Russian charged with stealing $1.5 million in hacks on U.S. tax preparers

U.S. authorities have charged a Russian citizen in a scam that netted $1.5 million through bogus tax returns between June 2014 and November 2016, the Department of Justice announced Monday. Anton Bogdanov — who went by “Kusok,” according to court documents — is accused of computer intrusion, aggravated identity theft and other wrongdoing as part of his alleged role in a plot to combine hacking with traditional fraud techniques to steal money from the U.S. government. Bogdanov and others leveraged access to hacked computers at private U.S. tax preparation firms to steal individuals’ personal information, exploiting a vulnerability in an unnamed remote access program used by accountants to log in from home and while traveling, according to the indictment. They allegedly would use that access to change the information on victims’ tax returns, and redirect their refunds to debit cards under the thieves’ control, according to the Justice Department. Those debit cards […]

The post Russian charged with stealing $1.5 million in hacks on U.S. tax preparers appeared first on CyberScoop.

Continue reading Russian charged with stealing $1.5 million in hacks on U.S. tax preparers

U.S. Cyber Command has shifted its definition of success

U.S. Cyber Command is shifting the way it measures success from solely military outcomes to how the command enables other government agencies to defend against foreign offensive cyber threats. Brig. Gen. Timothy Haugh, who is in charge of Cyber Command’s Cyber National Mission Force, said on Tuesday at an event hosted by the Atlantic Council that success is “not necessarily [about] the department’s outcome,” but is instead about “how can we enable our international partners [and] our domestic partners in industry to be able to defend those things that are critical to our nation’s success.” Haugh said Cyber Command is doing its job right if agencies are taking their own actions: State Department issuing démarches, Department of Homeland Security releasing alerts, and Treasury Department announcing sanctions “based off of information that is derived from our operations.” In the past, Haugh said he believes that these outcomes may not have been considered as wins. […]

The post U.S. Cyber Command has shifted its definition of success appeared first on CyberScoop.

Continue reading U.S. Cyber Command has shifted its definition of success

20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000

A 20-year-old Illinois man pleaded guilty to charges related to a scheme to launch millions of distributed denial-of-service attacks against U.S. school districts and other targets, the U.S. Department of Justice announced Wednesday. Sergiy Usatyuk and a co-conspirator gained more than $550,000 by charging subscribers for access to booter and stresser services, which typically enable attackers, using only a web browser, to launch a DDoS attack capable of knocking target sites offline. Usatyuk was involved with booter and stresser services including ExoStreeser, QuezStresser, BetaBooter Databooter, Instabooter, Polystress and Zstress. The Exostresser services alone facilitated 1,367,610 DDoS attacks which caused victims to suffer 109,186 hours of downtime, the DOJ said Wednesday. In one case in 2017, a Betabooter user launched a number of DDoS attackers against a Pittsburgh, Pennsylvania, school district that also affected 17 other organization, including the county government, prosecutors said. Usatyuk was active from around August 2015 to November […]

The post 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000 appeared first on CyberScoop.

Continue reading 20-year-old pleads guilty to DDoS-for-hire scheme that netted $550,000

Complex court battle for Methbot, 3ve cybercrime suspects only is getting started

Alleged perpetrators of the Methbot and 3ve cybercrime rings have started to arrive in the U.S. to face accusations that they orchestrated a broad conspiracy to defraud advertisers for millions of dollars. Yevgeniy Timchenko, a 30-year-old citizen of Kazakhstan, appeared Wednesday in federal district court in Brooklyn alongside Aleksandr Zhukov, a Russian national, in a short status hearing. Both men had bald heads with facial hair and stood before the judge in beige jumpsuits. Lawyers asked for more time to review discovery materials in a case where the evidence is “extremely voluminous” and comes in multiple languages, including Russian and Bulgarian. The Department of Justice has linked Timchenko to 3ve and Zhukov to Methbot, two distinct ad-fraud operations outlined in the same indictment unsealed in November. Both groups used botnet-based schemes to boost web traffic numbers in plots to collect money from legitimate advertising companies lured into investing in seemingly trustworthy businesses. Members of Methbot and 3ve (pronounced “eve”), while working in different […]

The post Complex court battle for Methbot, 3ve cybercrime suspects only is getting started appeared first on CyberScoop.

Continue reading Complex court battle for Methbot, 3ve cybercrime suspects only is getting started

Two hackers charged for DDoS attacks, threats to LAX

Two men were charged with conducting cyberattacks on various organizations and threatening physical violence on Southern California school districts and the Los Angeles International Airport, among other targets, according to an indictment that was unsealed by U.S. prosecutors on Tuesday. The men, an American and a Briton, sent false reports of violent attacks on schools via email and carried out distributed denial-of-service (DDoS) attacks on websites, according to the indictment announced by the U.S. Attorney’s Office of the Central District of California. The defendants –a 19-year-old British national named George Duke-Cohan and a 20-year-old North Carolina man named Timothy Dalton Vaughn – are accused of being part of a hacking collective known as Apophis Squad. Duke-Cohan is already serving a prison sentence in Britain for threatening violence on an airliner, U.S. officials said. Vaughn’s online moniker, “WantedbyFeds,” turned prophetic Tuesday morning when he was arrested by U.S. authorities. Their alleged criminal […]

The post Two hackers charged for DDoS attacks, threats to LAX appeared first on CyberScoop.

Continue reading Two hackers charged for DDoS attacks, threats to LAX

U.S. busts Romanian cybercrime ring that phished Americans, laundered millions of dollars

U.S. authorities on Thursday announced the indictment of 20 people and the extradition of a dozen in a big bust of an organized cybercrime ring in Romania. The defendants are accused of being part of an online auction scheme that defrauded Americans of millions of dollars. The racket involved advertising nonexistent cars and other purportedly valuable items on Craigslist and eBay and tricking victims into paying for them, often using stolen identities. The fraudsters then allegedly laundered their ill-gotten gains via cryptocurrency, the Department of Justice said in a statement. In a separate, cyber-focused indictment unsealed Thursday, one of the defendants, Adrian Mitan, is accused of phishing for customers’ credit and debit card information, breaching U.S. companies, and then doing a brute-force attack on point-of-sale systems to extract more card data. The 24-year-old Romanian allegedly told American money launderers to set up credit and debit card accounts with the stolen […]

The post U.S. busts Romanian cybercrime ring that phished Americans, laundered millions of dollars appeared first on CyberScoop.

Continue reading U.S. busts Romanian cybercrime ring that phished Americans, laundered millions of dollars

Congress must do more in fight against global cybercrime, advocacy group says

In a speech to Interpol in November, U.S. Deputy Attorney General Rod Rosenstein lobbied other governments to do more to help Washington track down foreign cybercriminals. “By devoting appropriate resources to international cooperation efforts, we can properly address the increasing threat of cybercrime,” he said, adding later: “No nation should exempt itself from just and reasonable law enforcement cooperation.” Rosenstein was acknowledging that regardless of the Department of Justice’s investments in countering cybercrime in the United States, the department’s ability to put foreign crooks behind bars can rest, in part, on other governments’ cooperation in finding and extraditing them. That’s why, analysts say, it’s crucial to fund U.S. programs to boost foreign governments’ ability to crack down on hackers. A new advocacy effort from the think tank Third Way is trying to focus U.S. policymakers’ attention on making those programs more effective. “We think that the U.S. government should be […]

The post Congress must do more in fight against global cybercrime, advocacy group says appeared first on CyberScoop.

Continue reading Congress must do more in fight against global cybercrime, advocacy group says

U.S. charges Huawei and affiliates with extensive list of crimes

U.S. officials on Monday announced nearly two dozen criminal charges in two separate cases against Chinese telecommunications giant Huawei and its affiliates, escalating a long-running U.S. crackdown on Chinese tech companies over allegations of rule-breaking and spying. The first case, a 10-count indictment returned by a federal jury in Washington state, accuses Huawei subsidiaries of stealing trade secrets from telecom company T-Mobile. The other case, a 13-count indictment from a federal jury in New York, alleges that Huawei officials and subsidiaries committed bank and wire fraud, and violated trade sanctions against Iran. Huawei officials are also accused of obstructing justice by trying to move witnesses with knowledge of Huawei’s Iran-based business to China, where they could not be questioned. Huawei Chief Financial Officer Meng Wanzhou is accused of being part of the fraud scheme. The U.S. is seeking Meng’s extradition, acting Attorney General Matthew Whitaker said at a press conference Monday. Huawei executives “repeatedly […]

The post U.S. charges Huawei and affiliates with extensive list of crimes appeared first on CyberScoop.

Continue reading U.S. charges Huawei and affiliates with extensive list of crimes

Feds shutter xDedic, a black market used to commit $68 million in fraud

An online marketplace that facilitated more than $68 million in fraud and cybercrime has been shut down following an international law enforcement operation, the U.S. Department of Justice announced Monday. Hackers and thieves used the website, known as xDedic, to sell access to compromised computers located around the world and personal information belonging to U.S. residents, prosecutors said. Buyers could search the site by price, operating system or by the geographic region from where it was stolen, prosecutors said. The method of access was usually through credentials for Remote Desktop Protocol (RDP) servers. The DOJ didn’t name any victims, but said they included major metropolitan transit organizations, emergency services, government agencies, pension funds, universities and others. The site was shut down in 2016, only to re-emerge soon after on the dark web with the new stipulation that members pay $50 to enter. “The xDedic marketplace operated across a widely distributed network and […]

The post Feds shutter xDedic, a black market used to commit $68 million in fraud appeared first on CyberScoop.

Continue reading Feds shutter xDedic, a black market used to commit $68 million in fraud