Malware Developer Responsible for Countless Computer Intrusions

Not that they knew him personally, but Taylor Huddleston, a 27-year-old from Hot Springs, Arkansas, was for a time very popular among the world’s cyber criminals, thanks to a malicious piece of software he created called NanoCore RAT.

That malware allowed hackers to steal sensitive information from victims’ computers, including account numbers and passwords, and even allowed them to secretly activate the webcams of infected computers to spy on unsuspecting victims.

“Basically, the malicious software compromises victim computers and steals information,” said a special agent from the FBI’s Washington Field Office who investigated the case. “The NanoCore RAT has the ability to control a victim’s computer.”

This type of malware—a Remote Access Trojan (RAT)—is all the more insidious because in most cases victims have no idea their computers have been compromised. According to court documents, NanoCore RAT was used to infect and attempt to infect more than 100,000 computers.

RATs are not only a threat to individual users but to commercial enterprises as well. And if hackers decide to target U.S. infrastructure using this malware, the agent said, “there is a potential for national security implications.”

Huddleston had the skills to develop malicious software. “There are many cyber criminals out in the world,” the agent said. “Many are not sophisticated in terms of developing a new malware. Instead, they would rather purchase malware to carry out their crimes.”

Read More

601 Defendants Charged, More Than $2 Billion in Fraud Losses Recorded

FBI Deputy Director David Bowdich took part in a press conference today with U.S. Attorney General Jeff Sessions, Health and Human Services (HHS) Secretary Alex Azar III, and other federal officials to announce a nationwide health care fraud and opioid takedown that has resulted in charges against 601 defendants around the country, along with a total of more than $2 billion in fraud losses.

This takedown, the largest health care enforcement action taken to date by the joint Department of Justice and HHS Medicare Fraud Strike Force, involved numerous federal and state agencies working together on the front lines in the fight against health care fraud. “But our work is not finished—we are just getting started,” said Sessions. “We will continue to find, arrest, prosecute, convict, and incarcerate fraudsters and drug dealers, wherever they are.”

The charges announced today aggressively targeted schemes billing Medicare, Medicaid, TRICARE (a health insurance program for members and veterans of the armed forces and family members), and private insurance companies. Some of these schemes involved medically unnecessary prescription drugs and compounded medications that were often never even purchased and/or distributed to beneficiaries. In other cases, patient recruiters, beneficiaries, and other co-conspirators were allegedly paid cash kickbacks in return for supplying beneficiary information to providers, so that the providers could then submit fraudulent bills for services that were medically unnecessary or never performed.

According to Bowdich, “Any good criminal investigator or analyst will tell you that to find the criminals, you have to follow the money. And the people we’ve charged this week viewed our health care system as their personal ATM.”

Another focus of the operation was medical professionals allegedly involved in the unlawful distribution of opioids and other prescription narcotics.

Because virtually every health care fraud scheme requires a corrupt medical professional to be involved in order for Medicare or Medicaid to pay the fraudulent claims, aggressively pursuing these corrupt professionals not only has a deterrent effect on other medical professionals who might be tempted but also ensures that their licenses can no longer be used to bilk the system. Among those charged in this operation were 165 doctors, nurses, and other licensed medical professionals.

Read More

Ponzi Scheme Resulted in $10 Million in Losses for Investors

In July 2008, special agents from the FBI Sacramento Field Office executed a search warrant at the residence of a suspect and interviewed other individuals in connection with a mortgage fraud investigation.

In addition to finding evidence for their own case, investigators uncovered ties to what appeared to be a separate mortgage fraud scheme, and FBI Sacramento opened another case, working in partnership with the Internal Revenue Service (IRS) Criminal Investigation.

The main subject of the second case was Lee Loomis, president of Loomis Wealth Solutions, a company based in Roseville, California, but operating in about half a dozen states. And it wasn’t long before FBI and IRS investigators realized they were dealing with a much broader criminal scheme, and that mortgage fraud was just the tip of the iceberg.

After a long-term and complex investigation by law enforcement, Loomis was charged, pleaded guilty, and sentenced earlier this year for running a multi-faceted investment fraud/Ponzi scheme that caused millions of dollars in losses to more than 183 investors.

By reviewing voluminous amounts of evidence—including personal and company records, real estate records, bank records, financial statements, etc.—and questioning victims, employees of Loomis-owned entities, and others, investigators learned that from 2006 through 2008, Loomis offered what he called a “wealth-building program.”

During seminars about his company held at hotels and casinos, he boasted of unusually high rates of return for anyone who invested with him, and he advertised individualized financial family planning to help prospective clients earn money for college tuitions and retirement. Those attending the seminars were then asked to submit financial information including tax returns, pay stubs, copies of bills, and information concerning their home equity. Loomis would analyze this information and—targeting families with substantial home equity and good credit—invite them to a private two-day workshop.

Read More

Dedicated Law Enforcement Effort Leads to Capture of Indiana Fugitive

Seymour, Indiana, in the 1990s was a Midwestern town with rural roots and a comfortable, small-town feel. Parents felt safe letting their children walk to Girl Scout meetings with friends and ride their bikes unchaperoned.

All that changed on January 20, 1999, when a 10-year-old girl waiting for her father after gymnastics practice was abducted and molested. The man who approached her outside a local girl’s club said he had locked the keys in his car and needed someone with slender arms to reach them.

The attack shocked the community, all the more when the suspect fled before he could be apprehended. At the time, no one realized it would take nearly two decades to bring justice to the victim and her family, and a sense of closure to the community—or that an Indiana State Trooper who was born and raised in Seymour, and is now an FBI agent, would play a central role in resolving the case.

On that cold January day, Charley Hollin forced the girl into his car at knifepoint, drove away, and sexually assaulted her. Afterward, he made the girl leave the car naked, and her clothes were thrown out after her. Hollin also mistakenly threw out his own jacket, which contained his day planner.

Todd Prewitt was an Indiana State Police trooper at the time, and although he wasn’t assigned to the investigation, he took a keen interest. The crime had occurred in his district, and Seymour was his hometown. “I didn’t know the victim,” he said, “but I had family friends who sent their kids to that girl’s club.”

The assault itself was tragic, but then justice was not served. Hollin’s identity was known to authorities—and reported by the media—because they had his day planner. But the victim could not positively identify her assailant with full certainty, so authorities were forced to wait for the results of DNA testing before they could arrest Hollin and charge him with the crime. Hollin took that opportunity to flee.

Read More

International Business E-Mail Compromise Takedown

Today, federal authorities—including the Department of Justice and the FBI—announced a major coordinated law enforcement effort to disrupt international business e-mail compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals.

Operation WireWire—which also included the Department of Homeland Security, the Department of the Treasury, and the U.S. Postal Inspection Service—involved a six-month sweep that culminated in over two weeks of intensified law enforcement activity resulting in 74 arrests in the U.S. and overseas, including 42 in the U.S., 29 in Nigeria, and three in Canada, Mauritius, and Poland. The operation also resulted in the seizure of nearly $2.4 million and the disruption and recovery of approximately $14 million in fraudulent wire transfers.

A number of cases charged in this operation involved international criminal organizations that defrauded small- to large-sized businesses, while others involved individual victims who transferred high-dollar amounts or sensitive records in the course of business. The devastating impacts these cases have on victims and victim companies affect not only the individual business but also the global economy. Since the Internet Crime Complaint Center (IC3) began formally keeping track of BEC and its variant, e-mail account compromise (EAC), there has been a loss of over $3.7 billion reported to the IC3.

BEC, also known as cyber-enabled financial fraud, is a sophisticated scam that often targets employees with access to company finances and trick them—using a variety of methods like social engineering and computer intrusions—into making wire transfers to bank accounts thought to belong to trusted partners but instead belong to accounts controlled by the criminals themselves. And these same criminal organizations that perpetrate BEC schemes also exploit individual victims—often real estate purchasers, the elderly, and others—by convincing them to make wire transfers to bank accounts controlled by the criminals.

Foreign citizens perpetrate many of these schemes, which originated in Nigeria but have spread throughout the world.

During Operation WireWire, U.S. law enforcement agents executed more than 51 domestic actions, including search warrants, asset seizure warrants, and money mule warning letters. And local and state law enforcement partners on FBI task forces across the country, with the assistance of multiple district attorney’s offices, charged 15 alleged money mules for their roles in defrauding victims.

Read More

FBI Warns of Posting Hoax Threats

Today, the Federal Bureau of Investigation is announcing a campaign to educate the public on the consequences of posting hoax threats to schools and other public places and reminds communities that these hoax threats are not a joke.

In the aftermath of tragic shootings such as the ones at Santa Fe High School in Texas and Marjory Stoneman Douglas High School in Florida, the FBI and law enforcement around the country often see an increase in threats made to schools and other public forums.

The FBI and our partners follow up on every tip we receive from the public and analyze and investigate all threats to determine their credibility. Federal, state, and local law enforcement then employ a full range of tools to mitigate those threats that are deemed credible. Making false threats drains law enforcement resources and cost taxpayers a lot of money. When an investigation concludes there was a false or hoax threat made to a school or another public place, a federal charge could be considered, which carries a maximum sentence of five years in prison. If a federal charge is not warranted, state charges can be considered.

Public assistance is crucial to our efforts to curb these hoax threats. We ask that the public continue to contact law enforcement to report any potential threats or suspicious activity. If there is any reason to believe the safety of others is at risk, we ask that the public immediately reach out to their local police department by calling 911, or contact the FBI via tips.fbi.gov or over the phone (1-800-CALL-FBI). As always, members of the public can call their nearest FBI field office to report a tip.

Read More

$43 Million Ponzi Scheme Fleeced Tennessee Friends and Neighbors

Nobody would have suspected that the affable Tennessee tractor salesman who was raised among them, tended their lawns in high school, and prayed beside them at Sunday services was scamming them by the millions. Indeed, that’s probably what made the man’s investment scheme so successful, investigators say.

Jeffery Gentry, 40, pleaded guilty in federal court last August to charges related to his $43 million scheme that bilked investors—including friends, family, neighbors, and fellow parishioners—out of more than $10 million. Gentry, who owned and operated Gentry Brothers Tractor Supply and Gentry Auto in the Middle Tennessee town of Sparta, was sentenced on May 14 in U.S. District Court in Nashville to three years in prison. He was also ordered to pay $10.4 million in restitution to his victims.

Gentry’s scam was a textbook Ponzi scheme that promised investors high guaranteed rates of return on investments. He told investors the funds would finance the purchase of mowers and farm equipment to satisfy lucrative state contracts. In return, investors could expect monthly proceeds as high as 10 percent, thanks in part to rebates from equipment manufacturers for cash purchases, according to investigators. But it was all a lie, sustained in large part by investors’ faith that a lifelong neighbor and friend would never purposely do them wrong.

“He kind of preyed on that aspect of it,” said Jeff Guth, chief of the Sparta Police Department in White County, a close-knit rural community of 26,000 residents where the median household income is about $36,000. “Most of these people were friends of his. A lot of them went to church with him. They wouldn’t believe that someone close to them like that would be doing that.”

Guth learned of the scheme a few days before Christmas in 2016, when the police station lobby filled up with distraught investors fearing they had been duped. Gentry’s tractor store—an informal gathering spot where many of the investment transactions occurred—had shut down without explanation, suddenly casting doubt on their guaranteed returns. At the police station, former farmers and other retirees waved handwritten statements revealing their six-figure outlays, much of it from savings and retirement accounts. Suspecting there would be still more victims, Guth called the FBI in nearby Cookeville—a satellite office of the Bureau’s Memphis Division—for support.

Read More

Latest Internet Crime Report Released

Beginning in 2015, the Internet Crime Complaint Center (IC3) forwarded multiple complaints to the FBI’s Houston Field Office regarding fraudulent offers of investment opportunities by perpetrators who impersonated U.S. bank officials and financial consultants over the Internet and telephone. Victims in various countries, including the U.S., were deceived into believing they would receive millions of dollars from joint ventures with certain U.S. banks if they paid up-front fees—ranging from tens of thousands to hundreds of thousands of dollars—to participate. According to court documents, victims lost more than $7 million collectively in this scam.

The complaints submitted by victims to the IC3 helped investigators uncover this elaborate international advance fee and money laundering scheme, and in February of this year, six individuals were federally charged in Houston in connection with the scam.

The IC3, which has received more than 4 million victim complaints from 2000 through 2017, routinely analyzes complaints like these and disseminates data to the appropriate law enforcement agencies at all levels for possible investigation. The IC3 also works to identify general trends related to current and emerging Internet-facilitated crimes, and it publicizes those findings through periodic alerts and an annual report.

And today, the IC3 is releasing its latest annual publication—the 2017 Internet Crime Report—which reveals that the center received more than 300,000 complaints last year with reported losses of more than $1.4 billion.

Read More

International Criminal Enterprise Dismantled

Owen Hanson, who often went by his nickname, “O-Dog,” led a charmed life. He had been a popular high school athlete who found some athletic success—and even more popularity—at the University of Southern California.

After graduating with a business degree, he got his real estate license and, over time, undertook several seemingly successful business ventures that enabled him to buy a luxury home in Redondo Beach and a number of vacation properties elsewhere, drive expensive cars, travel routinely to Las Vegas to gamble, and party with professional athletes and celebrities.

However, as law enforcement came to discover, Hanson’s most productive “business venture” turned out to be a violent international drug trafficking, sports gambling, and money laundering enterprise that operated in the U.S., Central and South America, and Australia from 2012 to 2016. And late last year, Hanson was sentenced in U.S. district court in San Diego to more than 21 years in federal prison for heading up that criminal enterprise. He was also ordered to pay a $5 million criminal forfeiture, which included $100,000 in gold coins, his luxury vehicles, jewelry, vacation homes, a sailboat, and interests in several businesses.

Twenty-one of Hanson’s associates were also charged in this crime ring, and all have pleaded guilty—the most recent one in April 2018.

So how did a one-time talented and well-liked school athlete turn into the mastermind behind a major criminal operation?

The story of Owen Hanson’s illicit activities actually began in the early 2000s in college, when he sold recreational drugs and steroids to his teammates. But it wasn’t until early 2014—on the heels of an international sports gambling investigation that the FBI worked in partnership with the New South Wales Police Force in Australia—that some of Hanson’s post-graduate activities got the attention of federal law enforcement. And once again, investigators from the FBI and New South Wales joined forces to uncover a second gambling—and, ultimately, drug trafficking—enterprise that would lead all the way to Hanson.

Read More

Obstruction of Justice in Missouri regarding Restitution

The general concept of criminal restitution—perpetrators having to repay their victims any losses caused by their illegal actions—has been around for ages.

In the U.S., there are various restitution laws at both the state and federal level. One of the more significant federal laws on restitution was the Mandatory Restitution Act of 1996, which established procedures for determining the amount of restitution to which a victim may be entitled and made restitution mandatory for many types of federal crimes.

Restitution is an attempt to make crime victims whole again—basically to “restore” them to the same condition they were in before being victimized. Which makes the recent case of a Liberty, Missouri lawyer charged with obstruction of justice by stealing victim restitution funds seem all the more abhorrent.

Attorney Robert J. Young was legally representing a Missouri man who had been indicted and convicted in federal court of a fraudulent scheme to steal money from his employer. The defendant—who worked as the director of information technology at a Midwest construction company—stole hundreds of thousands of dollars by using his company credit card to purchase unnecessary equipment and then reselling it for personal profit. The defendant used the illegal proceeds to buy such luxury items as customized motorcycles, a boat, jet skis, and a large motor home.

Young’s client, who was ultimately sentenced to a federal prison term, had also been ordered to pay a total of $442,000 in restitution to his company. His initial sentencing hearing had been set for January 2016, and Young had made it known to court personnel in advance that his client would be making a partial restitution payment at that hearing.

Before the January hearing, the defendant’s wife had given Young more than $62,000 for her husband’s partial restitution payment through several deposits to the lawyer’s client trust account and business account as well a personal check. But at the January 2016 sentencing hearing, Young did not make the partial restitution payment on behalf of his client. Instead, he told the court that the funds were still in his client trust account, so the hearing was postponed until March 2016.

Read More