Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label US Court. Show all posts
US Court
Cyber Fraud Illicit Activity Lawsuit UK Scammer US Court

UK Scammer Made Millions by Breaching Into Execs’ Office365 Inboxes

 

A man has been charged by federal authorities for allegedly engaging in a "hack-to-trade" scam that allowed him to profit millions of dollars by breaching the Office365 accounts of executives at publicly traded firms and accessing their quarterly financial reports ahead of time. 

Robert B. Westbrook, a citizen of the United Kingdom, is accused of making approximately $3.75 million in 2019 and 2020 from stock trades that profited from the illegally obtained information, according to the lawsuit filed by the US Attorney's office for the district of New Jersey. 

Prosecutors claimed that after gaining access to it, he made stock trades. He was able to take action and profit from the information before the wider public did thanks to the prior notice. The US Securities and Exchange Commission filed a separate civil claim against Westbrook, seeking an order to pay civil fines and refund all illicit gains. 

“The SEC is engaged in ongoing efforts to protect markets and investors from the consequences of cyber fraud,” Jorge G. Tenreiro, acting chief of the SEC’s Crypto Assets and Cyber Unit, noted in a statement. “As this case demonstrates, even though Westbrook took multiple steps to conceal his identity—including using anonymous email accounts, VPN services, and utilizing bitcoin—the Commission’s advanced data analytics, crypto asset tracing, and technology can uncover fraud even in cases involving sophisticated international hacking.” 

According to a federal indictment issued in the US District Court for the District of New Jersey, Westbrook hacked the email accounts of executives from five publicly traded US firms. He carried out the intrusions by misusing Microsoft's password reset feature for Office365 accounts. Westbrook allegedly went on to establish forwarding rules in certain cases, that led all incoming emails to be automatically forwarded to an email address under his control. 

Once an individual secures unauthorized access to an email account, it’s possible to hide the breach by disabling or deleting password reset alerts and burying password reset rules deep inside account settings. 

Prosecutors charged Westbrook with one count each of securities and wire fraud, as well as five counts of computer fraud. The securities fraud count has a maximum punishment of up to 20 years in prison and $5 million in fines. 

The maximum penalty for wire fraud is up to 20 years in jail and a fine of either $250,000 or double the gain or loss from the offence, whichever is greater. Each computer fraud count is punishable by up to five years in prison and a maximum penalty of $250,000 or twice the offense's gain or loss, whichever is greater.
Read more »
US Court
Cyber Crime DOJ Extortion Group Ransomware group US Authorities US Court

US Authorities Charge Alleged Key Member of Russian Karakurt Ransomware Outfit

 

The U.S. Department of Justice (DOJ) released a statement this week charging a member of a Russian cybercrime group with financial fraud, extortion, and money laundering in a U.S. court. The 33-year-old Moscow-based Latvian national Deniss Zolotarjovs was extradited to the United States earlier this month after being detained by Georgian authorities in December 2023.

Court records indicate that Zolotarjovs is linked with the ransomware outfit Karakurt, which exfiltrates victim data and holds it hostage until a cryptocurrency ransom is paid. The gang runs an auction portal and leak site where they identify the victim companies and allow users to download stolen data. The group has demanded ransom in Bitcoin ranging from $25,000 to $13 million. 

Previous findings suggest that Karakurt was related to the now-defunct ransomware gang Conti. Researchers believe Karakurt was a side project of the group behind Conti, allowing them to monetise data stolen during attacks when organisations were able to halt the ransomware encryption process. Zolotarjovs allegedly used the alias "Sforza_cesarini" and was an active member of Karakurt. 

He is suspected of engaging with other members, laundering cryptocurrency, and exploiting the group's victims. According to the DOJ, he is the first alleged member of the organisation to be arrested and extradited to the United States. According to court records, Zolotarjovs is involved in attacks on at least six undisclosed US companies. 

Karakurt stole "a large volume of private client data" in one attack in 2021, which included lab results, medical information, Social Security numbers that matched names, addresses, dates of birth, and home addresses. The company negotiated a ransom payment of $250,000 down from Karakurt's initial demand of about $650,000. 

In addition to carrying out open-source research to find phone numbers, emails, or other accounts through which victims could be contacted and pressured to either pay a ransom or re-enter a chat with the ransomware group, Zolotarjovs was probably in charge of negotiating Karakurt's "cold case extortions." 

“Some of the chats indicated that Sforza’s efforts to revive cold cases were successful in extracting ransom payments,” court documents noted.
Read more »
US Department Of Justice
Cyber Crime LockBit Ransomware Gang US Court US Department Of Justice

US Authorities Charge LockBit Ransomware Ringleader

 

US officials have uncovered and indicted the ringleader of LockBit, a widespread ransomware operation that has extorted victims out of half a billion dollars. He is facing over two dozen criminal charges. 

According to a 26-count indictment released on Tuesday, Dmitry Khoroshev, 31, served as LockBit's "developer and administrator," overseeing code development and recruiting affiliates to execute the ransomware on its victims. The alleged cybercriminal got 20% of each ransom payment for his role in the operation, totaling $100 million in cryptocurrency over four years, the US Justice Department noted.

“Today’s indictment…continues the FBI’s ongoing disruption of the BlockBit criminal ecosystem,” FBI Director Christopher Wray noted in the statement. 

Since its founding in 2019, LockBit has allegedly defrauded at least 2,500 individuals across more than 120 countries of at least $500 million in extortion. The U.S. Justice Department noted in its statement that it is also accountable for several billions of dollars' worth of "broader losses" linked to lost profits, incident responses, and ransom recoveries. 

In the indictment, US investigators demanded that Khoroshev surrender his $100 million share of the ill-gotten gains. Meanwhile, the UK, United States, and Australia have sanctioned the mastermind, freezing his assets and prohibiting him from travelling. The US State Department is offering a $10 million prize for information that leads to Khoroshev's capture. The latest charge comes several months after authorities took steps to shut down the ransomware operation. In February, international law enforcement confiscated LockBit's infrastructure, thereby halting operations. Around the same time, US authorities prosecuted two Russian cybercriminals using Lockbit ransomware to target a number of businesses and organisations. 

LockBit's rebuild issue 

The group's attempt to rebuild over the last few months looks to be failing, with the gang still operating at a low capacity and its new leak site being used to publicise victims targeted prior to the takedown, as well as to claim credit for the crimes of others. 

According to the NCA's most recent data, the frequency of monthly LockBit assaults in the UK has decreased by 73% since late February, and those that do occur are carried out by less sophisticated attackers with far lower impact. 

“Since Operation Cronos took disruptive action, LockBit has been battling to reassert its dominance and, most importantly, its credibility within the cyber criminal community,” stated Don Smith, vice-president of SecureWorks’ Counter Threat Unit.
Read more »
Subscribe to: Posts (Atom)