Tag Archive for: extradition

Spanish Court Approves Twitter Hacking Suspect’s Extradition

/in


British Man Also Charged With Nude Photo Extortion, Swatting, Cryptocurrency Theft

Mathew J. Schwartz (euroinfosec) •
February 20, 2023    

Spanish Court Approves Twitter Hacking Suspect's Extradition
Image: Shutterstock

Spain’s high court approved the U.S. Department of Justice’s request that a British man be extradited to face charges that he hacked Twitter in 2020 to perpetrate a cryptocurrency scam.

See Also: Live Webinar | Navigating the Difficulties of Patching OT


On Friday, Spain’s Audiencia Nacional decided the U.S. request to extradite Joseph James O’Connor, 23, satisfies the country’s extradition rules.


The Spanish government must now approve O’Connor’s extradition. He can appeal the decision.


Authorities arrested O’Connor, aka “PlugwalkJoe,” in southern Spain’s Costa del Sol in July 2021, at U.S. request. He faces 14 charges including allegations that he helped seize control of 130 Twitter accounts, including ones used by Joseph Biden, Barack Obama, Bill Gates and Elon Musk; extorted individuals via social networking; and perpetrated internet-facilitated robberies.


O’Connor sought to have the extradition request dismissed by arguing that his case should be tried in Spain, where the servers used to perpetuate his alleged crimes are located. He also contended Spain would be a better venue because computer crime offenses in the United States incur disproportionate sentences.


In its decision published Friday, National High Court judges disagreed on both fronts.


The court said the Justice Department’s documentation of crimes allegedly committed by O’Connor was voluminous and detailed. Because no criminal charges have been filed against the suspect in Spain, “the United States is in a better position to prosecute the facts since the evidence obtained in the investigation is found there and because it is the place where the damage has been caused,” they wrote.


About the question of potentially disproportionate U.S. sentencing guidelines for computer crimes, the court said it is not within its purview to review…

Source…

Spain Orders Extradition of British Alleged Hacker to U.S.

/in


Spain’s National Court has agreed to the extradition to the U.S. of a British citizen who allegedly took part in computer attacks, including the July 2020 hacking of Twitter accounts of public figures such as Joseph Biden, Barack Obama and Bill Gates.

A court statement Friday said requirements had been met for handing over Joseph James O’Connor to U.S. authorities for 14 charges covering crimes such as revelation of secrets, membership of a criminal gang, illegal access to computer systems, internet fraud, money laundering and extortion.

O’Connor, 23, from Liverpool, England was arrested in the southern Spanish coastal town of Estepona in July 2021.

He is accused of hacking some 130 Twitter accounts. The court document said he is also wanted for hacking the Snapchat account of an unidentified public figure whom he allegedly tried to extort with the threat of publishing nude photographs of the person.

He is also wanted for several cases of “swatting,” prank calls to emergency services aimed at getting large numbers of police to be sent to different locations.

The court rejected arguments by O’Connor’s lawyers that he should be tried in Spain since the servers he used were located there.

The statement said he is wanted by courts in the Northern District of California and the Southern District of New York. The extradition order can be appealed.

Source…

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S. – Krebs on Security

/in


A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.”

A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

On June 22, KrebsOnSecurity published Meet the Administrators of the RSOCKS Proxy Botnet, which identified Denis Kloster, a.k.a. Denis Emelyantsev, as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer.

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog, which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.” Kloster’s blog even included a group photo of RSOCKS employees.

“Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We make products that are used by thousands of people around the world, and this is very cool! And this is just the beginning!!! We don’t just work together and we’re not just friends, we’re Family.”

The Bulgarian news outlet 24Chasa.bg reports that Kloster was arrested in June at a co-working space in the southwestern ski resort town of Bansko, and that the accused asked to be handed over to the American authorities.

“I have hired a lawyer there and I want you to send me as quickly as possible to clear these baseless charges,” Kloster reportedly told the Bulgarian court this week. “I am not a criminal and I will prove it in an American court.”

Launched in 2013, RSOCKS was shut down in June 2022 as part of an international investigation into the cybercrime service. The Justice Department’s

Source…

Alleged Russian ransomware attacker indicted, faces extradition from the Netherlands

/in


The U.S. Department of Justice (DOJ) has secured the extradition of Denis Mihaqlovic Dubnikov, a Russian citizen from the Netherlands. He will face trial in the United States on allegations of participating in money laundering for a ransomware group.

In a press release, the DOJ accused the 29-year-old of laundering as much as $400,000 that was proceeds from the victims of ransomware attacks. Overall, Dubnikov and his co-conspirators, who are yet to be identified, laundered as much as $70 million extracted using the Ryuk malware variant.

“After receiving ransom payments, Ryuk actors, Dubnikov and his co-conspirators, and others involved in the scheme, allegedly engaged in various financial transactions, including international financial transactions, to conceal the nature, source, location, ownership, and control of the ransom proceeds,” the release said.

The Ryuk malware variant was first identified in 2018. The malware operates by encrypting files and attempting to delete any system backups when it is executed on a computer or network. It targets both storage drives connected to or in the computer and those accessed remotely via networks.

The attacks targeted individuals and organizations throughout the United States and abroad. Victims were blackmailed into paying ransoms in digital assets to access their files.

One high-profile victim was the U.S. Coast Guard, which saw its operations stopped for over 30 hours following an attack perpetuated through an email phishing campaign in 2020. In the same year, the U.S. classified the malware variant as an “imminent and increasing cybercrime threat to hospitals.”

Earlier this year, the U.S. Department of State linked the ransomware to Conti, a Russian ransomware group. The department has promised a $15 million bounty for information on the group. Ryuk ransomware has also been linked to the North Korean Lazarus group.

US cracking down hard on digital assets money laundering

Dubnikov has already made his first appearance in a court in Portland. A five-day jury trial will be held for him starting on October 4, and he could face up to 20 years imprisonment if found guilty.

The DOJ’s investigation of the case was coordinated…

Source…