income and further reduce the threat of rising cybercrime globally.

Hence, this high-profile case should awaken business entities and private individuals dealing in cryptocurrencies to take extreme care that they do not engage in any activity contrary to regulations set to monitor money laundering and other illegal activities.


Georgia Tech Faces DOJ Lawsuit Over Alleged Lapses in Cybersecurity for Defense Contracts

 

Researchers at the Georgia Institute of Technology, who have received over $1 billion in Defense Department contracts, are facing scrutiny for allegedly failing to secure their computers and servers, citing that doing so was too “burdensome.” Since 2013, the Department of Defense has mandated that any contractor handling sensitive data provide “adequate security” on their systems. 

However, at Georgia Tech, laboratory directors reportedly resisted developing a security plan and opposed IT department efforts to implement basic antivirus and anti-malware software. Two IT department employees filed a whistleblower lawsuit, leading the Department of Justice (DOJ) to join the case against the university and the Georgia Tech Research Corporation (GTRC), the nonprofit entity managing government contracts. The lawsuit claims that the Astrolavos Lab at Georgia Tech delayed creating and implementing a security plan, as required by the government contracts. 

When a plan was finally created in 2020, it did not cover all relevant devices, according to the DOJ. Furthermore, the lab, whose mission is to address the security of emerging technologies critical to national security, did not install or update antivirus or anti-malware tools until December 2021. The lab allegedly fabricated compliance reports sent to the Defense Department. The reasons behind these alleged security lapses reportedly stem from campus politics. The DOJ complaint suggests that researchers bringing in substantial government funding were viewed as “star quarterbacks,” using their influence to resist compliance with federal cybersecurity mandates. 

Between 2019 and 2022, GTRC secured more than $1.6 billion in government contracts, with over $423 million in 2022 alone. The whistleblowers, Christopher Craig and Kyle Koza, filed the suit under the False Claims Act, allowing them to receive a portion of any recovered funds. Georgia Tech and GTRC face nine counts, including fraud, breach of contract, negligence, and unjust enrichment, with the DOJ seeking damages to be determined at trial. The DOJ stressed the importance of cybersecurity compliance by government contractors to safeguard U.S. information against threats from malicious actors. 

Meanwhile, Georgia Tech expressed disappointment at the DOJ’s filing, arguing it misrepresents the university’s culture and integrity, claiming that the government itself had indicated that the research did not require cybersecurity restrictions. Georgia Tech has vowed to dispute the case in court, maintaining that there was no data breach or leak and reaffirming its commitment to cybersecurity and collaboration with federal agencies.  

This case is notable given recent cybersecurity threats faced by major universities, such as the University of Utah and Howard University, where ransomware attacks have resulted in significant financial losses.

US Authorities Charge Alleged Key Member of Russian Karakurt Ransomware Outfit

 

The U.S. Department of Justice (DOJ) released a statement this week charging a member of a Russian cybercrime group with financial fraud, extortion, and money laundering in a U.S. court. The 33-year-old Moscow-based Latvian national Deniss Zolotarjovs was extradited to the United States earlier this month after being detained by Georgian authorities in December 2023.

Court records indicate that Zolotarjovs is linked with the ransomware outfit Karakurt, which exfiltrates victim data and holds it hostage until a cryptocurrency ransom is paid. The gang runs an auction portal and leak site where they identify the victim companies and allow users to download stolen data. The group has demanded ransom in Bitcoin ranging from $25,000 to $13 million. 

Previous findings suggest that Karakurt was related to the now-defunct ransomware gang Conti. Researchers believe Karakurt was a side project of the group behind Conti, allowing them to monetise data stolen during attacks when organisations were able to halt the ransomware encryption process. Zolotarjovs allegedly used the alias "Sforza_cesarini" and was an active member of Karakurt. 

He is suspected of engaging with other members, laundering cryptocurrency, and exploiting the group's victims. According to the DOJ, he is the first alleged member of the organisation to be arrested and extradited to the United States. According to court records, Zolotarjovs is involved in attacks on at least six undisclosed US companies. 

Karakurt stole "a large volume of private client data" in one attack in 2021, which included lab results, medical information, Social Security numbers that matched names, addresses, dates of birth, and home addresses. The company negotiated a ransom payment of $250,000 down from Karakurt's initial demand of about $650,000. 

In addition to carrying out open-source research to find phone numbers, emails, or other accounts through which victims could be contacted and pressured to either pay a ransom or re-enter a chat with the ransomware group, Zolotarjovs was probably in charge of negotiating Karakurt's "cold case extortions." 

“Some of the chats indicated that Sforza’s efforts to revive cold cases were successful in extracting ransom payments,” court documents noted.

Former Amazon Security Engineer Charged of Defrauding a Crypto Exchange


A prominent cybersecurity pro for Amazon is apparently facing a problem. The U.S. Department of Justice has detained security engineer, Shakeeb Ahmed, with charges of defrauding and money laundering from an unnamed decentralized cryptocurrency exchange, both charged carrying a maximum 20-year-imprisonment.

According to Damian Williams, the U.S. attorney for the Southern District of New York, this was the second case their firm was announcing that is highlighting the case of “fraud in the cryptocurrency and digital asset ecosystem.”

As noted by the DOJ, Ahmed – a former security engineer for an “international technology company” – was able to "fraudulently obtain" from the aforementioned exchange almost $9 million worth of cryptocurrencies. He executed this by creating bogus dates for pricing, in order to produce the fees that he later withdrew for himself.

Williams further added, "We also allege that he then laundered the stolen funds through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges. But none of those actions covered the defendant's tracks or fooled law enforcement, and they certainly didn't stop my Office or our law enforcement partners from following the money."

Ahmed is also charged with allegedly attempting to steal more money from the exchange via "flash loan" attacks, another type of crypto vulnerability

While it was initially imprecise as to what company the accused had worked for, cybersecurity blogger Jackie Singh on Tuesday mentioned that Ahmed was a former Amazon employee. Jackie further mentioned several other online profiles the accused appeared to have links with.

According to a LinkedIn profile that matches Ahmed's job description, he works at Amazon as a "Senior Security Engineer" and has worked there since November 2020. The user's profile continues to claim Amazon as his employer. However, it is still unclear if this profile is in fact representing Ahmed.

Following this, Amazon was contacted to confirm the aforementioned details, to which the company confirmed that he had worked for Amazon. However he is no longer employed with the company, they added. The tech giant said that it could not provide any further information regarding his role in the company.

Moreover, a report by Inner City Press – a New York outlet – confirms that Ahmed appeared at the court following his detainment on Tuesday. The report mentions him wearing flip-flops, shorts, and a T-shirt saying “I code,” to the court hearing. Later, he was released on bond after pleading not guilty and will be permitted to continue living in his Manhattan apartment, according to the site.

US Government Takes Down Try2Check Services Used by Dark Web Markets


The US Government, on Wednesday, announced that it had taken down the credit card checking tool ‘Try2Check’ that apparently gave cybercrime actors access to bulk purchases and sale of stolen credit card credentials to check which cards were legitimate and active.

The US Department of Justice confirmed the issue and charged Denis Gennadievich Kulkov, a citizen of Russia, for being involved in operating a fraudulent credit card checking business that brought in tens of millions of dollars.

The underground service Try2Check, which Kulkov is believed to have founded in 2005, quickly gained enormous popularity among online criminals engaged in the illicit credit card trade and enabled the suspect to earn at least $18 million in bitcoin.

Apparently, Try2Check leveraged the unnamed company’s “preauthorization” service, whereby a business, such as a hotel, requests that the payment processing firm preauthorizes a charge on a customer’s card to confirm that it is valid and has the necessary credit available. Try2Check impersonated a merchant seeking preauthorization in order to extract information about credit card validity.

What Services Did Try2Check Include? 

The services were used by individuals dealing with both the bulk purchase and sale of credit card credentials and were required to check the percentage of valid and active credit cards, including dark web markets like Joker's Stash for card testing.

By using Try2Check services, the defendant duped a well-known U.S. payment processing company whose systems were used to execute the card checks, in addition to credit card holders and issuers.

The services have now been dismantled following a collaborative measure taken by the US Government and partners in Germany and Austria, including units in the Austrian Criminal Intelligence Service, the German Federal Criminal Police Office (B.A.), the German Federal Office for Information Security (B.S.), and the French Central Directorate of the Judicial Police (DCPJ).

"Try2Check ran tens of millions of credit card checks per year and supported the operations of major card shops that made hundreds of millions in bitcoin in profits[…]Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks," the DOJ stated. 

In addition to this, the US State Department in partnership with the US Secret Service has offered a $10 million reward through the Transnational Organized Crime Rewards Program (TOCRP) for anyone who can help find Kulkov, who is currently a resident of Russia. If found guilty, Kulkov will face a 20-year-imprisonment.

"The individual named in today's indictment is accused of operating a criminal service with immeasurable reach to fund further illicit activity with global impact[…]Thanks to the cooperation and dedication of our global law enforcement community, Try2Check can no longer serve as a vehicle for continued criminal activity or illicit profits," said U.S. Secret Service Special Agent in Charge Patrick J. Freaney.  

DOJ Reveals: FBI Hacked Hive Ransomware Gang


The U.S. Department of Justice (DOJ) recently confirmed that the FBI has infiltrated the activities of a popular cyber-crime gang, covertly disrupting their hacking attacks for more than six months. 

According to DOJ, FBI gained deep access to the Hive ransomware group in the late July 2022. The infiltration prevented them from blackmailing $130 million in emancipate bills from more than 300 organizations. 

The files of victims are encrypted by ransomware gangs using malicious software, locking them up and rendering them unavailable unless a ransom is paid to obtain a decryption key. 

It is being estimated that Hive and its affiliates have accumulated over $100 from more than 1,500 victims that included hospitals, school districts, financial companies and critical infrastructure, in more than 80 countries across the globe. 

The FBI revealed that it has collaborated with the local law enforcement agencies to help victims recover from the attack, including the UK's National Crime Agency, which claims to have given around 50 UK organizations decryptor keys to overcome the breaches. 

On Thursday, the US announced that it had put an end to the operation by disabling Hive's websites and communication systems with the aid of police forces in Germany and Netherlands. 

Attorney General Merrick Garland stated that "Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world." 

While the Equity Division had not yet been used to capture any individual connected to Hive attacks, a senior official suggested that such releases might happen soon. 

In regards to the infiltrations, Deputy Attorney General Lisa O Monaco said, "simply put, using lawful means, we hacked the hackers." 

Moreover, the DOJ says it would pursue those behind the Hive until they were brought to justice. 

"A good covert operation can degrade confidence in operational security and inject suspicion among actors,” Mandiant Threat Intelligence head John Hultquist said. "Until the group is arrested, they will never truly be gone. They will have to reconstitute, which takes time, but I'll bet they reappear in time."    

U.S. Targets Google's Online Ad Business in Latest Lawsuit



The US Department of Justice (DOJ), along with eight other US states have filed a lawsuit against tech-giant Google. DOJ, on Tuesday, accused Google of abusing its dominance in the digital ad market. 

It has threatened to dismantle a significant business at the heart of one of Silicon Valley’s most successful online organizations. 

According to US Attorney General Merrick Garland, its anti-competitive practices have "weakened, if not destroyed, competition in the ad tech industry." 

The government campaigned for forcing Google to sell its ad manager suite, a business that not only contributed significantly to the search engine and cloud company's overall sales but also contributed around 12% of Google's revenue in 2021. 

"Google has used anticompetitive, exclusionary, and unlawful means to eliminate or severely diminish any threat to its dominance over digital advertising technologies," the antitrust complaint read. Google charged that the DOJ was "doubling down on a flawed argument that would slow innovation, raise advertising fees, and make it harder for thousands of small businesses and publishers to grow." 

The federal government says that it's Big Tech investigations and lawsuits that are aiming at leveling the playing field for smaller rivals to a group of powerful companies, including Amazon, Facebook owner Meta and Apple Inc. 

"By suing Google for monopolizing advertising technology, the DOJ today aims at the heart of the internet giant’s power[…]The complaint lays out the many anticompetitive strategies from Google that have held our internet ecosystem back," says Charlotte Slaiman, competition policy director at Public Knowledge. 

The Current Lawsuit Follows an Antitrust Lawsuit from 2020 

Tuesday’s lawsuit, under the administration of President Joe Biden, follows a 2020 antitrust case filed against Google during the presidency of Donald Trump. 

The 2020 lawsuit alleged antitrust violations in the company's acquisition or maintenance of its monopoly in internet search and is scheduled to go to trial in September. 

Eight States in Lawsuit 

The nearly 15-page lawsuit accuses Google of breaches of US antitrust law and attempts to "halt Google's anti-competitive scheme, unwind Google's monopolistic grip on the market, and restore competition to digital advertising". 

If the courts proceed to side with the US government, this might lead to the dissolution of the firm’s advertising business. 

The states joining Tuesday’s lawsuit include Connecticut, Colorado, New Jersey, New York, Rhode Island, Tennessee, and Virginia, along with Google’s home state California.  

Spy Agencies Exploit Computer Networks to Gather Digital Information

 


In a recent report, a new revelation from one of the country's two spy agencies revealed the agency retrieves information directly from where it is stored on computers. This is not processed. There has been a high level of secrecy surrounding the “exploitation” of computer networks at the GCSB for a long time. 

There have been comments by US commentators that computer network exploitation can be labeled as a form of cyber warfare, or "theft of data". "With the help of our legislation, we can gain access to information infrastructures, which is more than just interception," said Andrew Hampton, Director-General of the Government Communications Security Bureau. 

"As a result of it, we are also now able to retrieve digital information directly from its storage or processing place." The GCSB calls this "access to information infrastructures", or "accessing the infrastructure of information."

Hampton's speech to the Institute of International Affairs, given in May, was cited as the source of the revelation, by the spying watchdog, Inspector-General of Intelligence and Security, Brendan Horsley.

According to Horsley in his annual report released on Friday, he was able to use that time to make sure that the exploitation operations were thoroughly scrutinized. He was able to assure the public that they were not abused. 

He had been forced to refer to "certain operations" in the past. He said, "although it was subject to oversight, it was not possible to provide any clear public assurance of this." 

During his review of the compliance systems associated with CNE, he found that they were "on the whole, appropriate and effective". 

Even so, he was not permitted to elaborate on "the bureau's use of this potentially significant capability." 

According to the Inspector-General, the SIS is also doing a lot more "target discovery", resulting in the SIS having to manage a lot more data than it has been in the past, at a time when its checks and controls on data have not yet improved to the level they need to be. 

A review is currently being conducted by Horsley of the target discovery process by the SIS, and one will be conducted by the GCSB soon as well. 

After the attacks on the mosque in the summer of 2019, both agencies have intensified their efforts in this area. 

From civil liberties and privacy standpoint, one of the potential hazards associated with target discovery activities would be an intrusion into the lives of people who have done nothing to merit the attention of a national security agency, the Inspector-General declared in his report. 

There was no significant problem with Section 19 of the security laws as he concluded that the law simply required each agency responsible for monitoring or collecting data to be able to justify that monitoring or collection "other than the fact that certain ideas were expressed on a platform". 

A revised policy was adopted late last year by the GCSB regarding the practice of holding on to all of the extra data. This policy specifically states that the GCSB can not hold onto information solely because it may be useful to them in the future. 

On the other hand, a report by the same institution found that the SIS was struggling with its policy implementation. More than 93 percent of its policies and procedures needed to be reviewed before their implementation, and some of them, such as data analytics policies, were non-existent. 

Horsley said that decisions were being made based on draft procedures and that they had been used to guide them. 

There is an agreement between the SIS and DOJ to deal with the backlog of policies. Even though the SIS has already reduced its policy number by half, a policy's suitability for its intended purpose cannot be guaranteed in the meantime. 

In addition, it had a long way to go in reviewing its data-sharing agreement with the Department of Internal Affairs, which is also well behind schedule. 

As far as the SIS and the bureau are concerned, both have fine control mechanisms and effective ways to manage any breaches that may occur. 

When it was determined that sharing information among the agencies would result in human rights abuses, a change was made to the agency's joint policy about sharing information with foreign partners. 

As far as Horsley was concerned, the updated policy was "a marked improvement" on the 2017 policy, although he maintained reservations about some of the terms, criteria, and the handling of reports likely to have been obtained by torture, and he wanted more details made public about the revised policy. 

The report shows that he reviewed 63 spying warrants, 49 of which were the most serious, a Type 1 spying warrant. A New Zealander can therefore be harmed by someone engaging in what would otherwise be an unlawful activity to collect information about him or her.

Ex-NSA Employee Charged with Espionage Case

A former U.S. National Security Agency (NSA) employee from Colorado has been arrested on account of attempting to sell classified data to a foreign spy in an attempt to fulfill his personal problems facing because of debts. 

According to the court documents released on Thursday, the accused Jareh Sebastian Dalke, 30, was an undercover agent who was working for the Federal Bureau of Investigation (FBI). 

Jareh Sebastian said that he was in contact with the representative of a particular nation "with many interests that are adverse to the United States," he was actually talking to an undercover FBI agent, according to his arrest affidavit. 

Dalke was arrested on Wednesday after he allegedly agreed to transmit classified data. "On or about August 26, 2022, Dalke requested $85,000 in return for additional information in his possession. Dalke agreed to transmit additional information using a secure connection set up by the FBI at a public location in Denver,"  eventually it led to his arrest,  the DoJ said. 

Earlier he was employed at the NSA from June 6, 2022, to July 1, 2022, as part of a temporary assignment in Washington D.C as an Information Systems Security Designer. Dalke is also accused of transferring additional National Defense Information (NDI) to the undercover FBI agent at an undisclosed location in the U.S. state of Colorado. 

Following the investigation, he was arrested on September 28 by the law enforcement agency. As per the USA court law, Dalke was charged with three violations of the Espionage Act. However, the arrest affidavit did not identify the country to which Dalke allegedly provided information. 

The affidavit has been filed by the FBI and mentioned that Dalke also served in the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016. The defendant further held a Top Secret security clearance during his tenure at the NSA. 

"Between August and September 2022, Dalke used an encrypted email account to transmit excerpts of three classified documents he had obtained during his employment to an individual Dalke believed to be working for a foreign government," the Justice Department (DoJ) said in a press release.

Brazilian Cybercriminals Created Fake Accounts for Uber, Lyft and DoorDash

 

According to a recent report by the Federal Bureau of Investigation (FBI), a Brazilian organization is planning to defraud users of digital networks such as Uber, Lyft, and DoorDash, among others. According to authorities, this group may have used fake IDs to build driver or delivery accounts on these sites in order to sell them to people who were not qualified for the companies' policies. 

This scam may have also included the use of GPS counterfeiting technologies to trick drivers into taking longer trips and earning more money. Furthermore, the Department of Justice (DOJ) states that this organization would have begun operations in 2019 and would have expanded its operations after the pandemic paralyzed many restaurants and supermarkets. 

The gang, which worked mainly in Massachusetts but also in California, Florida, and Illinois, communicated through a WhatsApp group called "Mafia," where they allegedly agreed on similar pricing strategies to avoid undercutting each other's income, according to the FBI. 

The party leased driver accounts on a weekly basis, according to court records. A ride-hailing service driver account costs between $250 and $300 per week, while a food delivery web account costs $150 per week. The FBI claimed to have tracked more than 2,000 accounts created by gang members during their investigation. 

According to the agents in charge of the investigation, the suspects made hundreds of thousands of dollars from this scheme, depositing their earnings in bank accounts under their control and withdrawing small sums of money on a regular basis to avoid attracting the attention of the authorities. Thousands of dollars were also made by criminals due to referral incentives for new accounts. One of the gang members received USD 194,800 through DoorDash's user referral system for 487 accounts they had on the website, according to a screenshot posted on the group's WhatsApp page. 

The DOJ has charged 19 Brazilian people so far, as well as revealing that six members of the fraudulent party are still on the run. The Department of Justice reported the second round of charges against five Brazilian citizens last week. Four were apprehended and charged in a San Diego court, while a fifth is still on the run and assumed to be in Brazil.

U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers

 On Thursday, the U.S. Department of Justice (DOJ) sued F.B., asserting that the company held positions for temporary visa holders but discriminated against the U.S. workers. According to DOJ, F.B. didn't consider U.S. workers suited or "qualified and available U.S. workers" for the 2600 job openings with an average salary of $1,56,000. Facebook deliberately built a contracting arrangement that denies fair and equal job opportunities to U.S. workers who have applied. Instead, the company offered jobs to temporary visa holders to sponsor for their green cards. 

A Facebook spokesperson said that the company provided full cooperation with the DOJ regarding the review but disagrees with the charges, not offering any more comments on the ongoing litigation. The lawsuit claims that F.B. favored the temporary visa workers while discriminating against U.S. workers. The incident began in January 2018 and lasted till September 2019. F.B. didn't openly advertise about the job vacancies on its career website and denied job roles to U.S. workers; these, DOJ believes, were the tactics used by F.B. 

Eric S. Dreiband, head of the DOJ's Civil Rights Division, in a statement, said, "our message to workers is clear: if companies deny employment opportunities by illegally preferring temporary visa holders, the Department of Justice will hold them accountable." "Our message to all employers — including those in the technology sector — is clear: you cannot illegally prefer to recruit, consider or hire temporary visa holders over U.S. workers," he further says. The lawsuit claims that Facebook's employing practices also negatively affect temporary visa holders by creating unequal employment status. The workers will rely on F.B's job to retain their immigration status. 

"Facebook knowingly and intentionally deterred U.S. workers from applying to and failed to meaningfully recruit U.S. workers for its PERM-related positions, when it subjected such applicants to more burdensome recruitment procedures because it preferred to employ temporary visa holders in those positions, because of their citizenship or immigration status," says the lawsuit. In a press release, DOJ noted that it was a two years investigation. In other cases, DOJ has been reviewing the tech industry since 2019 and has also filed an anti-trust lawsuit against Google recently in October.