Charges Filed Involving Distribution of Pirated Motion Pictures

Richard Arnold Also Indicted for Social Security Fraud

GREENEVILLE, Tenn.-- A federal grand jury in Greeneville returned a five-count indictment on May 11, 2011, against Richard and Melissa Arnold of Hampton, Tenn., Kristen Bailey, of Erwin, Tenn., and Reginald Garner of Johnson City, Tenn., for a conspiracy to infringe copyrights, and a conspiracy to traffic in counterfeit labels. Richard Arnold was also indicted for defrauding the Social Security Administration. The Arnolds and Bailey appeared in court on May 12, 2011, before U.S. Magistrate Judge Dennis H. Inman. Garner appeared in court on May 16, 2011. Each defendant entered a plea of not guilty to the charges in the indictment. The defendants were released on bond pending trial, which has been set for July 21, 2011 in U.S. District Court, in Greeneville.

The indictment alleges that the defendants were engaged for over five years in a conspiracy which made unauthorized copies of copyrighted motion pictures on DVDs and the labels for the DVDs, and then sold those pirated DVDs to customers in the Tri-Cities area. As a result of the sale of the pirated DVDs, the indictment also seeks forfeiture of property used to commit the offense and property derived from proceeds obtained from the sale of the pirated DVDs. Furthermore, a money judgment is sought from the Arnolds of at least $300,000, representing proceeds from the sale of pirated DVDs.

The indictment further alleges that Richard Arnold defrauded the Social Security Administration to receive Social Security Disability Insurance benefits to which he was not entitled, resulting in an overpayment of benefits of over $59,000.

If convicted, the defendants face a term of up to five years in prison, a fine of up to $250,000 and supervised release of three years for each count, in addition to the forfeiture of the criminal proceeds of the crimes.

This indictment is the result of a joint investigation by the Federal Bureau of Investigation, Social Security Administration, Office of the Inspector General (SSA-OIG), and Carter County Sheriff's Office. Assistant U.S. Attorney J. Gregory Bowman will represent the United States.

Members of the public are reminded that an indictment constitutes only charges and that every person is presumed innocent until their guilt has been proven beyond a reasonable doubt.

May 16, 2011

Source: http://www.cybercrime.gov/

COMPUTER PROGRAMMER SENTENCED TO FEDERAL PRISON

The Defendant Accessed ATMs Using Malicious Computer Code 

CHARLOTTE, NC - A former Bank of America (BOA) computer programmer was sentenced to 27 months in federal prison yesterday, to be followed by two years of supervised release for unauthorized access to the financial institution’s protected computers, announced Anne M. Tompkins, U.S. Attorney for the Western District of North Carolina. U.S. Attorney Tompkins is joined in making today’s announcement by Russell F. Nelson, Special Agent in Charge of the U.S..

Secret Service, Charlotte Field Division

U.S. District Judge Frank D. Whitney also ordered Rodney Reed Caverly, 54, of Mint Hill to pay restitution in the amount of $419,310.90. The restitution amount includes $284,750 Caverly stole from ATMs and $134,750.90 in costs incurred by BOA to remove from the bank’s ATM computer system a malicious computer code entered by Caverly. U.S. Secret Service agents also recovered $167,010 of stolen cash based on information provided by the defendant.

According to court records and sentencing proceedings, Caverly, who was hired by BOA to design and maintain its computer systems, had been assigned to work on a project involving the bank’s automated teller machine (ATM) system. Filed documents and court records show that from March 2009 to October 2009, Caverly knowingly and with intent to defraud exceeded his authorized access by gaining access to one or more protected BOA computers and deployed a malicious computer code to select BOA ATMs. The malicious code caused a limited number of infected ATMs to disburse cash from the ATMs without any transaction record of the cash disbursements. The code Caverly entered caused only the unauthorized disbursement of cash stored in the ATM machines and did not affect any financial accounts of BOA’s customers.

Caverly pleaded guilty on April 13, 2010 and was released pending his sentencing hearing. Upon designation to a federal facility, he will report to the custody of the Federal Bureau of Prisons. Federal sentences are served without the possibility of parole.

The investigation was handled by the U.S. Secret Service, Charlotte Field Office, and was prosecuted by Assistant U.S. Attorney Thomas O’Malley of the U.S. Attorney’s Office in Charlotte.

Source: http://www.usdoj.gov/usao/ncw

Cybercriminals Reinvent Methods of Malicious Attacks

Date: July 11, 2008
Source: Trend Micro Incorporated

Trend Micro Incorporated (TSE: 4704), a global leader in Internet content security, reported on July 7 that cybercriminals are not only leveraging new technologies to propagate cybercrime, but are also reinventing forms of social engineering to cleverly ensnare both consumers and businesses, according to the "Trend Micro Threat Roundup and Forecast 1H 2008" report. As a result, the last six months saw an upswing in Web threats, but steady decreases in adware and spyware that are generated by outdated technical methods and can no longer compete with high-level security solutions.

Exploiting human nature through social engineering and phishing techniques

While social engineering tactics such as the Nigerian phishing scam and the Spanish prisoner scam have been around for decades, cybercriminals continue to refresh and modernize this standard form of trickery based on whatever the trend appears to be. For example, the tools and technologies used to create the interactive nature of popular social networking sites have become a land mine for cybercrime. In March, Trend Micro discovered that over 400 phishing kits designed to generate phishing sites were targeting top Web 2.0 sites (i.e. social networking, video sharing and VoIP sites), free email service providers, banks and popular e-Commerce Web sites.

Recently, a new form of phishing warned potential victims about phishing emails as a way to legitimize that email and then tricked them into clicking on a link that leads to a fraudulent site. Spammers are also recycling old techniques. In February, Trend Micro investigated a voice phishing (aka "vishing") attempt. The message appeared convincing, with all links leading to corresponding, legitimate target pages, but included a phony number for recipients to call to reactivate their account, which had been supposedly "placed on hold." Upon calling the phone number, users were asked for their bank card number and PIN, unwittingly opening their bank accounts to the phishers.

Developing malware for blended threats

Malware variants have generally been treated as separate individual threats. Today, profit-motivated Web threats blend various malicious software components into a singular Web threat business model. For example, a cyber criminal sends a message (spam) with an embedded link in the email (malicious URL) or contained in an instant message. The user clicks on the link and is redirected to a Web site where a file (Trojan) automatically downloads onto the user's computer. The Trojan then downloads an additional file (spyware) that captures sensitive information, such as bank account numbers (spy-phishing). Although seemingly one incident, blended threats are much more difficult to combat and much more dangerous for the user.

Exploiting new technologies

The fast-flux technique is an additional example of criminals abusing technology developments. Fast-flux is a domain-name-server (DNS) switching mechanism that combines peer-to-peer networking, distributed command and control, Web-based load-balancing, and proxy redirection to hide phishing delivery sites. Fast-flux helps phishing sites stay up for longer periods to lure more victims. For example, researchers are challenged to identify malicious Storm domains because developers are using fast-flux techniques to evade detection.

A spike in Web threats accompanied by a decline in adware and keyloggers

Trend Micro witnessed a dramatic increase in Web threat activity during the first half of 2008. Web threats peaked in March to 50,000,000 from approximately 15,000,000 in December 2007.

On the decline are adware, trackware, keyloggers and freeloaders. In March 2007, Trend Micro found that approximately 45 percent of PCs were infected by adware; by April 2008, only 35 percent were reportedly infected. In May 2007, approximately 20 percent of PCs were infected by trackware; that number has dropped to less than 5 percent in April 2008. Keyloggers also showed a small, but steady decline with less than 5 percent of PCs being infected (from over 5 percent in September 2007.)

"This is a good example of how cybercriminals are evolving with the times -- they're moving away from threats that use old or waning technologies; instead, focusing on the lucrative threats that bring a bigger payload," said Raimund Genes, chief technology officer of Trend Micro.

Other notable findings from the report:

-- High-profile Web sites became highly targeted. In early January, several massive SQL injection attacks were launched on thousands of Web pages belonging to Fortune 500 corporations, state government agencies and educational institutions.

-- Mobile threats are continuing to play a small part in the new threat landscape. In January, Trend Micro discovered malware disguised as a multimedia file that was used to infect older Nokia mobile phones.

-- With skill comes precision. Cybercriminals are increasingly targeting more affluent users, such as C-level executives who represent a small number of wealthy, high-level individuals in positions of power to gain access to larger bank accounts, login credentials, or even email addresses that span an entire organization.

-- Spam volumes decreased briefly at the beginning of 2008 -- perhaps a post-holiday break for spammers. Volume spiked in March with a small slip in April. Whenever drops in spam activity occur, Trend Micro researchers interpret this as a sign that spammers are either regrouping to launch a new attack or testing new techniques.

-- Bots (compromised PCs) spiked from over 1,500,000 in January to over 3,500,000 in February. This was then followed by a dramatic drop in March.

Six-Month Forecast

According to research and observations of attacks that have occurred since the beginning of this year, Trend Micro researchers predict the following trends over the next six months:

-- Social engineering will remain a key attack method, with more sophisticated tricks evolving. Trend Micro expects cyber criminals to leverage events such as the Summer Olympics, back-to -school shopping, the U.S. election season, soccer and football events, and the holiday season in December.

-- Cybercriminals will continue to target newly discovered vulnerabilities in "third-party" software applications, such as QuickTime, RealPlayer, Adobe Flash, etc.

-- Crimeware that relies on technical methods that are becoming obsolete, such as dialers and keyloggers, will continue to slowly decline in number. Grayware such as trackware and browser hijackers will also slowly fall off in number as they cannot scale well in an era of million-member botnets.

-- Spam volume will continue to rise exponentially with average daily spam volumes predicted to increase by 30- to 50- billion messages per day. Spam and phishing will rise in August to correspond with back-to-school activities and the Olympics. A seasonal spike is also expected in November to correspond with the holidays, with spam forecasted to reach 170 to 180 billion messages per day.

-- As is occurring now, both spam and phishing will continue to play a part in blended threats. About 0.2 percent-one out of every 500 Web requests-are sent to Web sites hosted on infected PCs, and this trend is expected to continue.

-- Bots and botnets will continue to play an important part in the threat chain for spamming, information stealing, targeted attacks and large-scale attack campaigns.

Source: http://www.crime-research.org/analytics/3451/

NEWS RELEASE

Jacques Duplessis was charged today by indictment with engaging in a scheme to sell approximately 6,000 boxes of counterfeit LifeScan One Touch diabetic test strips that he purchased from suppliers in China and England, announced U.S. Attorney Zane David Memeger. The indictment charges Duplessis with mail fraud, trafficking in counterfeit goods, entry of goods into the U.S. through a false statement on a customs form, and making a false statement to a federal agency. According to the indictment, defendant Duplessis was the president and sole shareholder of both America's Premier Supplier Corp. and Royal Global Wholesale Corp., which were both Florida based corporations. Defendant Jacques Duplessis allegedly engaged in a scheme to sell approximately 6,000 boxes of counterfeit LifeScan One Touch diabetic test strips that he purchased from suppliers in China and England to wholesale customers in the United States and Canada, who, in turn, sold those counterfeit products to purchasers in pharmacies and other stores throughout the United States, including in the Philadelphia area. According to the indictment, LifeScan, Inc. (LifeScan), a subsidiary of Johnson & Johnson (J&J), is the distributor of One Touch blood glucose test strips. Lifescan and J&J have registered federal trademarks for diabetic test strips including Lifescan, OneTouch, OneTouch Basic, and OneTouch Ultra.

Source: http://www.cybercrime.gov/

INFORMATION REGARDING THE DEFENDANT

NAME                                         ADDRESS                                          AGE
---------------------------------------------------------------------------------
Jacques Duplessis                     Boynton Beach, FL                                   60

If convicted the defendant faces a maximum possible sentence of 57 years’ imprisonment, a $3,000,000 fine, three years’ supervised release, and a $500 special assessment.

The case was investigated by the United States Food and Drug Administration Office of Criminal Investigations and is being prosecuted by Assistant United States Attorney Nancy Rue.

May 17, 2011

FBI set to kill secret-stealing Russian 'botnet'

The FBI has seized control of a Russian cybercrime enterprise, but to kill it completely, officials may ask to rip some malware out of your computer. US diplomatic secrets could be at stake.

The FBI might be asking your permission soon to reach into your computer and rip something out. And you don’t know it’s there.

In a first for US law enforcement efforts to make the Internet more secure, the Federal Bureau of Investigation has seized control of a Russian cybercrime enterprise that has enslaved millions of personal computers and may have gained access to US diplomatic, military, and law enforcement computer systems.

As if WikiLeaks wasn’t bad enough.

But in order to destroy the criminal “botnet” for good, the FBI has to take yet another aggressive step that is alarming privacy rights advocates: remove the malware from the computers in the network. Hopefully all that gets taken out is the malware.

MONITOR QUIZ: How much do you know about cybersecurity?

The FBI’s target is a “robot network” dubbed the “Coreflood botnet” by investigators. It’s a worldwide network created by a Russian cybercrime gang that took control of 2.3 million personal computers that vacuumed up vast amounts of US personal financial and government data for almost a decade before being targeted for extermination.

More than a million of the personal computers recruited into the botnet resided in the US, according to a filing by the Department of Justice in federal court in Connecticut last month.

As of three years ago, Coreflood was sucking up about a gigabyte of data per day and as much as 500 gigabytes a year – about equal to five library floors filled with academic journals. But it was not just credit card, wire transfer, and bank passwords – its primary target – that worried investigators.

At some point, investigators discovered, Coreflood sent back to Russia “master key” access to computer systems belonging to at least one US embassy in the Middle East – which made government officials more than a little nervous, a computer security firm investigator told the Monitor.

Also, as of this year, the Coreflood botnet had assimilated into the US portion of its network hundreds of thousands of computers belonging to 17 state or local government agencies, including one police department, three airports, and two defense contractors. Add to that list five banks or financial institutions, about 30 colleges or universities, and approximately 20 hospital or health care companies as well as hundreds of businesses, according to the Justice Department’s court filing.

Botnets are nearly ideal for criminals

Anonymous and cheap to build, botnets are a nearly ideal criminal platform on the Internet for attacks aimed at shutting down company websites – unless a payment is made – and especially pilfering personal banking credentials. Symantec, the antivirus company, reported nearly 7 million botnets on the Internet in 2009. As powerful as the Coreflood botnet became, it is old enough that most updated antivirus programs should protect computers from infection.

Millions of criminal botnets operate on the Internet today – turning individuals’ personal computers surreptitiously into “zombies” or “bots” that will do whatever their criminal “bot masters” order them to do – without the owner knowing anything about it.

Authorities have tried for years to stop botnets before – with mixed results.

But last month, the Department of Justice and FBI moved to take Coreflood down using an approach that could be a model for handling botnets more effectively in the future. The method?Basically, law enforcement authorities took control of the botnet by inserting into the network their own “command and control” computers capable of giving orders to the network’s individual PC “bots.” 

Source: http://www.crime-research.org/news/10.05.2011/3870/

LOS ANGELES MAN PLEADS GUILTY TO ROLE IN TRAFFICKING COUNTERFEIT EXERCISE EQUIPMENT MADE IN CHINA

LOS ANGELES – A Los Angeles man pleaded guilty today to trafficking in counterfeit goods for bringing hundreds of bogus, Chinese-made Ab Circle Pro machines and related items into the United States.

Sok Hun Jin, who also uses the name “Eric Jin,” 36, of downtown Los Angeles,

pleaded guilty to trafficking in counterfeit goods.

In a plea agreement filed in federal court, Jin admitted that he was responsible for illegally bringing more than 2,000 bogus Ab Circle Pro machines into the United States. The counterfeit equipment was made in the People’s Republic of China and came to the United States in four containers last year. The retail value of the counterfeit goods is estimated to be approximately $650,000. Separate packages with fake DVDs, manuals and stickers were also shipped from China into the United States.

United States District Judge Percy Anderson is scheduled to sentence Jin on September 12. At that time, Jin faces a maximum statutory sentence of 10 years in prison and up to $2 million in fines.

The case is the product of an investigation by U.S. Immigration and Customs Enforcement’s Homeland Security Investigations and U.S. Customs and Border Protection.

Last year, in a separate case, a Chino woman received a 41-month prison sentence in federal court in Los Angeles for importing counterfeit exercise gear

 (see: http://www.justice.gov/usao/cac/pressroom/pr2010/155.html).

In another case in court today involving counterfeit items manufactured in China, the owners of a Los Angeles jewelry story were sentenced to prison for illegally importing and selling counterfeit designer jewelry, some of which tested positive for hazardous levels of lead.

Source: http://www.cybercrime.gov/

COLUMBIA MAN SENTENCED FOR SELLING COUNTERFEIT MOVIES

Columbia, South Carolina---- United States Attorney Bill Nettles stated today that Johnnie B. Gray, age 29, of Columbia, South Carolina, was sentenced today in federal court for infringement of copyright, a violation of 18 U.S.C. § 2319. United States District Judge Joseph F. Anderson, Jr., sentenced Gray to 24 months imprisonment to be followed by 3 years of supervised release.

Gray previously pleaded guilty to using a five-bay DVD duplicator to make copies of movies that had been produced by Hollywood studios. Gray then sold these movies to his customers. During the investigation of the case, federal agents seized nearly 1,500 counterfeit movies from Gray.

During the sentencing hearing, Judge Anderson stated that one of the reasons for the sentence he imposed was that “intellectual property is an important part of free enterprise in the United States and should be promoted and fostered in the law.” The judge also emphasized that is was important to make sure the public was aware that “all those explicit warnings about penalties for illegal copying” that are routinely projected during the opening credits mean that courts can decline to issue “light weight sentences.”

The case was investigated by agents of the Federal Bureau of Investigation. Assistant United States Attorney Dean A. Eichelberger of the Columbia office handled the case.

Source: http://www.cybercrime.gov/

MICHIGAN WOMAN PLEADS GUILTY TO SELLING MORE THAN $400,000 IN

WASHINGTON – A Michigan woman pleaded guilty today to selling more than $400,000 worth of counterfeit computer software, announced Assistant Attorney General of the Criminal Division Lanny A. Breuer and U.S. Attorney Barbara L. McQuade for the Eastern District of Michigan, Jacinda Jones, 31, of Ypsilanti, Mich., pleaded guilty to one count of willful copyright infringement before U.S. District Judge David M. Lawson in Detroit. According to court documents, between July 2008 and January 2010, Jones earned more than $400,000 by selling over 7,000 copies of pirated business software at discounted prices through the website www.cheapdl.com. The software had a retail value of more than $2 million and was owned by several companies, including Microsoft, Adobe, Intuit and Symantec. According to court documents, Jones’ activities came to the attention of U.S. Immigration and Customs Enforcement (ICE) agents, who made several undercover purchases of the pirated business and utility software.

At sentencing, Jones faces maximum penalties of five years in prison, a $250,000 fine and three years of supervised release. During her guilty plea hearing, Jones also agreed to forfeit any illegal proceeds from her criminal activity and pay restitution to the victims. Sentencing has been scheduled for Aug. 15, 2011, at 9 a.m.

The case is being prosecuted by Assistant U.S. Attorney Terrence Berg of the U.S. Attorney’s Office for the Eastern District of Michigan and Trial Attorney Thomas Dougherty of the Criminal Division’s Computer Crime and Intellectual Property Section. The investigation was conducted by the Field Support Unit of the National Intellectual Property Rights Coordination Center (IPR Center) and by ICE’s Office of Homeland Security Investigations in Detroit.

The enforcement action announced today is an example of the type of efforts being undertaken by the Department of Justice Task Force on Intellectual Property (IP Task Force). Attorney General Eric Holder created the IP Task Force to combat the growing number of domestic and international intellectual property crimes, protect the health and safety of American consumers, and safeguard the nation’s economic security against those who seek to profit illegally from American creativity, innovation and hard work. The IP Task Force seeks to strengthen intellectual property rights protection through heightened criminal and civil enforcement, greater coordination among federal, state and local law enforcement partners, and increased focus on international enforcement efforts, including reinforcing relationships with key foreign partners and U.S. industry leaders. To learn more about the IP Task Force, go to www.justice.gov/dag/iptaskforce/.

Source: http://www.cybercrime.gov/