Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label DOJ. Show all posts
US Department Of Justice
Amazon Crypto Exchange cryptocurrency Cryptocurrency Frauds Cyber Fraud DOJ Security Professionals US Department Of Justice

Former Amazon Security Engineer Charged of Defrauding a Crypto Exchange


A prominent cybersecurity pro for Amazon is apparently facing a problem. The U.S. Department of Justice has detained security engineer, Shakeeb Ahmed, with charges of defrauding and money laundering from an unnamed decentralized cryptocurrency exchange, both charged carrying a maximum 20-year-imprisonment.

According to Damian Williams, the U.S. attorney for the Southern District of New York, this was the second case their firm was announcing that is highlighting the case of “fraud in the cryptocurrency and digital asset ecosystem.”

As noted by the DOJ, Ahmed – a former security engineer for an “international technology company” – was able to "fraudulently obtain" from the aforementioned exchange almost $9 million worth of cryptocurrencies. He executed this by creating bogus dates for pricing, in order to produce the fees that he later withdrew for himself.

Williams further added, "We also allege that he then laundered the stolen funds through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges. But none of those actions covered the defendant's tracks or fooled law enforcement, and they certainly didn't stop my Office or our law enforcement partners from following the money."

Ahmed is also charged with allegedly attempting to steal more money from the exchange via "flash loan" attacks, another type of crypto vulnerability

While it was initially imprecise as to what company the accused had worked for, cybersecurity blogger Jackie Singh on Tuesday mentioned that Ahmed was a former Amazon employee. Jackie further mentioned several other online profiles the accused appeared to have links with.

According to a LinkedIn profile that matches Ahmed's job description, he works at Amazon as a "Senior Security Engineer" and has worked there since November 2020. The user's profile continues to claim Amazon as his employer. However, it is still unclear if this profile is in fact representing Ahmed.

Following this, Amazon was contacted to confirm the aforementioned details, to which the company confirmed that he had worked for Amazon. However he is no longer employed with the company, they added. The tech giant said that it could not provide any further information regarding his role in the company.

Moreover, a report by Inner City Press – a New York outlet – confirms that Ahmed appeared at the court following his detainment on Tuesday. The report mentions him wearing flip-flops, shorts, and a T-shirt saying “I code,” to the court hearing. Later, he was released on bond after pleading not guilty and will be permitted to continue living in his Manhattan apartment, according to the site.

Read more »
US Government
Credit Card Fraud Cyber Crime DOJ TOCRP Try2Check US Department Of Justice US Government

US Government Takes Down Try2Check Services Used by Dark Web Markets


The US Government, on Wednesday, announced that it had taken down the credit card checking tool ‘Try2Check’ that apparently gave cybercrime actors access to bulk purchases and sale of stolen credit card credentials to check which cards were legitimate and active.

The US Department of Justice confirmed the issue and charged Denis Gennadievich Kulkov, a citizen of Russia, for being involved in operating a fraudulent credit card checking business that brought in tens of millions of dollars.

The underground service Try2Check, which Kulkov is believed to have founded in 2005, quickly gained enormous popularity among online criminals engaged in the illicit credit card trade and enabled the suspect to earn at least $18 million in bitcoin.

Apparently, Try2Check leveraged the unnamed company’s “preauthorization” service, whereby a business, such as a hotel, requests that the payment processing firm preauthorizes a charge on a customer’s card to confirm that it is valid and has the necessary credit available. Try2Check impersonated a merchant seeking preauthorization in order to extract information about credit card validity.

What Services Did Try2Check Include? 

The services were used by individuals dealing with both the bulk purchase and sale of credit card credentials and were required to check the percentage of valid and active credit cards, including dark web markets like Joker's Stash for card testing.

By using Try2Check services, the defendant duped a well-known U.S. payment processing company whose systems were used to execute the card checks, in addition to credit card holders and issuers.

The services have now been dismantled following a collaborative measure taken by the US Government and partners in Germany and Austria, including units in the Austrian Criminal Intelligence Service, the German Federal Criminal Police Office (B.A.), the German Federal Office for Information Security (B.S.), and the French Central Directorate of the Judicial Police (DCPJ).

"Try2Check ran tens of millions of credit card checks per year and supported the operations of major card shops that made hundreds of millions in bitcoin in profits[…]Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks," the DOJ stated. 

In addition to this, the US State Department in partnership with the US Secret Service has offered a $10 million reward through the Transnational Organized Crime Rewards Program (TOCRP) for anyone who can help find Kulkov, who is currently a resident of Russia. If found guilty, Kulkov will face a 20-year-imprisonment.

"The individual named in today's indictment is accused of operating a criminal service with immeasurable reach to fund further illicit activity with global impact[…]Thanks to the cooperation and dedication of our global law enforcement community, Try2Check can no longer serve as a vehicle for continued criminal activity or illicit profits," said U.S. Secret Service Special Agent in Charge Patrick J. Freaney.  

Read more »
US Department Of Justice
Cyber Crime DOJ FBI Hive Hive Ransomware Ransomware Ransomware group US Department Of Justice

DOJ Reveals: FBI Hacked Hive Ransomware Gang


The U.S. Department of Justice (DOJ) recently confirmed that the FBI has infiltrated the activities of a popular cyber-crime gang, covertly disrupting their hacking attacks for more than six months. 

According to DOJ, FBI gained deep access to the Hive ransomware group in the late July 2022. The infiltration prevented them from blackmailing $130 million in emancipate bills from more than 300 organizations. 

The files of victims are encrypted by ransomware gangs using malicious software, locking them up and rendering them unavailable unless a ransom is paid to obtain a decryption key. 

It is being estimated that Hive and its affiliates have accumulated over $100 from more than 1,500 victims that included hospitals, school districts, financial companies and critical infrastructure, in more than 80 countries across the globe. 

The FBI revealed that it has collaborated with the local law enforcement agencies to help victims recover from the attack, including the UK's National Crime Agency, which claims to have given around 50 UK organizations decryptor keys to overcome the breaches. 

On Thursday, the US announced that it had put an end to the operation by disabling Hive's websites and communication systems with the aid of police forces in Germany and Netherlands. 

Attorney General Merrick Garland stated that "Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world." 

While the Equity Division had not yet been used to capture any individual connected to Hive attacks, a senior official suggested that such releases might happen soon. 

In regards to the infiltrations, Deputy Attorney General Lisa O Monaco said, "simply put, using lawful means, we hacked the hackers." 

Moreover, the DOJ says it would pursue those behind the Hive until they were brought to justice. 

"A good covert operation can degrade confidence in operational security and inject suspicion among actors,” Mandiant Threat Intelligence head John Hultquist said. "Until the group is arrested, they will never truly be gone. They will have to reconstitute, which takes time, but I'll bet they reappear in time."    

Read more »
U.S. government
Antitrust Lawsuit Department of Justice DOJ Google Technology U.S. government

U.S. Targets Google's Online Ad Business in Latest Lawsuit



The US Department of Justice (DOJ), along with eight other US states have filed a lawsuit against tech-giant Google. DOJ, on Tuesday, accused Google of abusing its dominance in the digital ad market. 

It has threatened to dismantle a significant business at the heart of one of Silicon Valley’s most successful online organizations. 

According to US Attorney General Merrick Garland, its anti-competitive practices have "weakened, if not destroyed, competition in the ad tech industry." 

The government campaigned for forcing Google to sell its ad manager suite, a business that not only contributed significantly to the search engine and cloud company's overall sales but also contributed around 12% of Google's revenue in 2021. 

"Google has used anticompetitive, exclusionary, and unlawful means to eliminate or severely diminish any threat to its dominance over digital advertising technologies," the antitrust complaint read. Google charged that the DOJ was "doubling down on a flawed argument that would slow innovation, raise advertising fees, and make it harder for thousands of small businesses and publishers to grow." 

The federal government says that it's Big Tech investigations and lawsuits that are aiming at leveling the playing field for smaller rivals to a group of powerful companies, including Amazon, Facebook owner Meta and Apple Inc. 

"By suing Google for monopolizing advertising technology, the DOJ today aims at the heart of the internet giant’s power[…]The complaint lays out the many anticompetitive strategies from Google that have held our internet ecosystem back," says Charlotte Slaiman, competition policy director at Public Knowledge. 

The Current Lawsuit Follows an Antitrust Lawsuit from 2020 

Tuesday’s lawsuit, under the administration of President Joe Biden, follows a 2020 antitrust case filed against Google during the presidency of Donald Trump. 

The 2020 lawsuit alleged antitrust violations in the company's acquisition or maintenance of its monopoly in internet search and is scheduled to go to trial in September. 

Eight States in Lawsuit 

The nearly 15-page lawsuit accuses Google of breaches of US antitrust law and attempts to "halt Google's anti-competitive scheme, unwind Google's monopolistic grip on the market, and restore competition to digital advertising". 

If the courts proceed to side with the US government, this might lead to the dissolution of the firm’s advertising business. 

The states joining Tuesday’s lawsuit include Connecticut, Colorado, New Jersey, New York, Rhode Island, Tennessee, and Virginia, along with Google’s home state California.  

Read more »
US
Data Theft Digital Information DOJ GCSB Security SIS Technology US

Spy Agencies Exploit Computer Networks to Gather Digital Information

 


In a recent report, a new revelation from one of the country's two spy agencies revealed the agency retrieves information directly from where it is stored on computers. This is not processed. There has been a high level of secrecy surrounding the “exploitation” of computer networks at the GCSB for a long time. 

There have been comments by US commentators that computer network exploitation can be labeled as a form of cyber warfare, or "theft of data". "With the help of our legislation, we can gain access to information infrastructures, which is more than just interception," said Andrew Hampton, Director-General of the Government Communications Security Bureau. 

"As a result of it, we are also now able to retrieve digital information directly from its storage or processing place." The GCSB calls this "access to information infrastructures", or "accessing the infrastructure of information."

Hampton's speech to the Institute of International Affairs, given in May, was cited as the source of the revelation, by the spying watchdog, Inspector-General of Intelligence and Security, Brendan Horsley.

According to Horsley in his annual report released on Friday, he was able to use that time to make sure that the exploitation operations were thoroughly scrutinized. He was able to assure the public that they were not abused. 

He had been forced to refer to "certain operations" in the past. He said, "although it was subject to oversight, it was not possible to provide any clear public assurance of this." 

During his review of the compliance systems associated with CNE, he found that they were "on the whole, appropriate and effective". 

Even so, he was not permitted to elaborate on "the bureau's use of this potentially significant capability." 

According to the Inspector-General, the SIS is also doing a lot more "target discovery", resulting in the SIS having to manage a lot more data than it has been in the past, at a time when its checks and controls on data have not yet improved to the level they need to be. 

A review is currently being conducted by Horsley of the target discovery process by the SIS, and one will be conducted by the GCSB soon as well. 

After the attacks on the mosque in the summer of 2019, both agencies have intensified their efforts in this area. 

From civil liberties and privacy standpoint, one of the potential hazards associated with target discovery activities would be an intrusion into the lives of people who have done nothing to merit the attention of a national security agency, the Inspector-General declared in his report. 

There was no significant problem with Section 19 of the security laws as he concluded that the law simply required each agency responsible for monitoring or collecting data to be able to justify that monitoring or collection "other than the fact that certain ideas were expressed on a platform". 

A revised policy was adopted late last year by the GCSB regarding the practice of holding on to all of the extra data. This policy specifically states that the GCSB can not hold onto information solely because it may be useful to them in the future. 

On the other hand, a report by the same institution found that the SIS was struggling with its policy implementation. More than 93 percent of its policies and procedures needed to be reviewed before their implementation, and some of them, such as data analytics policies, were non-existent. 

Horsley said that decisions were being made based on draft procedures and that they had been used to guide them. 

There is an agreement between the SIS and DOJ to deal with the backlog of policies. Even though the SIS has already reduced its policy number by half, a policy's suitability for its intended purpose cannot be guaranteed in the meantime. 

In addition, it had a long way to go in reviewing its data-sharing agreement with the Department of Internal Affairs, which is also well behind schedule. 

As far as the SIS and the bureau are concerned, both have fine control mechanisms and effective ways to manage any breaches that may occur. 

When it was determined that sharing information among the agencies would result in human rights abuses, a change was made to the agency's joint policy about sharing information with foreign partners. 

As far as Horsley was concerned, the updated policy was "a marked improvement" on the 2017 policy, although he maintained reservations about some of the terms, criteria, and the handling of reports likely to have been obtained by torture, and he wanted more details made public about the revised policy. 

The report shows that he reviewed 63 spying warrants, 49 of which were the most serious, a Type 1 spying warrant. A New Zealander can therefore be harmed by someone engaging in what would otherwise be an unlawful activity to collect information about him or her.
Read more »
USA
Cyber Crime cyber espionage Cyber Fraud Cyberespionage DOJ FBI United States Cyber Security USA

Ex-NSA Employee Charged with Espionage Case

A former U.S. National Security Agency (NSA) employee from Colorado has been arrested on account of attempting to sell classified data to a foreign spy in an attempt to fulfill his personal problems facing because of debts. 

According to the court documents released on Thursday, the accused Jareh Sebastian Dalke, 30, was an undercover agent who was working for the Federal Bureau of Investigation (FBI). 

Jareh Sebastian said that he was in contact with the representative of a particular nation "with many interests that are adverse to the United States," he was actually talking to an undercover FBI agent, according to his arrest affidavit. 

Dalke was arrested on Wednesday after he allegedly agreed to transmit classified data. "On or about August 26, 2022, Dalke requested $85,000 in return for additional information in his possession. Dalke agreed to transmit additional information using a secure connection set up by the FBI at a public location in Denver,"  eventually it led to his arrest,  the DoJ said. 

Earlier he was employed at the NSA from June 6, 2022, to July 1, 2022, as part of a temporary assignment in Washington D.C as an Information Systems Security Designer. Dalke is also accused of transferring additional National Defense Information (NDI) to the undercover FBI agent at an undisclosed location in the U.S. state of Colorado. 

Following the investigation, he was arrested on September 28 by the law enforcement agency. As per the USA court law, Dalke was charged with three violations of the Espionage Act. However, the arrest affidavit did not identify the country to which Dalke allegedly provided information. 

The affidavit has been filed by the FBI and mentioned that Dalke also served in the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016. The defendant further held a Top Secret security clearance during his tenure at the NSA. 

"Between August and September 2022, Dalke used an encrypted email account to transmit excerpts of three classified documents he had obtained during his employment to an individual Dalke believed to be working for a foreign government," the Justice Department (DoJ) said in a press release.
Read more »
uber
Brazil Cyber Crime cybercriminals DOJ Fake Accounts FBI uber

Brazilian Cybercriminals Created Fake Accounts for Uber, Lyft and DoorDash

 

According to a recent report by the Federal Bureau of Investigation (FBI), a Brazilian organization is planning to defraud users of digital networks such as Uber, Lyft, and DoorDash, among others. According to authorities, this group may have used fake IDs to build driver or delivery accounts on these sites in order to sell them to people who were not qualified for the companies' policies. 

This scam may have also included the use of GPS counterfeiting technologies to trick drivers into taking longer trips and earning more money. Furthermore, the Department of Justice (DOJ) states that this organization would have begun operations in 2019 and would have expanded its operations after the pandemic paralyzed many restaurants and supermarkets. 

The gang, which worked mainly in Massachusetts but also in California, Florida, and Illinois, communicated through a WhatsApp group called "Mafia," where they allegedly agreed on similar pricing strategies to avoid undercutting each other's income, according to the FBI. 

The party leased driver accounts on a weekly basis, according to court records. A ride-hailing service driver account costs between $250 and $300 per week, while a food delivery web account costs $150 per week. The FBI claimed to have tracked more than 2,000 accounts created by gang members during their investigation. 

According to the agents in charge of the investigation, the suspects made hundreds of thousands of dollars from this scheme, depositing their earnings in bank accounts under their control and withdrawing small sums of money on a regular basis to avoid attracting the attention of the authorities. Thousands of dollars were also made by criminals due to referral incentives for new accounts. One of the gang members received USD 194,800 through DoorDash's user referral system for 487 accounts they had on the website, according to a screenshot posted on the group's WhatsApp page. 

The DOJ has charged 19 Brazilian people so far, as well as revealing that six members of the fraudulent party are still on the run. The Department of Justice reported the second round of charges against five Brazilian citizens last week. Four were apprehended and charged in a San Diego court, while a fifth is still on the run and assumed to be in Brazil.
Read more »
Technology
DOJ Facebook Technology

U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers

 On Thursday, the U.S. Department of Justice (DOJ) sued F.B., asserting that the company held positions for temporary visa holders but discriminated against the U.S. workers. According to DOJ, F.B. didn't consider U.S. workers suited or "qualified and available U.S. workers" for the 2600 job openings with an average salary of $1,56,000. Facebook deliberately built a contracting arrangement that denies fair and equal job opportunities to U.S. workers who have applied. Instead, the company offered jobs to temporary visa holders to sponsor for their green cards. 

A Facebook spokesperson said that the company provided full cooperation with the DOJ regarding the review but disagrees with the charges, not offering any more comments on the ongoing litigation. The lawsuit claims that F.B. favored the temporary visa workers while discriminating against U.S. workers. The incident began in January 2018 and lasted till September 2019. F.B. didn't openly advertise about the job vacancies on its career website and denied job roles to U.S. workers; these, DOJ believes, were the tactics used by F.B. 

Eric S. Dreiband, head of the DOJ's Civil Rights Division, in a statement, said, "our message to workers is clear: if companies deny employment opportunities by illegally preferring temporary visa holders, the Department of Justice will hold them accountable." "Our message to all employers — including those in the technology sector — is clear: you cannot illegally prefer to recruit, consider or hire temporary visa holders over U.S. workers," he further says. The lawsuit claims that Facebook's employing practices also negatively affect temporary visa holders by creating unequal employment status. The workers will rely on F.B's job to retain their immigration status. 

"Facebook knowingly and intentionally deterred U.S. workers from applying to and failed to meaningfully recruit U.S. workers for its PERM-related positions, when it subjected such applicants to more burdensome recruitment procedures because it preferred to employ temporary visa holders in those positions, because of their citizenship or immigration status," says the lawsuit. In a press release, DOJ noted that it was a two years investigation. In other cases, DOJ has been reviewing the tech industry since 2019 and has also filed an anti-trust lawsuit against Google recently in October.
Read more »
Subscribe to: Posts (Atom)