‘Hacker-for-hire’ cases going federal in Minnesota

“In the first Minnesota case to address a new and growing form of cybercrime, federal prosecutors have charged a former state resident with employing “hackers-for-hire” to sabotage the website of a local business.

The case reflects concern among law enforcement officials nationwide that hackers ranging from disgruntled ex-employees to enemy nation states are ramping up attacks on an ever-expanding array of personal digital devices connected to the web.

Prosecutors say John Kelsey Gammell, 46, paid hacking services to inflict a year’s worth of “distributed denial of service” (DDoS) attacks to bring down websites affiliated with Washburn Computer Group, a Monticello business where he used to work.

DDoS attacks overwhelm a network with data, blocking access for legitimate users and even knocking web services offline. Washburn, a point-of-sale system repair company, told prosecutors that Gammell’s attacks cost it about $15,000.

Authorities say Gammell didn’t stop there: He is accused of paying $19.99 to $199.99 in monthly payments to try to bring down web networks that included those of the Minnesota Judicial Branch, Hennepin County and several banks.

“As a society that is increasingly reliant on network-connected devices, these types of cyberattacks pose a serious threat to individuals, businesses, and even our nation’s critical infrastructure,” Acting U.S. Attorney Gregory Brooker in Minneapolis said, speaking generally about the new forms of crime.

The FBI’s Internet Crime Complaint Center reported more than $11 million in losses to victims of DDoS attacks last year.

“We have a growing trend where the sophistication of the dark web and the sophistication of certain professional hackers to provide resources is allowing individuals — and not just experienced individuals — to conduct hacks and conduct DDoS,” said FBI Supervisory special agent Michael Krause, who leads the FBI’s cyber squad in Minneapolis.

Devices such as digital video recorders and home appliances recently have been marshaled by cyber criminals to carry out massive operations like last year’s flooding of a prominent web infrastructure company that affected sites like Amazon and Netflix. In a separate attack, in June 2016, the Minnesota Judicial Branch’s website went down for 10 days, alarming local officials because so many government services have at least some nexus to the web.

“A lot of people think it’s just a nuisance,” said Chris Buse, Minnesota’s chief information security officer. “But it’s not. If you look at what government does — basic critical services — if those services don’t continue, people can literally die.”

Minnesota IT Services, which administers the state’s computer systems, said state networks field an average of more than 3 million attempted cyberattacks daily. Officials say the state still hasn’t experienced a major attack on par with a 2012 South Carolina breach that exposed personal data for 3.7 million residents and cost the state $20 million.

But with hackers able to take over hundreds of millions of unsecured devices worldwide to flood networks in a single DDoS attack, security professionals are trying to stay ahead of the threat.

“In our environment it’s pretty clear now that every organization needs some sophisticated and expensive tools to mitigate these DDoS attacks,” Buse said.

‘We will do much business’

The government’s case against Gammell underlines the difficulty of linking any suspect to the daily torrent of attacks often carried out by far-afield hackers who advertise their services online. Authorities might not have caught Gammell without tracing taunting e-mails he allegedly sent after attacks.

One of his preferred hacking-for-hire services was called vDOS, which was shuttered last year after the arrests of two alleged operators in Israel. The FBI obtained files from vDOS that included records of Gammell’s purchases, attacks and communications with vDOS administrators and customers.

One day in 2015, according to a criminal complaint, Gammell eagerly wrote the company boasting of his success in blowing past a “DDoS mitigation” program to kick an unnamed network offline for at least two days. “We will do much business,” Gammell allegedly wrote. “Thank you for your outstanding product.”

According to an FBI agent’s sworn affidavit, Gammell sought out seven sites offering DDoS-for-hire services and paid monthly fees to three to carry out web attacks from July 2015 to September 2016.

Charges are also expected out of Colorado and New Mexico for firearms offenses stemming from searches in the case.

Appearing in a Minneapolis courtroom last week, Gammell confirmed that he rejected a plea offer that would have resolved all charges and capped his possible prison sentence at a mandatory 15 to 17 years. A federal magistrate is reviewing motions filed by Gammell’s attorney, Rachel Paulose, to dismiss the case or suppress evidence.

On Monday, Paulose told U.S. Magistrate Judge David Schultz that evidence the FBI obtained from an unnamed researcher should be thrown out and suggested the data could itself have been retrieved by hacking.

Paulose, who did not respond to messages seeking comment for this story, also argued in pretrial motions that Gammell didn’t personally attack Washburn.

“The government has failed to charge a single one of those ‘cyber hit men’ services, named and evidently well known to the government,” Paulose wrote. “Instead the government’s neglect has allowed the professional cyber hit men for hire to skip off merrily into the night.”

Addressing Schultz last week, Paulose described the attacks on Washburn as “essentially a prank on a dormant site not doing business.”

“Even if Mr. Gammell thinks it’s a prank,” Assistant U.S. Attorney Timothy Rank replied, “it’s a criminal prank.”

View Source

Virtual Kidnapping A New Twist on a Frightening Scam

“Law enforcement agencies have been aware of virtual kidnapping fraud for at least two decades, but a recent FBI case illustrates how this frightening scam—once limited to Mexico and Southwest border states—has evolved so that U.S. residents anywhere could be potential victims.

Although virtual kidnapping takes on many forms, it is always an extortion scheme—one that tricks victims into paying a ransom to free a loved one they believe is being threatened with violence or death. Unlike traditional abductions, virtual kidnappers have not actually kidnapped anyone. Instead, through deceptions and threats, they coerce victims to pay a quick ransom before the scheme falls apart.

Between 2013 and 2015, investigators in the FBI’s Los Angeles Division were tracking virtual kidnapping calls from Mexico—almost all of these schemes originate from within Mexican prisons. The calls targeted specific individuals who were Spanish speakers. A majority of the victims were from the Los Angeles and Houston areas.

“In 2015, the calls started coming in English,” said FBI Los Angeles Special Agent Erik Arbuthnot, “and something else happened: The criminals were no longer targeting specific individuals, such as doctors or just Spanish speakers. Now they were choosing various cities and cold-calling hundreds of numbers until innocent people fell for the scheme.”

This was significant, Arbuthnot said, because the new tactic vastly increased the potential number of victims. In the case he was investigating, which became known as Operation Hotel Tango, more than 80 victims were identified in California, Minnesota, Idaho, and Texas. Collective losses were more than $87,000.

The incarcerated fraudsters—who typically bribe guards to acquire cell phones—would choose an affluent area such as Beverly Hills, California. They would search the Internet to learn the correct area code and telephone dialing prefix. Then, with nothing but time on their hands, they would start dialing numbers in sequence, trolling for victims.

When an unsuspecting person answered the phone, they would hear a female screaming, “Help me!” The screamer’s voice was likely a recording. Instinctively, the victim might blurt out his or her child’s name: “Mary, are you okay?” And then a man’s voice would say something like, “We have Mary. She’s in a truck. We are holding her hostage. You need to pay a ransom and you need to do it now or we are going to cut off her fingers.”

Most of the time, Arbuthnot said, “the intended victims quickly learned that ‘Mary’ was at home or at school, or they sensed the scam and hung up. This fraud only worked when people picked up the phone, they had a daughter, and she was not home,” he explained. “But if you are making hundreds of calls, the crime will eventually work.”

“The scammers attempt to keep victims on the phone so they can’t verify their loved ones’ whereabouts or contact law enforcement. The callers are always in a hurry, and the ransom demand is usually a wire payment to Mexico of $2,000 or less, because there are legal restrictions for wiring larger amounts across the border.

Although victims were typically instructed to wire ransom payments, two individuals in Houston were coerced into paying larger amounts—totaling approximately $28,000—that could not be wired. The victims were directed to make money drops, and they believed they were being watched as they were directed to the assigned location. When the drops were made—in specified trash cans—a Houston woman, 34-year-old Yanette Rodriguez Acosta, was waiting to pick up the ransom money. After taking her portion of the payment, Acosta wired the rest in small amounts to several individuals in Mexico to transfer to the Mexican prisoner believed to be running the virtual kidnapping scheme.

Acosta was taken into custody for her involvement in the scam, and in July 2017, a federal grand jury in Houston returned a 10-count indictment against her. Among the charges were wire fraud and money laundering.

Arbuthnot noted that the Mexican prisoners who carry out virtual kidnappings use the ransom money to pay bribes and to make their lives behind bars easier. “And sometimes they use the money to buy their way out of jail. That’s the ultimate goal.”

He added that virtual kidnapping cases are difficult to investigate and prosecute because almost all of the subjects are in Mexico, and the money is wired out of the country and can be difficult to trace. The charges against Acosta represent the first federal indictment in a virtual kidnapping case. In addition, many victims do not report the crime, either because they are embarrassed, afraid, or because they don’t consider the financial loss to be significant.

Regardless, Arbuthnot said, “victims of virtual kidnapping scams are traumatized by these events, because at the time, they believe that a loved one has been kidnapped and is in real danger.”

View Source

Clifton NJ worker stole dead man’s Social Security money

“CLIFTON NJ Sept 29 2017 -A city employee who worked at senior citizen’s center was arrested Wednesday on charges she used a dead man’s debit card to withdraw Social Security funds from his bank account.

Jacklyn Delillo, 31, is charged with theft by deception and identity theft, Passaic County Prosecutor Camelia M. Valdes said in a statement.

Delillo worked at the Clifton Senior Citizens Center, which is run by city government. It was at the center where she befriended an elderly man, Valdes said.

“When the elderly individual died, Social Security checks continued to be deposited into the individual’s bank account,” Valdes said.

“It is alleged that Ms. Delillo used the decedent’s debit card to make purchases after his death, utilizing Social Security funds,” Valdes said.

Delillo stole about $2,500, the prosecutor alleged.

Delillo salary is $21,726 and has worked for the city for about a year, according to state pension records.

Local authorities were assisted in the investigation by the Social Security Administration Inspector General’s Office, Valdes said.

After her arrest, Delillo was released on a summons to appear in court on Oct. 20, the prosecutor said.”

View Source

Robo-parking enforcement to hit Edmonton this fall

Be warned. An Edmonton driver’s chances of getting away with illegal parking are set to drop dramatically when city officials roll out their new robo-parking patrol.

Car-mounted cameras will automatically check licence plates against the parking payment records while rolling at 50 km/h on downtown streets. A wall-mounted camera will take a picture every time a car enters or exits a city-owned parking lot to ensure payment and the human patrol no longer tasked with marching downtown streets will redeploy to school zones and other hot-spot areas.

City officials are evaluating product bids now and hope to have a test car on city streets in October. The full rollout would hit Edmonton by spring. “That would be ideal,” said Erin Blaine, parking enforcement co-ordinator.

“It’s just a way more efficient way to use resources,” Blaine said. The parking rules are there to ensure spots remain open for drop-in customers for local businesses, and the automated enforcement will be more reliable for everyone. “It eliminates officer error.”

Similar to photo radar, scofflaws will get a ticket in the mail rather than under their vehicle’s windshield wiper. It will include a photo of the licence plate, which Blaine hopes will reduce the number of people appealing these tickets in court. She currently has five to 10 officers called to court every week.

It’s a $50 ticket for motorists who do not pay for parking.

An update on the project went to city council last week. It’s a $12-million effort, with $5.2 million already spent on the new digital parking meters. It’s listed as late because the city originally thought it could roll out the whole plan by 2015.

The third phase — having city-owned parkades calculate the number and location of spots left — is still being developed.

The report to council says implementation was delayed while city officials investigated the possibility of partnering with another municipality.

Read More

Chicago Police, Feds Team up on New Effort to Curb Violence

Chicago police, federal agents and prosecutors are launching a new initiative Friday to stem the flow of illegal firearms in the city as part of efforts to curb rampant gun violence that President Donald Trump says is at “epidemic proportions.”

Trump’s remark on Twitter came ahead of an announcement by Chicago police and the Bureau of Alcohol, Tobacco, Firearms and Explosives about the formation of the Chicago Crime Gun Strike Force. The Chicago Sun-Times reported 20 additional ATF agents have been sent to Chicago.

State police, intelligence analysts and state and federal prosecutors will target illegal guns and repeat gun offenders, Chicago police said. Superintendent Eddie Johnson said in a statement Thursday night that “we are foundationally changing the way we fight crime in Chicago.”

Trump tweeted Friday morning that “Crime and killings in Chicago have reached such epidemic proportions that I am sending in Federal help.” In January, he warned Chicago about its high number of homicides, saying on Twitter that he is ready to “send in the Feds.”

Trump’s latest tweet said there have been 1,714 shootings in Chicago this year. The Sun-Times said its count showed 1,737 people have been shot in 2017, including 306 who died. The Associated Press sent a message to a police spokesman seeking their most recent count.

Police and federal officials note, however, that efforts to curb gun violence in Chicago have been cooperative — and are ongoing. Under the new effort, the federal prosecutors and prosecutors from Cook County will work on new strategies to prosecute gun crimes and offenders.

Attorney General Jeff Sessions, speaking Friday on the Fox News Channel’s morning show, “Fox & Friends,” said the Justice Department is “sending in additional gun investigators” to Chicago and that he has urged the U.S. attorney’s office to prosecute gun cases aggressively.

“The police have been demoralized in many ways,” he said. “In many ways, the policies in Chicago have not been working. Murders are way, way too high. It is critical for the people of Chicago’s public safety that we begin to work together here and deport violent criminals that have been convicted. They need to not be a sanctuary city, they need to be protecting the people of Chicago from violent criminals.”

Read More

Woman charged with 130 counts of forgery, credit card and ID theft

MESA, AZ - A woman from California racked up $16,000 in charges using identities stolen from 18 people across the country.

Court records show that the woman took the identities of eighteen people, created multiple credit card accounts from four department stores where she purchased items on a weekly basis.

Mesa police report that between June 1, 2016, and February 1, 2017, Maria Del Carmen Ramos, age 37, used stolen identities to create and use credit cards accounts to buy items at 15 different Kohl’s stores in Maricopa County.

Police say Ramos received personal profiles of 18 people from a friend in California. Ramos allegedly used these profiles to create credit card accounts at Kohl’s, Macy’s, Toy ‘R’ Us and JC Penney.

Loss prevention officers at Kohl’s say they have video evidence showing Ramos using the fake cards to make 36 purchases totaling over $16,000. Police say the total benefit value to Ramos could rise as high as $100,000.

So far police have identified 18 victims whose identities were stolen. One of the victims set up a password on her account after seeing fraudulent purchases. This hold, police say, allowed them to capture Ramos at the Kohl’s store near McKellips and Hayden roads on February 1.

Ramos reportedly told police that she was making purchases weekly, buying mostly clothing for her family, as well as shoes, electronics, and gift cards because they were easy to sell. Police say they found multiple identifications in her purse when she was arrested.

Police are contacting the victims, five of who are from New York.

Ramos has been charged with 130 counts of forgery, identity theft and fraudulent schemes.

View Source

High-end retail theft ring busted that targeted Western US

SAN FRANCISCO (AP) — San Francisco prosecutors have charged 16 people in a retail theft ring that stole more than $200,000 worth of clothing, purses and other merchandise from high-end stores such as Louis Vuitton and Salvatore Ferragamo, the district attorney’s office said Monday.

Ten more people have been charged in other Western U.S. cities where the group stole an additional $200,000 worth of merchandise, including Honolulu and Seattle, prosecutors said. The group is accused in dozens of thefts dating back to 2015.

“We’re taking something that on its face might have been a single or maybe two or three events, and we have been able to connect this to many other events,” San Francisco District Attorney George Gascon said at a news conference announcing the charges.

Linking the defendants to multiple thefts increases the potential sentences they face, he said.

The group in some cases sent as many as 10 or 12 people into a store with bags to grab as much merchandise as possible before running out the door, Assistant District Attorney Frank Carrubba said.

Some of the thefts became violent, with the thieves using pepper spray on store employees or brandishing knives, Carrubba said. There were often getaway drivers.

The charges filed include robbery, grand theft and commercial burglary.

View Source

Chicago aldermen want to deploy private security to reduce crime

“After a spike in crime, two Chicago aldermen want to bring private security services to the Wicker Park and Bucktown neighborhoods to supplement what police are already doing.
Ald. Brian Hopkins (2nd) and Ald. Joe Moreno (1st) proposed a plan to use the taxpayer surplus Special Service Area, or SSA, funds for guards to help Chicago police patrol the Northwest Side communities. On Friday, the aldermen and 14th District Police Commander Fabian Saldana brought together dozens of residents to discuss the proposal.
“It’s no different than snow removal, beautification or the other things that SSA does. I believe security is important, and it’s important to augment it, not replace it,” Moreno said.
Since May, 1700 crimes from battery to arson were reported in the area, but only 200 arrests have been made, according to the aldermen.
“We’re trying to get a handle on that with this proposal,” Hopkins said.
The proposed budget amendment would use $100,000 of the $1.2 million SSA budget, allowing for the hiring of off-duty and retired police officers for late-night patrols.
Some residents expressed support, saying it would be “egregious” to not do anything about the crime.
“It’s a really good idea, but we need to think about standards and oversight,” said community resident Gretchen Vermuelen.
Others were not enthusiastic about the idea.
“Police service is a fundamental service that the city should be providing on its own. We should not be providing that,” said Steven Lipe.
The SSA district overlaps three wards, with two of the three aldermen backing the private security proposal. Ald. Hopkins said the SSA funding will expire if not spent by the end of the year.
“If we’re not able to come to an agreement or some compromise, a willingness to work together, then really the entire $1.2 million is in jeopardy,” said Kimberly Bares of the Wicker Park/Bucktown Chamber of Commerce.
The aldermen said they hope to work out a solution within the next week.”

View Source

Conn.men charged in scheme to defraud Mohegan Sun casino

“Men from Wallingford and Southington face felony charges after police said they worked together to adjust bets and receive excessive gambling credits.
Christian Elwood, 40, of 40 N. Orchard St., Wallingford and Jeremy Paul Howard, 40, of Southington were both charged with first-degree larceny and conspiracy to commit first-degree larceny.
According to the arrest warrant, in May officers from the Mohegan Tribal Police began a larceny investigation involving a Mohegan Sun dealer, identified as Elwood, a patron, identified by the New London Day as Howard and a Mohegan Sun Floor Supervisor, also identified by the Day as Joseph P. Marotta, 36, of Danielson.
Security personnel and the director of table games reviewed the security footage from May 4. Howard is seen placing $3,000 in “front money” at a cashier window, the arrest warrant said. “Front money” can be used to go to a table game and call up a marker for any amount up to the deposit amount, the warrant said. Howard went to a roulette table and bought in for $300, then asked for a $2,000 marker from his front money, the warrant said. Marotta took Howard’s identification to verify the information and placed the $2,000 in markers on the table, the warrant said. Elwood then took $20,000 in gaming cheques and placed them in front of Howard, the warrant said. Howard put the gaming cheques in his pocket and left the roulette table shortly after, the warrant continued. After Howard left, Marotta entered false ratings into the system showing Howard winning more than he did to account for the missing money, the warrant said.
On May 21, Howard went to a roulette table and placed $25 gaming cheques on numbers for several rounds of play, the warrant said. Howard did not win during the rounds, but Elwood moved his bets to the winning number, paying out around $4,375 per falsified win, the warrant said. During another round Howard did win $2,250, but Elwood moved more bet markers onto the space, doubling his win, the warrant said.
During an interview with tribal police Elwood admitted knowing Howard for about a year and a half. Elwood told police moving the bets to the winning numbers must have been a “mistake” and said the piles must have fallen over and when he was tidying up the bets he accidentally moved the markers, the warrant said. Elwood denied moving the bets on purpose, the warrant said. He also denied over paying Howard the $20,000 for the front money in the first incident, the warrant said.
Police spoke with Marotta, who eventually admitted talking to Elwood about financial difficulties and Elwood talked about intentionally overpaying a patron and they would “get a piece of the action if he looked the other way,” the warrant stated.”

Read More

2 Sought After Credit Card Skimmers Found

ARRINGTON, Tenn. - Officials with the Williamson County Sheriff’s Office said they’re searching for two suspects after finding credit card skimmers in Arrington.

The two skimmers were found Tuesday on gas pumps at Rapid Pak Market in the 4800 block of Murfreesboro Road.

Authorities said the skimmers were found after the sheriff’s office got information of someone using a cloned credit card at two Sam’s Club locations in Murfreesboro and Antioch.

Officials said skimmers have most often been placed on pumps at the ends of the service area, since it’s more difficult for people in the store to see.

They added access doors on the pumps should have seals. If that seal has been broken or gone missing, someone possibly tampered with the pump.

Anyone with information on the men in the security photos has been urged to call the Williamson County Sheriff’s Office at 615-790-5554, ext. 3229 or Crime Stoppers at 615-794-4000.

View Source