Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label DOJ. Show all posts
takedown
CloudFlare Cybersecurity DOJ Europol FBI Infostealer Lumma malware Microsoft takedown

Global Operation Dismantles Lumma Malware Network, Seizes 2,300 Domains and Infrastructure

 

In a sweeping international crackdown earlier this month, a collaborative operation involving major tech firms and law enforcement agencies significantly disrupted the Lumma malware-as-a-service (MaaS) operation. This effort resulted in the seizure of thousands of domains and dismantling of key components of Lumma's infrastructure across the globe.

A major milestone in the operation occurred on May 13, 2025, when Microsoft, through legal action, successfully took control of around 2,300 domains associated with the malware. Simultaneously, the U.S. Department of Justice (DOJ) dismantled online marketplaces used by cybercriminals to rent Lumma’s services, while Europol’s European Cybercrime Center (EC3) and Japan’s Cybercrime Control Center (JC3) helped take down Lumma’s infrastructure in their respective regions.

"Between March 16, 2025, and May 16, 2025, Microsoft identified over 394,000 Windows computers globally infected by the Lumma malware. Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," said Steven Masada, Assistant General Counsel of Microsoft's Digital Crimes Unit.

Cloudflare, one of the key players in the effort, highlighted the impact of the takedown.

“The Lumma Stealer disruption effort denies the Lumma operators access to their control panel, marketplace of stolen data, and the Internet infrastructure used to facilitate the collection and management of that data. These actions impose operational and financial costs on both the Lumma operators and their customers, forcing them to rebuild their services on alternative infrastructure,” Cloudflare stated.

The operation saw contributions from companies like ESET, CleanDNS, Bitsight, Lumen, GMO Registry, and law firm Orrick. According to Cloudflare, the Lumma malware misused their platform to mask server IP addresses that were used to siphon off stolen credentials and sensitive data.

Even after suspending malicious domains, the malware managed to bypass Cloudflare’s interstitial warning page, prompting the company to reinforce its security measures.

"Cloudflare's Trust and Safety team repeatedly flagged domains used by the criminals and suspended their accounts," the company explained.

“In February 2025, Lumma’s malware was observed bypassing Cloudflare’s interstitial warning page, which is one countermeasure that Cloudflare employs to disrupt malicious actors. In response, Cloudflare added the Turnstile service to the interstitial warning page, so the malware could not bypass it." 

Also known as LummaC2, Lumma is a sophisticated information-stealing malware offered as a subscription-based service, ranging from $250 to $1,000. It targets both Windows and macOS systems, enabling cybercriminals to exfiltrate data from browsers and apps.

Once installed, Lumma can extract a broad range of data, including login credentials, credit card numbers, cryptocurrency wallets, cookies, and browsing history from popular browsers like Google Chrome, Microsoft Edge, Mozilla Firefox, and other Chromium-based platforms. The stolen data is packaged and sent to attacker-controlled servers, where it is either sold on dark web marketplaces or used in follow-up cyberattacks.

Initially spotted in December 2022 on cybercrime forums, the malware quickly gained traction. Cybersecurity firm KELA reported its rapid rise in popularity among cybercriminals.

IBM X-Force’s 2025 threat intelligence report revealed a 12% year-on-year increase in the number of stolen credentials being sold online, largely driven by the use of infostealers like Lumma. Phishing campaigns delivering such malware have surged by 84%, making Lumma the most dominant player in this threat landscape.

Lumma has been linked to major malvertising campaigns affecting hundreds of thousands of users and has been used by notorious groups such as the Scattered Spider cybercrime collective.

Recently, stolen data linked to Lumma has played a role in high-profile breaches at companies like PowerSchool, HotTopic, CircleCI, and Snowflake. In some cases, infostealer malware has been used to manipulate internet infrastructure, such as the Orange Spain RIPE account hijacking incident that disrupted BGP and RPKI configurations.

On the day of the crackdown, the FBI and CISA jointly issued a security advisory outlining indicators of compromise (IOCs) and detailing the tactics, techniques, and procedures (TTPs) employed by threat actors using Lumma malware.


Read more »
United States
Crypto Theft Cyber Crime DOJ Fraud Campaign United States

Crypto Crime Shocker: DOJ Charges 27 In $263 Million Crypto Theft

 

A multi-national cryptocurrency fraud ring that allegedly defrauded victims worldwide over a quarter of a billion dollars has come under increased scrutiny from the US Department of Justice (DOJ). 

The case now has 27 defendants in total after the charges were filed under the Racketeer Influenced and Corrupt Organisations Act (RICO). Malone Lam, a 20-year-old who is at the centre of the investigation, is charged with planning one of the biggest individual cryptocurrency thefts in American history. 

Lam is suspected of stealing over 4,100 Bitcoin, or about US $230 million, from a single victim in Washington, DC. Lam, who went by multiple internet aliases such as "Anne Hathaway" and "$$$," is accused of collaborating with Jeandiel Serrano (also known as "VersaceGod") to carry out a complex social engineering attack on a guy identified as an extremely wealthy early crypto investor. 

After bombarding the victim with phoney Google security warnings warning of unauthorised login attempts, Lam and Serrano are said to have called the guy and impersonated Google support professionals. Investigators say they misled the victim into revealing multi-factor authentication codes, allowing them to access his accounts and steal a fortune in cryptocurrency. 

Following the theft, Lam and Serrano are accused of laundering the stolen funds in a variety of ways and using their wealth to fund a lavish lifestyle. Lam is claimed to have bought at least 31 expensive cars, including custom Lamborghinis, Ferraris, Porsches, Mercedes G Waggons, a Rolls-Royce, and a McClaren, some of which were worth more than $3 million. He also rented many high-end residences in Los Angeles and Miami, some for up to $68,000 per month, and spent hundreds of thousands of dollars on nightclub trips. 

Now, the DOJ has revealed that more defendants have been indicted in connection with the racketeering scheme. According to court documents, the defendants, who met through online gaming platforms, performed a variety of roles, including database hackers, organisers, target identifiers, callers, money launderers, and burglars who physically broke into victims' homes to steal their hardware cryptocurrency wallets. 

According to court documents, one of the defendants, 21-year-old Joel Cortes of Laguna Niguel, California, assisted members of the gang by "changing stolen virtual currency into fiat currency and shipping the currency across the United States, hidden in squishmallow stuffed animals, each containing approximately $25,000 apiece.” 

When it came to drawing attention to themselves, other gang members allegedly adopted Lam's strategy by, among other things, renting private jets, buying luxury handbags valued at tens of thousands of dollars to give to young women they deemed attractive, and paying up to US $500,000 per night for nightclub services.

Lam is accused of continuing to engage with the group even after his arrest in September 2024, assisting them in stealing cryptocurrencies and arranging for his claimed associates to purchase luxury Hermes Birkin handbags for his girlfriend in Miami, Florida. 

This case serves as a stark reminder of the ever-increasing confluence of cyber fraud and psychology. While the crypto technology is new, the scam is old as time: acquire trust, play the long game, and walk away with the loot.
Read more »
United States
Cyber Fraud Data Breach DOJ Phobos Ransomware United States

Two Russian Hackers Arrested for Large-Scale Ransomware Attacks

 



Authorities in the United States have charged two Russian nationals with carrying out widespread cyberattacks using Phobos ransomware. The suspects, Roman Berezhnoy (33) and Egor Nikolaevich Glebov (39), were arrested in Thailand for allegedly orchestrating more than a thousand attacks worldwide.  

Cybercriminals Behind the Phobos Ransomware Attacks 

According to the U.S. Department of Justice (DoJ), both men were actively involved in cybercrime from 2019 to 2024. They were linked to two hacking groups known as "8Base" and "Affiliate 2803," which were responsible for spreading Phobos ransomware.  

Their method of attack involved infiltrating computer networks, stealing important files, and encrypting them using ransomware. Victims were then left with no access to their own data unless they paid a ransom. If payments were not made, the attackers allegedly threatened to leak sensitive information to the public or to the organizations’ clients and partners.  

Legal Charges and Possible Consequences

The two men now face multiple serious charges, including:  

1. Fraud involving online transactions  

2. Hacking into protected systems  

3. Intentional damage to computer networks  

4. Extortion through cyber threats  

If found guilty, the penalties could be severe. Wire fraud charges alone could lead to a 20-year prison sentence, while hacking-related crimes carry additional penalties of up to 10 years.  

International Crackdown on Ransomware Operations

In a coordinated effort, Europol and other international agencies have shut down 27 servers used by the 8Base ransomware group. This action has significantly disrupted the cybercriminal network.  

Authorities also revealed that a previous arrest in Italy in 2023 helped law enforcement gather intelligence on Phobos ransomware operations. This intelligence allowed them to prevent over 400 potential cyberattacks and take down key infrastructure used by the hackers.  

What This Means for Cybersecurity

Phobos ransomware has been a major cyber threat since 2018, targeting businesses and organizations worldwide. While these arrests and crackdowns have weakened the group, it is uncertain whether this will fully eliminate their operations.  

This case highlights the growing efforts by global law enforcement agencies to combat cybercrime. Businesses and individuals are urged to remain cautious, implement strong security measures, and stay informed about evolving cyber threats.  


Read more »
Ransomware
Bitcoin cryptocurrency Cyber Crime Cyber crimes DOJ Ransomware

Russian Nationals Charged in Billion-Dollar Cryptocurrency Fraud

 




A tremendous blow has been dealt to global cybercrime after US authorities charged two Russian nationals with masterminding a giant cryptocurrency money laundering network. After being charged by the U.S., the two Russian nationals are alleged to have headmastered a giant cryptocurrency money laundering network. The couple laundered the billions through crypto exchange services, concealing ill-gotten gains from cyber frauds, ransomware, and dark web narcotics.

DOJ officials collaborated with worldwide law enforcement to obtain servers and USD 7 million in cryptocurrency from the network, effectively crippling the criminal organisation.

Vast Money Laundering Scheme Exposed

DOJ says the two Russians to be arraigned, Sergey Ivanov and Timur Shakhmametov, played a significant role in one of the largest money laundering operations. They traded billions of dollars for international cybercriminals through various cryptocurrency exchanges, including platforms like Cryptex and Joker's Stash. Their operation enabled criminals to avail themselves of the anonymity associated with cryptocurrencies, avoiding financial regulations, and even making their laundered funds more portable and unobservable.

Investigators said Ivanov operated Cryptex, a site that processed more than $1.15 billion in cryptocurrency transactions. Of that, $441 million was directly linked to crimes, including $297 million in fraud and $115 million in ransomware payments. Cryptex offered criminals a loophole because it didn't require users to have their IDs verified—a "know-your-customer" (KYC) compliance process would have made their transactions traceable.

The medium to support darknet criminals

Besides Cryptex, the operation made it possible to conduct many other illegal activities on the dark web like carding sites-Rescator and Joker's Stash. The said platforms, especially Joker's Stash, deal in stolen payment card information. Estimated proceeds from these operations ranged around $280 million to up to $1 billion. One of the defendants, Shakhmametov was said to manage Joker's Stash, and hence the extent of this criminal network increased.

Seizing Servers and Crypto Currency

Indeed, international cooperation figured quite largely into taking down this elaborate criminal enterprise. US authorities teamed with law enforcement agencies from other countries, such as Dutch authorities, to take down servers hosting such platforms as PM2BTC and Cryptex, located in several different countries, which have disrupted the operation. Moreover, law enforcement seized more than $7 million in cryptocurrency on those servers from the organisation.

According to the Justice Department, bitcoin transactions through Cryptex were pegged at 28% to the darknet markets that are U.S.-sanctioned, as well as other crime enterprises. This percentage emphasises the colossal level of participation that such exchanges provided in furthering cybercrimes at a worldwide level.

Global Crackdown on Cybercrime

The case reminds everyone that efforts at a global level are aimed at fighting the same cybercrime supported by cryptocurrencies. The DOJ has already communicated while working with other U.S. agencies, including the Department of State and the Treasury, that it will continue the crusade against those who use digital currencies for nefarious activities. In this case, the dismantling of this billion-dollar laundering network makes it a milestone victory for law enforcement and a warning to others in similar operations.

As cryptocurrency increases in usage, so does its misuse. Even though digital currencies offer immense legitimate advantages, they also provide criminals with a conduit to bypass traditional financial systems. This makes it pretty evident that the breaking down of Cryptex and Joker's Stash serves as a harsh reminder of how much importance needs to be given to strict security and regulatory measures so that such practices cannot be made using the system for nefarious purposes.

The recent charges suggest that U.S. and international law enforcement agencies are attacking cybercrime networks, especially those using cryptocurrency as a cover for under-the-radar activities. By taking down these systems, the authorities would find it more challenging for cybercrimes to cover up their illegal sources of income and further reduce the threat of rising cybercrime globally.

Hence, this high-profile case should awaken business entities and private individuals dealing in cryptocurrencies to take extreme care that they do not engage in any activity contrary to regulations set to monitor money laundering and other illegal activities.


Read more »
Lawsuits
Anti Malwares Cyber Security Cyberfrauds DOJ Georgia Georgian Cyber Security IT department Lawsuits

Georgia Tech Faces DOJ Lawsuit Over Alleged Lapses in Cybersecurity for Defense Contracts

 

Researchers at the Georgia Institute of Technology, who have received over $1 billion in Defense Department contracts, are facing scrutiny for allegedly failing to secure their computers and servers, citing that doing so was too “burdensome.” Since 2013, the Department of Defense has mandated that any contractor handling sensitive data provide “adequate security” on their systems. 

However, at Georgia Tech, laboratory directors reportedly resisted developing a security plan and opposed IT department efforts to implement basic antivirus and anti-malware software. Two IT department employees filed a whistleblower lawsuit, leading the Department of Justice (DOJ) to join the case against the university and the Georgia Tech Research Corporation (GTRC), the nonprofit entity managing government contracts. The lawsuit claims that the Astrolavos Lab at Georgia Tech delayed creating and implementing a security plan, as required by the government contracts. 

When a plan was finally created in 2020, it did not cover all relevant devices, according to the DOJ. Furthermore, the lab, whose mission is to address the security of emerging technologies critical to national security, did not install or update antivirus or anti-malware tools until December 2021. The lab allegedly fabricated compliance reports sent to the Defense Department. The reasons behind these alleged security lapses reportedly stem from campus politics. The DOJ complaint suggests that researchers bringing in substantial government funding were viewed as “star quarterbacks,” using their influence to resist compliance with federal cybersecurity mandates. 

Between 2019 and 2022, GTRC secured more than $1.6 billion in government contracts, with over $423 million in 2022 alone. The whistleblowers, Christopher Craig and Kyle Koza, filed the suit under the False Claims Act, allowing them to receive a portion of any recovered funds. Georgia Tech and GTRC face nine counts, including fraud, breach of contract, negligence, and unjust enrichment, with the DOJ seeking damages to be determined at trial. The DOJ stressed the importance of cybersecurity compliance by government contractors to safeguard U.S. information against threats from malicious actors. 

Meanwhile, Georgia Tech expressed disappointment at the DOJ’s filing, arguing it misrepresents the university’s culture and integrity, claiming that the government itself had indicated that the research did not require cybersecurity restrictions. Georgia Tech has vowed to dispute the case in court, maintaining that there was no data breach or leak and reaffirming its commitment to cybersecurity and collaboration with federal agencies.  

This case is notable given recent cybersecurity threats faced by major universities, such as the University of Utah and Howard University, where ransomware attacks have resulted in significant financial losses.
Read more »
US Court
Cyber Crime DOJ Extortion Group Ransomware group US Authorities US Court

US Authorities Charge Alleged Key Member of Russian Karakurt Ransomware Outfit

 

The U.S. Department of Justice (DOJ) released a statement this week charging a member of a Russian cybercrime group with financial fraud, extortion, and money laundering in a U.S. court. The 33-year-old Moscow-based Latvian national Deniss Zolotarjovs was extradited to the United States earlier this month after being detained by Georgian authorities in December 2023.

Court records indicate that Zolotarjovs is linked with the ransomware outfit Karakurt, which exfiltrates victim data and holds it hostage until a cryptocurrency ransom is paid. The gang runs an auction portal and leak site where they identify the victim companies and allow users to download stolen data. The group has demanded ransom in Bitcoin ranging from $25,000 to $13 million. 

Previous findings suggest that Karakurt was related to the now-defunct ransomware gang Conti. Researchers believe Karakurt was a side project of the group behind Conti, allowing them to monetise data stolen during attacks when organisations were able to halt the ransomware encryption process. Zolotarjovs allegedly used the alias "Sforza_cesarini" and was an active member of Karakurt. 

He is suspected of engaging with other members, laundering cryptocurrency, and exploiting the group's victims. According to the DOJ, he is the first alleged member of the organisation to be arrested and extradited to the United States. According to court records, Zolotarjovs is involved in attacks on at least six undisclosed US companies. 

Karakurt stole "a large volume of private client data" in one attack in 2021, which included lab results, medical information, Social Security numbers that matched names, addresses, dates of birth, and home addresses. The company negotiated a ransom payment of $250,000 down from Karakurt's initial demand of about $650,000. 

In addition to carrying out open-source research to find phone numbers, emails, or other accounts through which victims could be contacted and pressured to either pay a ransom or re-enter a chat with the ransomware group, Zolotarjovs was probably in charge of negotiating Karakurt's "cold case extortions." 

“Some of the chats indicated that Sforza’s efforts to revive cold cases were successful in extracting ransom payments,” court documents noted.
Read more »
US Department Of Justice
Amazon Crypto Exchange cryptocurrency Cryptocurrency Frauds Cyber Fraud DOJ Security Professionals US Department Of Justice

Former Amazon Security Engineer Charged of Defrauding a Crypto Exchange


A prominent cybersecurity pro for Amazon is apparently facing a problem. The U.S. Department of Justice has detained security engineer, Shakeeb Ahmed, with charges of defrauding and money laundering from an unnamed decentralized cryptocurrency exchange, both charged carrying a maximum 20-year-imprisonment.

According to Damian Williams, the U.S. attorney for the Southern District of New York, this was the second case their firm was announcing that is highlighting the case of “fraud in the cryptocurrency and digital asset ecosystem.”

As noted by the DOJ, Ahmed – a former security engineer for an “international technology company” – was able to "fraudulently obtain" from the aforementioned exchange almost $9 million worth of cryptocurrencies. He executed this by creating bogus dates for pricing, in order to produce the fees that he later withdrew for himself.

Williams further added, "We also allege that he then laundered the stolen funds through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges. But none of those actions covered the defendant's tracks or fooled law enforcement, and they certainly didn't stop my Office or our law enforcement partners from following the money."

Ahmed is also charged with allegedly attempting to steal more money from the exchange via "flash loan" attacks, another type of crypto vulnerability

While it was initially imprecise as to what company the accused had worked for, cybersecurity blogger Jackie Singh on Tuesday mentioned that Ahmed was a former Amazon employee. Jackie further mentioned several other online profiles the accused appeared to have links with.

According to a LinkedIn profile that matches Ahmed's job description, he works at Amazon as a "Senior Security Engineer" and has worked there since November 2020. The user's profile continues to claim Amazon as his employer. However, it is still unclear if this profile is in fact representing Ahmed.

Following this, Amazon was contacted to confirm the aforementioned details, to which the company confirmed that he had worked for Amazon. However he is no longer employed with the company, they added. The tech giant said that it could not provide any further information regarding his role in the company.

Moreover, a report by Inner City Press – a New York outlet – confirms that Ahmed appeared at the court following his detainment on Tuesday. The report mentions him wearing flip-flops, shorts, and a T-shirt saying “I code,” to the court hearing. Later, he was released on bond after pleading not guilty and will be permitted to continue living in his Manhattan apartment, according to the site.

Read more »
US Government
Credit Card Fraud Cyber Crime DOJ TOCRP Try2Check US Department Of Justice US Government

US Government Takes Down Try2Check Services Used by Dark Web Markets


The US Government, on Wednesday, announced that it had taken down the credit card checking tool ‘Try2Check’ that apparently gave cybercrime actors access to bulk purchases and sale of stolen credit card credentials to check which cards were legitimate and active.

The US Department of Justice confirmed the issue and charged Denis Gennadievich Kulkov, a citizen of Russia, for being involved in operating a fraudulent credit card checking business that brought in tens of millions of dollars.

The underground service Try2Check, which Kulkov is believed to have founded in 2005, quickly gained enormous popularity among online criminals engaged in the illicit credit card trade and enabled the suspect to earn at least $18 million in bitcoin.

Apparently, Try2Check leveraged the unnamed company’s “preauthorization” service, whereby a business, such as a hotel, requests that the payment processing firm preauthorizes a charge on a customer’s card to confirm that it is valid and has the necessary credit available. Try2Check impersonated a merchant seeking preauthorization in order to extract information about credit card validity.

What Services Did Try2Check Include? 

The services were used by individuals dealing with both the bulk purchase and sale of credit card credentials and were required to check the percentage of valid and active credit cards, including dark web markets like Joker's Stash for card testing.

By using Try2Check services, the defendant duped a well-known U.S. payment processing company whose systems were used to execute the card checks, in addition to credit card holders and issuers.

The services have now been dismantled following a collaborative measure taken by the US Government and partners in Germany and Austria, including units in the Austrian Criminal Intelligence Service, the German Federal Criminal Police Office (B.A.), the German Federal Office for Information Security (B.S.), and the French Central Directorate of the Judicial Police (DCPJ).

"Try2Check ran tens of millions of credit card checks per year and supported the operations of major card shops that made hundreds of millions in bitcoin in profits[…]Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks," the DOJ stated. 

In addition to this, the US State Department in partnership with the US Secret Service has offered a $10 million reward through the Transnational Organized Crime Rewards Program (TOCRP) for anyone who can help find Kulkov, who is currently a resident of Russia. If found guilty, Kulkov will face a 20-year-imprisonment.

"The individual named in today's indictment is accused of operating a criminal service with immeasurable reach to fund further illicit activity with global impact[…]Thanks to the cooperation and dedication of our global law enforcement community, Try2Check can no longer serve as a vehicle for continued criminal activity or illicit profits," said U.S. Secret Service Special Agent in Charge Patrick J. Freaney.  

Read more »
US Department Of Justice
Cyber Crime DOJ FBI Hive Hive Ransomware Ransomware Ransomware group US Department Of Justice

DOJ Reveals: FBI Hacked Hive Ransomware Gang


The U.S. Department of Justice (DOJ) recently confirmed that the FBI has infiltrated the activities of a popular cyber-crime gang, covertly disrupting their hacking attacks for more than six months. 

According to DOJ, FBI gained deep access to the Hive ransomware group in the late July 2022. The infiltration prevented them from blackmailing $130 million in emancipate bills from more than 300 organizations. 

The files of victims are encrypted by ransomware gangs using malicious software, locking them up and rendering them unavailable unless a ransom is paid to obtain a decryption key. 

It is being estimated that Hive and its affiliates have accumulated over $100 from more than 1,500 victims that included hospitals, school districts, financial companies and critical infrastructure, in more than 80 countries across the globe. 

The FBI revealed that it has collaborated with the local law enforcement agencies to help victims recover from the attack, including the UK's National Crime Agency, which claims to have given around 50 UK organizations decryptor keys to overcome the breaches. 

On Thursday, the US announced that it had put an end to the operation by disabling Hive's websites and communication systems with the aid of police forces in Germany and Netherlands. 

Attorney General Merrick Garland stated that "Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world." 

While the Equity Division had not yet been used to capture any individual connected to Hive attacks, a senior official suggested that such releases might happen soon. 

In regards to the infiltrations, Deputy Attorney General Lisa O Monaco said, "simply put, using lawful means, we hacked the hackers." 

Moreover, the DOJ says it would pursue those behind the Hive until they were brought to justice. 

"A good covert operation can degrade confidence in operational security and inject suspicion among actors,” Mandiant Threat Intelligence head John Hultquist said. "Until the group is arrested, they will never truly be gone. They will have to reconstitute, which takes time, but I'll bet they reappear in time."    

Read more »
U.S. government
Antitrust Lawsuit Department of Justice DOJ Google Technology U.S. government

U.S. Targets Google's Online Ad Business in Latest Lawsuit



The US Department of Justice (DOJ), along with eight other US states have filed a lawsuit against tech-giant Google. DOJ, on Tuesday, accused Google of abusing its dominance in the digital ad market. 

It has threatened to dismantle a significant business at the heart of one of Silicon Valley’s most successful online organizations. 

According to US Attorney General Merrick Garland, its anti-competitive practices have "weakened, if not destroyed, competition in the ad tech industry." 

The government campaigned for forcing Google to sell its ad manager suite, a business that not only contributed significantly to the search engine and cloud company's overall sales but also contributed around 12% of Google's revenue in 2021. 

"Google has used anticompetitive, exclusionary, and unlawful means to eliminate or severely diminish any threat to its dominance over digital advertising technologies," the antitrust complaint read. Google charged that the DOJ was "doubling down on a flawed argument that would slow innovation, raise advertising fees, and make it harder for thousands of small businesses and publishers to grow." 

The federal government says that it's Big Tech investigations and lawsuits that are aiming at leveling the playing field for smaller rivals to a group of powerful companies, including Amazon, Facebook owner Meta and Apple Inc. 

"By suing Google for monopolizing advertising technology, the DOJ today aims at the heart of the internet giant’s power[…]The complaint lays out the many anticompetitive strategies from Google that have held our internet ecosystem back," says Charlotte Slaiman, competition policy director at Public Knowledge. 

The Current Lawsuit Follows an Antitrust Lawsuit from 2020 

Tuesday’s lawsuit, under the administration of President Joe Biden, follows a 2020 antitrust case filed against Google during the presidency of Donald Trump. 

The 2020 lawsuit alleged antitrust violations in the company's acquisition or maintenance of its monopoly in internet search and is scheduled to go to trial in September. 

Eight States in Lawsuit 

The nearly 15-page lawsuit accuses Google of breaches of US antitrust law and attempts to "halt Google's anti-competitive scheme, unwind Google's monopolistic grip on the market, and restore competition to digital advertising". 

If the courts proceed to side with the US government, this might lead to the dissolution of the firm’s advertising business. 

The states joining Tuesday’s lawsuit include Connecticut, Colorado, New Jersey, New York, Rhode Island, Tennessee, and Virginia, along with Google’s home state California.  

Read more »
US
Data Theft Digital Information DOJ GCSB Security SIS Technology US

Spy Agencies Exploit Computer Networks to Gather Digital Information

 


In a recent report, a new revelation from one of the country's two spy agencies revealed the agency retrieves information directly from where it is stored on computers. This is not processed. There has been a high level of secrecy surrounding the “exploitation” of computer networks at the GCSB for a long time. 

There have been comments by US commentators that computer network exploitation can be labeled as a form of cyber warfare, or "theft of data". "With the help of our legislation, we can gain access to information infrastructures, which is more than just interception," said Andrew Hampton, Director-General of the Government Communications Security Bureau. 

"As a result of it, we are also now able to retrieve digital information directly from its storage or processing place." The GCSB calls this "access to information infrastructures", or "accessing the infrastructure of information."

Hampton's speech to the Institute of International Affairs, given in May, was cited as the source of the revelation, by the spying watchdog, Inspector-General of Intelligence and Security, Brendan Horsley.

According to Horsley in his annual report released on Friday, he was able to use that time to make sure that the exploitation operations were thoroughly scrutinized. He was able to assure the public that they were not abused. 

He had been forced to refer to "certain operations" in the past. He said, "although it was subject to oversight, it was not possible to provide any clear public assurance of this." 

During his review of the compliance systems associated with CNE, he found that they were "on the whole, appropriate and effective". 

Even so, he was not permitted to elaborate on "the bureau's use of this potentially significant capability." 

According to the Inspector-General, the SIS is also doing a lot more "target discovery", resulting in the SIS having to manage a lot more data than it has been in the past, at a time when its checks and controls on data have not yet improved to the level they need to be. 

A review is currently being conducted by Horsley of the target discovery process by the SIS, and one will be conducted by the GCSB soon as well. 

After the attacks on the mosque in the summer of 2019, both agencies have intensified their efforts in this area. 

From civil liberties and privacy standpoint, one of the potential hazards associated with target discovery activities would be an intrusion into the lives of people who have done nothing to merit the attention of a national security agency, the Inspector-General declared in his report. 

There was no significant problem with Section 19 of the security laws as he concluded that the law simply required each agency responsible for monitoring or collecting data to be able to justify that monitoring or collection "other than the fact that certain ideas were expressed on a platform". 

A revised policy was adopted late last year by the GCSB regarding the practice of holding on to all of the extra data. This policy specifically states that the GCSB can not hold onto information solely because it may be useful to them in the future. 

On the other hand, a report by the same institution found that the SIS was struggling with its policy implementation. More than 93 percent of its policies and procedures needed to be reviewed before their implementation, and some of them, such as data analytics policies, were non-existent. 

Horsley said that decisions were being made based on draft procedures and that they had been used to guide them. 

There is an agreement between the SIS and DOJ to deal with the backlog of policies. Even though the SIS has already reduced its policy number by half, a policy's suitability for its intended purpose cannot be guaranteed in the meantime. 

In addition, it had a long way to go in reviewing its data-sharing agreement with the Department of Internal Affairs, which is also well behind schedule. 

As far as the SIS and the bureau are concerned, both have fine control mechanisms and effective ways to manage any breaches that may occur. 

When it was determined that sharing information among the agencies would result in human rights abuses, a change was made to the agency's joint policy about sharing information with foreign partners. 

As far as Horsley was concerned, the updated policy was "a marked improvement" on the 2017 policy, although he maintained reservations about some of the terms, criteria, and the handling of reports likely to have been obtained by torture, and he wanted more details made public about the revised policy. 

The report shows that he reviewed 63 spying warrants, 49 of which were the most serious, a Type 1 spying warrant. A New Zealander can therefore be harmed by someone engaging in what would otherwise be an unlawful activity to collect information about him or her.
Read more »
USA
Cyber Crime cyber espionage Cyber Fraud Cyberespionage DOJ FBI United States Cyber Security USA

Ex-NSA Employee Charged with Espionage Case

A former U.S. National Security Agency (NSA) employee from Colorado has been arrested on account of attempting to sell classified data to a foreign spy in an attempt to fulfill his personal problems facing because of debts. 

According to the court documents released on Thursday, the accused Jareh Sebastian Dalke, 30, was an undercover agent who was working for the Federal Bureau of Investigation (FBI). 

Jareh Sebastian said that he was in contact with the representative of a particular nation "with many interests that are adverse to the United States," he was actually talking to an undercover FBI agent, according to his arrest affidavit. 

Dalke was arrested on Wednesday after he allegedly agreed to transmit classified data. "On or about August 26, 2022, Dalke requested $85,000 in return for additional information in his possession. Dalke agreed to transmit additional information using a secure connection set up by the FBI at a public location in Denver,"  eventually it led to his arrest,  the DoJ said. 

Earlier he was employed at the NSA from June 6, 2022, to July 1, 2022, as part of a temporary assignment in Washington D.C as an Information Systems Security Designer. Dalke is also accused of transferring additional National Defense Information (NDI) to the undercover FBI agent at an undisclosed location in the U.S. state of Colorado. 

Following the investigation, he was arrested on September 28 by the law enforcement agency. As per the USA court law, Dalke was charged with three violations of the Espionage Act. However, the arrest affidavit did not identify the country to which Dalke allegedly provided information. 

The affidavit has been filed by the FBI and mentioned that Dalke also served in the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016. The defendant further held a Top Secret security clearance during his tenure at the NSA. 

"Between August and September 2022, Dalke used an encrypted email account to transmit excerpts of three classified documents he had obtained during his employment to an individual Dalke believed to be working for a foreign government," the Justice Department (DoJ) said in a press release.
Read more »
uber
Brazil Cyber Crime cybercriminals DOJ Fake Accounts FBI uber

Brazilian Cybercriminals Created Fake Accounts for Uber, Lyft and DoorDash

 

According to a recent report by the Federal Bureau of Investigation (FBI), a Brazilian organization is planning to defraud users of digital networks such as Uber, Lyft, and DoorDash, among others. According to authorities, this group may have used fake IDs to build driver or delivery accounts on these sites in order to sell them to people who were not qualified for the companies' policies. 

This scam may have also included the use of GPS counterfeiting technologies to trick drivers into taking longer trips and earning more money. Furthermore, the Department of Justice (DOJ) states that this organization would have begun operations in 2019 and would have expanded its operations after the pandemic paralyzed many restaurants and supermarkets. 

The gang, which worked mainly in Massachusetts but also in California, Florida, and Illinois, communicated through a WhatsApp group called "Mafia," where they allegedly agreed on similar pricing strategies to avoid undercutting each other's income, according to the FBI. 

The party leased driver accounts on a weekly basis, according to court records. A ride-hailing service driver account costs between $250 and $300 per week, while a food delivery web account costs $150 per week. The FBI claimed to have tracked more than 2,000 accounts created by gang members during their investigation. 

According to the agents in charge of the investigation, the suspects made hundreds of thousands of dollars from this scheme, depositing their earnings in bank accounts under their control and withdrawing small sums of money on a regular basis to avoid attracting the attention of the authorities. Thousands of dollars were also made by criminals due to referral incentives for new accounts. One of the gang members received USD 194,800 through DoorDash's user referral system for 487 accounts they had on the website, according to a screenshot posted on the group's WhatsApp page. 

The DOJ has charged 19 Brazilian people so far, as well as revealing that six members of the fraudulent party are still on the run. The Department of Justice reported the second round of charges against five Brazilian citizens last week. Four were apprehended and charged in a San Diego court, while a fifth is still on the run and assumed to be in Brazil.
Read more »
Technology
DOJ Facebook Technology

U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers

 On Thursday, the U.S. Department of Justice (DOJ) sued F.B., asserting that the company held positions for temporary visa holders but discriminated against the U.S. workers. According to DOJ, F.B. didn't consider U.S. workers suited or "qualified and available U.S. workers" for the 2600 job openings with an average salary of $1,56,000. Facebook deliberately built a contracting arrangement that denies fair and equal job opportunities to U.S. workers who have applied. Instead, the company offered jobs to temporary visa holders to sponsor for their green cards. 

A Facebook spokesperson said that the company provided full cooperation with the DOJ regarding the review but disagrees with the charges, not offering any more comments on the ongoing litigation. The lawsuit claims that F.B. favored the temporary visa workers while discriminating against U.S. workers. The incident began in January 2018 and lasted till September 2019. F.B. didn't openly advertise about the job vacancies on its career website and denied job roles to U.S. workers; these, DOJ believes, were the tactics used by F.B. 

Eric S. Dreiband, head of the DOJ's Civil Rights Division, in a statement, said, "our message to workers is clear: if companies deny employment opportunities by illegally preferring temporary visa holders, the Department of Justice will hold them accountable." "Our message to all employers — including those in the technology sector — is clear: you cannot illegally prefer to recruit, consider or hire temporary visa holders over U.S. workers," he further says. The lawsuit claims that Facebook's employing practices also negatively affect temporary visa holders by creating unequal employment status. The workers will rely on F.B's job to retain their immigration status. 

"Facebook knowingly and intentionally deterred U.S. workers from applying to and failed to meaningfully recruit U.S. workers for its PERM-related positions, when it subjected such applicants to more burdensome recruitment procedures because it preferred to employ temporary visa holders in those positions, because of their citizenship or immigration status," says the lawsuit. In a press release, DOJ noted that it was a two years investigation. In other cases, DOJ has been reviewing the tech industry since 2019 and has also filed an anti-trust lawsuit against Google recently in October.
Read more »
Subscribe to: Posts (Atom)