Tag Archive for: Men”

Two U.S. Men Charged in 2022 Hacking of DEA Portal – Krebs on Security


Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.

Prosecutors for the Eastern District of New York today unsealed criminal complaints against Sagar Steven Singh — also known as “Weep” — a 19-year-old from Pawtucket, Rhode Island; and Nicholas Ceraolo, 25, of Queens, NY, who allegedly also went by the handles “Convict” and “Ominus.”

The Justice Department says Singh and Ceraolo belong to a group of cybercriminals known to its members as “ViLE,” who specialize in obtaining personal information about third-party victims, which they then use to harass, threaten or extort the victims, a practice known as “doxing.”

“ViLE is collaborative, and the members routinely share tactics and illicitly obtained information with each other,” prosecutors charged.

The government alleges the defendants and other members of ViLE use various methods to obtain victims’ personal information, including:

-tricking customer service employees;
-submitting fraudulent legal process to social media companies to elicit users’ registration information;
-co-opting and corrupting corporate insiders;
-searching public and private online databases;
-accessing a nonpublic United States government database without authorization
-unlawfully using official email accounts belonging to other countries.

The complaint says once they obtained a victim’s information, Singh and Ceraolo would post the information in an online forum. The government refers to this community only as “Forum-1,” saying that it is administered by the leader of ViLE (referenced in the complaint at CC-1).

“Victims are extorted into paying CC-1 to have their information removed from Forum-1,” prosecutors allege. “Singh also uses the threat of revealing personal information to extort victims into giving him access to their social media accounts, which Singh then…

Source…

300+ gallons for $30? Men accused of using device to steal gas face felony charges


NASSAU COUNTY, Fla. – Two men accused of stealing hundreds of gallons of fuel from a 7-Eleven gas station each face a felony charge of grand theft, as well as other charges, according to the Nassau County Sheriff’s Office.

Investigators said deputies were called to the gas station Monday on Lofton Square Court, where they determined two men had installed a device on a gas pump that restricts the flow meter on its pumping system. Arrest reports state the suspects used a key to open the pumps and place the manipulator inside and then used a small remote to control the device.

According to the Sheriff’s Office, the first theft was of 367 gallons of fuel valued at $1,757.93 — but the pump only showed a charge of $30.

The Sheriff’s Office said deputies determined the same two men were involved in a second theft. Investigators said just before the deputy arrived, the men had been pumping for approximately 10 minutes and took approximately 114 gallons of gas valued at about $546.

Ad

“It was determined that the suspects opened the gas pump cabinet using a key without authorization and knowingly and willfully installed a device, which caused the electronic computer system to understate the amount of fuel being pumped,” the Sheriff’s Office reported.

The two men arrested were identified as Ramon Vila-Garcia and Silvio Richard Aguila. Both are both being held at the Nassau County jail.

Booking photos for Ramon Vila and Silvio Aguila provided by Nassau County Sheriff’s Office.

We spoke with cyber security expert Chris Hamer about the device the men were accused of using.

“It was obviously designed by somebody with internal knowledge of the machines because it is custom-made for intercepting the signal from the actual fuel flow meter and modifying it or replacing it with a slower count,” Hamer explained. “So the computer thinks less gasoline is passing through the pipe than it actually is.”

Hamer said devices like the one found by investigators are used by members of organized theft rings that target gas stations all across the U.S.

Ad

“The Secret Service is currently monitoring 40 groups in Florida alone,” Hamer said. “It’s a nationwide problem. It’s a worldwide problem…

Source…

Justice Department indicts two men over ransomware scheme : NPR


Attorney General Merrick Garland announced indictments against two men connected with ransomware attacks last summer.

Andrew Harnik/AP


hide caption

toggle caption

Andrew Harnik/AP

Attorney General Merrick Garland announced indictments against two men connected with ransomware attacks last summer.

Andrew Harnik/AP

The Justice Department says authorities have indicted two men in connection with a wave of ransomware attacks that, among other targets, shut down a meat processing company and an internet software provider earlier this year.

Attorney General Merrick Garland says one of the men, Yaroslav Vasinskyi, 22, a Ukrainian, was arrested when he traveled to Poland. The second man was identified as Yevgeniy Polyanin, a 28-year-old Russian. Garrick says the U.S. seized some $6.1 million from Polyanin.

Both men are said to be behind the REvil ransomware attacks that encrypt the data of companies and demand payments to unblock them.

Polyanin is believed to be abroad, the department says.

Garland asserted that the “U.S. government will continue to aggressively pursue the entire ransom ware ecosystem and increase our nations resilience to cyber threats.”

The Justice Department says that Vasinskyi was allegedly responsible for the July 2 ransomware attack against Kaseya, “which resulted in the encryption of data on computers of organizations around the world that used Kaseya software.”

It says that Vasinskyi and Polyanin are charged in separate indictments with conspiracy to commit fraud and related activity in connection with computers, substantive counts of…

Source…

Men Sentenced for Providing ‘Bulletproof Hosting’ Services to Cybercriminals


Two Eastern European men have been sentenced for providing “bulletproof hosting” services, which were used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States.

On June 28 and Oct. 20, Chief Judge Denise Page Hood of the U.S. District Court for the Eastern District of Michigan sentenced Pavel Stassi, 30, of Estonia, to 24 months in prison; and Aleksandr Skorodumov, 33, of Lithuania, to 48 months in prison, for their roles in the scheme.

According to court documents, Stassi and Skorodumov were members of a bulletproof hosting organization founded and led by two co-defendants, Aleksandr Grichishkin and Andrei Skvortsov, both 34 and of Russia. The group rented IP addresses, servers, and domains to cybercriminal clients who employed this technical infrastructure to disseminate malware used to gain access to victims’ computers, form botnets, and steal banking credentials for use in frauds. Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which attacked U.S. companies and financial institutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims. The defendants also helped their clients evade detection by law enforcement and continue their crimes uninterrupted by monitoring sites used to blocklist technical infrastructure used for crime, moving “flagged” content to new infrastructure, and registering all such infrastructure under false or stolen identities.

“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge Timothy Waters of the FBI’s Detroit Field Office. “This resulted in millions of dollars of losses to U.S. victims. Cybercriminals may believe they are beyond the reach of the FBI and our international partners, but today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”

According to court filings and statements made in…

Source…