Category: crime

The Indian national tried to flee the country after being quizzed by Coinbase, the Department of Justice said. But he was stopped from boarding a flight to India by American cops. Wahi pleaded guilty in February to two counts of conspiracy to commit wire fraud brought against him by prosecutors in the Southern District of New York. Wahi, his brother and his friend, Sameer Ramani, were also hit with civil charges by the U.S. Securities and Exchange Commission. “[Wahi] violated the trust placed in him by his employer” by sharing the secret listings,” said U.S. Attorney Damian Williams. “Today’s sentence should send a strong signal to all participants in the cryptocurrency markets that the laws decidedly do apply to them.”

What his life will look like in Canada remains uncertain. However, in federal prison, Bowser has shown that he doesn’t shy away from putting in work and helping other people in need. Aside from his prison job, he spent several nightly hours on suicide watch. The prison job brought in some meager income, a large part of which went to pay for the outstanding restitution he has to pay, which is $14.5 million in total. Thus far, less than $200 has been paid off. “I’ve been making payments of $25 per month, which they’ve been taking from my income because I had a job in federal prison. So far I paid $175,” Bowser tells Nick Moses.

If Bowser manages to find a stable source of income in Canada, Nintendo will get a chunk of that as well. As part of a consent judgment, he agreed to pay $10 million to Nintendo, which is the main restitution priority. “The agreement with them is that the maximum they can take is 25 to 30 percent of your gross monthly income. And I have up to six months before I have to start making payments,” Bowser notes. At that rate, it is unlikely that Nintendo will ever see the full amount. Or put differently, Bowser will carry the financial consequences of his Team-Xecuter involvement for the rest of his life.

But earlier today, multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin. But sources close to the investigation tell KrebsOnSecurity that law enforcement agencies in the United States, Canada and across Europe are currently serving arrest warrants on dozens of individuals thought to support Genesis, either by maintaining the site or selling the service bot logs from infected systems. The seizure notice includes the seals of law enforcement entities from several countries, including Australia, Canada, Denmark, Germany, the Netherlands, Spain, Sweden and the United Kingdom. […]

One feature of Genesis that sets it apart from other bot shops is that customers can retain access to infected systems in real-time, so that if the rightful owner of an infected system creates a new account online, those new credentials will get stolen and displayed in the web-based panel of the Genesis customer who purchased that bot. “While some infostealers are designed to remove themselves after execution, others create persistent access,” reads a March 2023 report from cybersecurity firm SpyCloud. “That means bad actors have access to the current data for as long as the device remains infected, even if the user changes passwords. SpyCloud says Genesis even advertises its commitment to keep the stolen data and the compromised systems’ fingerprints up to date. “According to our research, Genesis Market had more than 430,000 stolen identities for sale as of early last year — and there are many other marketplaces like this one,” the SpyCloud report concludes.

Norwalk police said they arrested Asheville, North Carolina, residents Jillian Persons and Austin Geddings on Saturday during a surveillance operation. Both were charged with larceny and criminal mischief crimes, as well as interfering with police. Persons also was accused of giving a false statement to police. Both were detained on $200,000 bail….The outages caused by the cable cutting have since been restored, according to Optimum’s website.

The Stamford Advocate investigated how many people were affected:
Norwalk Deputy Police Chief Terry Blake said Sunday more than 40,000 customers in the area were left without internet service as a result of the vandalism. However, an Optimum spokesperson claimed at the time the outages only affected roughly 16,000 customers and the inflated numbers were inaccurate because of an issue with the company’s online outage map.

“Surrounded by student co-ops, fraternity houses and other faculty homes, he’s the talk of the neighborhood.”

Bankman-Fried, the son of two Stanford law professors, was released on a $250 million bond secured by the Craftsman-style house. While awaiting his fraud trial later this year, Bankman-Fried wears an ankle bracelet to track his movements and plays with his new dog, Sandor, according to a Puck News report…. It remains to be seen what consequences Bankman-Fried, who pleaded “not guilty,” might face. So far, his ability to be detained at home, instead of held in prison, is an exception to how most federal defendants are treated. The quiet, traffic-light Stanford neighborhood is quite the upgrade from Fox Hill, a notoriously rough prison in the Bahamas where Bankman-Fried was briefly held before being extradited.

If Bankman-Fried violates the terms of his bail agreement, his parents could lose their house, which they’ve owned since 1991 and is worth over $3.5 million, according to public property records….

The U.S. government has tried to restrict his access to virtual private networks and certain apps where messages disappear, but a final ruling has not been made. The judge presiding over his case asked in a hearing last month, “Why am I being asked to turn him loose in this garden of electronic devices?,” highlighting that despite any restrictions the court might place on Bankman-Fried’s use of technology, he remains in a home with his parents who also have a plethora of ways to be wired. On Friday, prosecutors proposed limiting Bankman-Fried to a flip-phone or “non-smartphone” that cannot access the internet, and that he be issued a new laptop “with limited functionalities.” Prosecutors also want to place strict limits and monitoring tools on his parents’ devices.
But meanwhile, among the student population, “There are party fliers with his likeness. He’s a punchline in campus comedy sketches. Students ride their bikes by on dates…. When asked whether they could confirm a rumor that a nearby student co-op had attacked the Bankman-Fried home with eggs, Stanford campus police did not respond.”
And one freshman/cryptocurrency enthusiast even stole a sign from in front of Bankman-Fried’s house, then “paraded it around for selfies at a cryptocurrency networking event. The sign is currently growing mold in his dorm-room closet.”

Bankman-Fried, who grew up on campus, “certainly fits into what I regard as the kind of culture of Stanford,” says Richard White, a retired Stanford history professor — even if the 30-year-old former billionaire left Silicon Valley to attend MIT. White and others characterize Stanford’s culture as a place where faculty and students are emboldened to take big risks in conceiving the next hot start-up or breakthrough innovation, often with easy access to capital, the conviction that they’re changing the world — and few consequences if things go south.
“Through his spokesman Mark Botnick, Bankman-Fried declined to comment for this article….”

Prominent incident response firm Mandiant disclosed Tuesday that it responded to 15 percent fewer ransomware incidents last year. The statistic was first reported by the Wall Street Journal. Mandiant, which is owned by Google Cloud, confirmed the stat in an email to CRN.

The WSJ report also included several other indicators that 2022 was a less successful year for ransomware. Cybersecurity giant CrowdStrike told the outlet that the average ransom demand dropped 28 percent last year, to $4.1 million, from $5.7 million the year before. The firm reportedly pinned the decline on factors including the arrests of ransomware gang members and other disruptions to the groups last year, as well as the drop in the value of cryptocurrencies such as Bitcoin. CrowdStrike confirmed the stat to CRN.

Their article also cites a blog post from Chainalysis, the blockchain data platform, which estimated that 2022’s total ransomware revenue “fell to at least $456.8 million in 2022 from $765.6 million in 2021 — a huge drop of 40.3%.” And that blog post cites the Chief Claims Officer of cyber insurance firm Resilience, who also specifically notes “signs that meaningful disruptions against ransomware actor groups are driving lower than expected successful extortion attempts,” including arrests and recovery of extorted cryptocurrency by western law enforcement agencies.

From the Wall Street Journal:
After ballooning for years, the amount of money being paid to ransomware criminals dropped in 2022, as did the odds that a victim would pay the criminals who installed the ransomware…. “It reflects, I think, the pivot that we have made to a posture where we’re on our front foot,” Deputy Attorney General Lisa Monaco said in an interview. “We’re focusing on making sure we’re doing everything to prevent the attacks in the first place.”

The hacking groups behind ransomware attacks have been slowed by better company security practices. Federal authorities have also used new tactics to help victims avoid paying ransom demands…. And the FBI said last month that it disrupted $130 million in potential ransomware profits last year by gaining access to servers run by the Hive ransomware group and giving away the group’s decryption keys — used to undo the effects of ransomware — for free.

In the fall, about 45 call-center operators were laid off by former members of a ransomware group known as Conti, according to Yelisey Bohuslavskiy, chief research officer with the threat intelligence firm Red Sense LLC. They had been hired as part of a scam to talk potential victims into installing remote-access software onto networks that would then be infected by ransomware, but the call centers ended up losing money, he said.
Companies have also stepped up their cybersecurity practices, driven by demands from insurance underwriters and a better understanding of the risks of ransomware following high-profile attacks. Companies are spending more money on business continuity and backup software that allow computer systems to restart after they have been infected. With improved backups, U.S. companies are better at bouncing back from ransomware attacks than they were four years ago, according to Coveware Inc., which helps victims respond to ransomware intrusions and has handled thousands of cases. Four years ago, 85% of ransomware victims wound up paying their attackers. Today that number is 37%, according to Coveware Inc. Chief Executive Bill Siegel.

Prosecutors said Wahi made nearly $900,000 of profit by illegally trading ahead of 40 different Coinbase announcements. They recommended a 10- to 16-month sentence. At a sentencing hearing in Manhattan federal court, U.S. District Judge Loretta Preska said his crime was “not an isolated error in judgment.” “Today’s sentence makes clear that the cryptocurrency markets are not lawless,” Damian Williams, the top federal prosecutor in Manhattan, said in a statement. Further reading: Coinbase To Cut 20% Jobs, Abandon ‘Several’ Projects To Weather Downturns in Crypto Market

In 2017, McClure claimed she ran out of gas and was stranded on Interstate 95 in Philadelphia. The homeless man, Johnny Bobbitt Jr., supposedly saw her and gave her his last $20 for gas. McClure and her then-boyfriend, Mark D’Amico, posted about the “good deed” on social media, including a picture of her with Bobbitt on a highway ramp. They also started a GoFundMe campaign to raise money for the homeless veteran, saying they wanted to pay it forward to the good Samaritan and get him off the streets.

The story went viral and made national headlines, with more than 14,000 donors contributing. The scammers netted around $367,000 after fees, according to court documents…. Bobbitt, who received $75,000 from the fundraiser, according to prosecutors, took civil action against D’Amico and McClure and the scam soon became public…. D’Amico and Bobbitt were charged in 2018 alongside McClure for concocting the scheme, prosecutors said. McClure pleaded guilty to one count of theft by deception in the second degree in 2019, according to the Burlington County prosecutor.

Bobbitt pleaded guilty to conspiracy to commit theft by deception in 2019 and was sentenced to a five-year special probation period which includes drug treatment. D’Amico also pleaded guilty and agreed to a five-year term in New Jersey state prison, as well as restitution of GoFundMe and the donors, in 2019.

“The gas part is completely made up, but the guy isn’t,” McClure texted a friend (according to CNN). “I had to make something up to make people feel bad.” So what happened to “the guy” from the highway ramp? Prosecutors note that if Bobbitt “fails to adhere to the tightly-structured regimen of treatment and recovery services, which includes frequent testing for drug use, he could be sentenced to five years in state prison.”

And they add that the judge “also ruled that McClure, a former state Department of Transportation worker, is permanently barred from ever holding another position as a public employee.”

Their statement points out that the 2017 campaign was at the time the largest fraud ever perpetrated through GoFundMe — which voluntarily reimbursed the 14,000-plus donors.

On November 8, for instance, local police in West Covina, California, received an emergency call purporting to come from a minor child reporting that her parents had been drinking and shooting guns inside the minor’s home. When police arrived at the residence, Nelson allegedly accessed the residence’s Ring doorbell and used it to verbally threaten and taunt the responding officers. The indictment alleges the men helped carry out 11 similar swatting incidents during the same week, occurring in Flat Rock, Michigan; Redding, California; Billings, Montana; Decatur, Georgia; Chesapeake, Virginia; Rosenberg, Texas; Oxnard, California; Darien, Illinois; Huntsville, Alabama; North Port, Florida; and Katy, Texas.

Prosecutors alleged that the two men and a third unnamed accomplice would first obtain the login credentials of Yahoo accounts and then determine if each account owner had a Ring account that could control a doorbell camera. The men would then use their access to gather the names and other information of the account holders. The defendants then placed the hoax emergency calls and waited for armed officers to respond. It’s not clear how the defendants allegedly obtained the Yahoo account credentials. A separate indictment filed in November in the District of Arizona alleged that McCarty participated in swatting attacks on at least 18 individuals. Both men are charged with one count of conspiracy to intentionally access computers without authorization. Nelson was also charged with two counts of intentionally accessing without authorization a computer and two counts of aggravated identity theft. If convicted, both men face a maximum penalty of five years in prison. Nelson faces an additional maximum penalty of at least seven years on the remaining charges.