Month: March 2023

Source: United States Department of Justice News

A federal jury convicted a deputy U.S. Marshal yesterday for conspiracy to commit cyberstalking, cyberstalking, perjury, and obstruction of a federal matter.

According to court documents and evidence presented at trial, Ian R. Diaz, 44, of Brea, California, and his then-wife, an unindicted co-conspirator (CC-1), posed as a person with whom Diaz was formerly in a relationship (Jane Doe). In that guise, they sent themselves harassing and threatening electronic communications that contained apparent threats to harm CC-1; solicited and lured men found through Craigslist “personal” advertisements to engage in so-called “rape fantasies” in an attempt to stage a purported sexual assault on CC-1 orchestrated by Jane Doe; and staged one or more hoax sexual assaults and attempted sexual assaults on Diaz’s former wife. Diaz and CC-1 then reported this conduct to local law enforcement, falsely claiming that Jane Doe posed a genuine and serious threat to Diaz and CC-1. Their actions caused local law enforcement to arrest, charge, and detain Jane Doe in jail for nearly three months for conduct for which Diaz and CC-1 framed her.

“Ian Diaz abused his position as a deputy U.S. Marshal to execute an intricate cyberstalking scheme that framed an innocent person for sexual assault, leading to her unjust imprisonment for 88 days,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “As this prosecution demonstrates, the Criminal Division is committed to preserving the public’s confidence in law enforcement by holding accountable any official who violates their oath of office and victimizes the community they are sworn to serve.”

In addition, Diaz and CC-1 took steps to conceal their conduct, including using falsely registered email accounts, using virtual private networks to access the internet anonymously, and communicating with each other using encrypted messaging services. Diaz also deleted email accounts used to communicate in furtherance of the scheme.

“Yesterday’s verdict is the culmination of unrelenting investigative work that began in 2017 when the Cyber Investigations Office initiated this case,” said Special Agent in Charge Harry A. Lidsky of the Department of Justice Office of the Inspector General (DOJ-OIG) Cyber Investigations Office. “Diaz’s egregious actions and lies to law enforcement stripped a woman of her freedom and liberty. This kind of stalking, harassment, and obstruction is unconscionable, and yesterday, the jury held Diaz accountable for his crimes. I would like to thank the jury for their time, attention, and careful consideration of the facts of this case.”

“The evidence presented at trial exposed a harrowing scheme concocted by Diaz to frame someone for crimes they didn’t commit,” said Special Agent in Charge Zachary Shroyer of the DOJ-OIG Los Angeles Field Office. “Our investigators worked tirelessly to reveal the truth about the conspiracy, lies, and stalking he committed, and to find justice for his victim.”

Diaz was convicted of one count of conspiracy to commit cyberstalking, one count of cyberstalking, one count of perjury, and one count of obstructing a federal proceeding. He is scheduled to be sentenced on June 30 and faces a maximum penalty of 20 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The DOJ-OIG investigated the case.

Senior Litigation Counsel Marco A. Palmieri and Trial Attorney Rebecca G. Ross of the Criminal Division’s Public Integrity Section and Senior Trial Attorney Mona Sedky of the Computer Crime and Intellectual Property Section are prosecuting the case.

Source: United States Department of Justice News

The founder of BreachForums made his initial appearance today in the Eastern District of Virginia on a criminal charge related to his alleged creation and administration of a major hacking forum and marketplace for cybercriminals that claimed to have more than 340,000 members as of last week. In parallel with his arrest on March 15, the FBI and Department of Health and Human Services Office of Inspector General (HHS-OIG) have conducted a disruption operation that caused BreachForums to go offline.

According to court documents unsealed today, Conor Brian Fitzpatrick, 20, of Peekskill, New York, allegedly operated BreachForums as a marketplace for cybercriminals to buy, sell, and trade hacked or stolen data and other contraband since March 2022. Among the stolen items commonly sold on the platform were bank account information, social security numbers, other personally identifying information (PII), means of identification, hacking tools, breached databases, services for gaining unauthorized access to victim systems, and account login information for compromised online accounts with service providers and merchants. 

“Today, we continue our work to dismantle key players in the cybercrime ecosystem,” said Deputy Attorney General Lisa O. Monaco. “Like its predecessor RaidForums, which we took down almost a year ago, BreachForums bridged the gap between hackers hawking pilfered data and buys eager to exploit it. All those operating in dark net markets should take note: Working with our law enforcement partners, we will take down illicit forums and bring administrators to justice in U.S. courtrooms.”

“People expect that their online data will be protected, and the Department of Justice is committed to doing just that,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Criminal Division. “We must and will remain vigilant to the threat posed by those who attempt to undermine our digital security. We will continue to disrupt the forums that facilitate the theft and distribution of personal information and prosecute those responsible.”

Fitzpatrick’s alleged victims have included millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies. Some of the stolen datasets contained the sensitive information of customers at telecommunication, social media, investment, health care services, and internet service providers. For instance, on Jan. 4, a BreachForums user posted the names and contact information for approximately 200 million users of a major U.S.-based social networking site. Further, on Dec. 18, 2022, another BreachForums user posted details of approximately 87,760 members of InfraGard, a partnership between the FBI and private sector companies focused on the protection of critical infrastructure.

“Cybercrime victimizes and steals financial and personal information from millions of innocent people,” said U.S. Attorney Jessica D. Aber for the Eastern District of Virginia. “This arrest sends a direct message to cybercriminals: your exploitative and illegal conduct will be discovered, and you will be brought to justice.”

“The FBI will continue to devote all available resources to deter, disrupt, and diminish criminal enterprise activity,” said FBI Deputy Director Paul Abbate. “We will work alongside our federal and international partners to impose costs on malicious cyber actors around the world and continue to bring justice to those who victimize the American public.”

“Following the seizure of RaidForums last year, cybercriminals turned to BreachForums to buy and sell stolen data, including breached databases, hacking tools, and the personal and financial information of millions of U.S. citizens and businesses,” said Assistant Director in Charge David Sundberg of the FBI Washington Field Office. “The FBI and our partners will not let cybercriminals and those who enable them profit from the theft of sensitive data while hiding behind keyboards. This arrest and disruption of yet another criminal marketplace demonstrates the potency of our joint work to dismantle the digital structures that facilitate cybercrime.”

As part of the scheme, Fitzpatrick allegedly supported the activities of cybercriminals by creating and operating a “Leaks Market” subsection that was dedicated to buying and selling hacked or stolen data, tools for committing cybercrime, and other illicit material. To facilitate transactions on the forum, Fitzpatrick allegedly offered to act as a trusted middleman, or escrow service, between individuals on the website who sought to conduct these types of illicit transactions. In addition, Fitzpatrick allegedly managed an “Official” databases section through which BreachForums directly sold access to verified hacked databases through a “credits” system administered by the platform. As of Jan. 11, the Official database section purported to contain 888 datasets, consisting of over 14 billion individual records. These databases belong to a wide variety of both U.S. and foreign companies, organizations, and government agencies. Fitzpatrick allegedly profited from the scheme by charging for forum credits and membership fees.

“This case sends a clear message that illicitly stealing, selling, and trading the personal information of innocent members of the public will not be tolerated, and that malicious cyber actors will be held accountable,” said Special Agent in Charge Stephen Niemczak of the HHS-OIG. “HHS-OIG and our law enforcement partners remain dedicated to protecting the American public and the integrity of government networks and data from these egregious cyberattacks.”

The BreachForums website has supported additional sections in which users discuss tools and techniques for hacking and exploiting hacked or stolen information, including in the “Cracking,” “Leaks,” and “Tutorials” sections. The BreachForums website also includes a “Staff” section that appears to be operated by the BreachForums administrators and moderators.

Fitzpatrick is charged with conspiracy to commit access device fraud. If convicted, he faces a maximum penalty of five years in prison.

Fitzpatrick’s arrest and the disruption of BreachForums comes nearly a year after the Department of Justice announced the seizure of a predecessor hacking marketplace, Raidforums, and unsealed criminal charges against RaidForums’ founder and chief administrator, who is the subject of extradition proceedings in the United Kingdom.

The law enforcement actions against Fitzpatrick and BreachForums are the result of an ongoing criminal investigation by the FBI Washington Field Office, FBI San Francisco Division, and HHS-OIG, with assistance provided by the U.S. Secret Service, Homeland Security Investigations New York Field Office, New York Police Department, U.S. Postal Inspection Service, and Peekskill Police Department. The U.S. Attorneys’ Office for the Northern District of California, the District of Maryland, and the Southern District of New York have also provided assistance in this matter.

The Justice Department’s Office of International Affairs is handling the extradition.

The Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) and Assistant U.S. Attorney Carina A. Cuellar for the Eastern District of Virginia are prosecuting the case.

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: United States Department of Justice News

ANCHORAGE, ALASKA – A federal District Court judge sentenced an Anchorage man to 21 years imprisonment followed by six years of supervised release on March 22, 2023, for his role in a drug trafficking organization that spanned multiple states.

According to court documents, Dustin Noonan pleaded guilty to drug conspiracy and money laundering conspiracy for his role in a lucrative drug trafficking and distribution organization that stretched from Alaska to Arizona, California, Massachusetts, Michigan, Nevada, New Mexico, New York, Ohio, and Pennsylvania. From March 2018 through October 2020, the leaders of the organization regularly mailed large amounts of drugs to distributors throughout the country, including mailing parcels to Noonan in Anchorage, and deposited hundreds of thousands of dollars of drug proceeds into various bank accounts. During the nearly three-year investigation, law enforcement officers recovered about six kilograms of heroin, four kilograms of methamphetamine, and four kilograms of fentanyl. Over several months in 2020, investigators intercepted five drug parcels intended for Noonan, which together contained one kilogram of fentanyl and nearly 800 grams of heroin that Noonan planned to distribute throughout Alaska. The kilogram of fentanyl that Noonan intended to distribute was enough to kill 500,000 people.

Anchorage Police arrested Noonan on June 12, 2020, after they responded to a call of a domestic disturbance. As detailed in court documents, Noonan barricaded himself inside his residence and refused officer commands to come outside. He then crawled out of a window, fled on foot, and struggled with the arresting officers. Inside his vehicle, officers found a Springfield Arms XD .45 caliber semiautomatic firearm in the center console. Noonan, who had been convicted of robbing a series of pharmacies at knifepoint in and around St. Petersburg, Florida in 2006, was legally prohibited from possessing a firearm.

Noonan was indicted in April 2021 along with 9 other members of the conspiracy located in Anchorage, San Diego, and Tucson, Arizona. Tyler Landroche was sentenced to 70 months imprisonment on February 23, 2023. Kimberly Renee Mackey was sentenced to 48 months imprisonment on February 22, 2023. Jessica Twigg was sentenced to time served on May 16, 2022. Rene Pompa-Villa, Carlos Camacho, Christopher Pompa-Villa, Kyle Redpath, and Heydimar Marrero are awaiting sentencing. Victor Pompa-Villa remains at large.

“Preventing the influx of deadly fentanyl and heroin is integral to protecting this community,” said U.S. Attorney S. Lane Tucker. “We will continue to aggressively target drug trafficking organizations to disrupt the flow of these dangerous drugs into Alaska.”

“The shipment of illegal narcotics has no place in the U.S. Postal Service and the State of Alaska. This should serve as a reminder of the Inspection Service’s continuous efforts to bring large scale dealers like Noonan to justice,” said Inspector in Charge Anthony Galetti. “Through the efforts of the law enforcement agencies involved, this sentencing will have a clear and lasting impact on the communities of Alaska. We thank our state, local and federal partners for their support and efforts in this investigation.”

“The severe sentence handed down underscores the dangerousness of fentanyl and reaffirms the DEA’s commitment to tirelessly investigate and prosecute those who would traffic this poison in our communities,” said Jacob D. Galvan, Acting Special Agent in Charge, DEA Seattle Field Division.

“Learning the metric system should be a result of a good education, not because of drug trafficking,” said Special Agent in Charge Bret Kressin, IRS Criminal Investigation (IRS:CI), Seattle Field Office. “Keeping the kilogram of fentanyl and additional heroin Mr. Noonan intended to distribute off of our streets is a win, but fighting the opioid crisis takes constant vigilance from all of us. IRS:CI will continue to work with our partners in the community and in law enforcement to help keep our communities safe.”

U.S. Attorney S. Lane Tucker of the District of Alaska made the announcement.

The U.S. Postal Inspection Service (USPIS); U.S. Department of Drug Enforcement Administration (DEA); the Internal Revenue Service (IRS); Alaska State Troopers, and the Anchorage Police Department investigated the case. The U.S. Marshals had a significant role in making the arrests, and the U.S. Attorney’s Offices in Tucson and San Diego played a critical role in the indictment of this case.

Assistant U.S. Attorneys Christopher D. Schroeder and Karen Vandergaw prosecuted the case.

This investigation and prosecution are part of the Organized Crime Drug Enforcement Task Force (“OCDETF”), which identifies, disrupts, and dismantles the highest-level drug traffickers, money launderers, gangs, and transnational criminal organizations that threaten the United States by using a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks.

Beware of pills bought on the street: One Pill Can Kill. Fentanyl, a Schedule II controlled substance, is a highly potent opiate that can be diluted with cutting agents to create counterfeit pills that purport to mimic the effects of Oxycodone, Percocet, and other drugs, but can be obtained at a lower cost. However, very small variations in the amount or quality of fentanyl create huge effects on the potency of the counterfeit pills and can easily cause death. Fentanyl has now become the leading cause of drug overdose deaths in the United States. Counterfeit, fentanyl-laced pills are usually shaped and colored to resemble pills that are sold legitimately at pharmacies. For example, the counterfeit pills involved in this case, known as M30s, mimic Oxycodone, but when sold on the street they routinely contain fentanyl. These tablets are round and often light blue in color, though they may be made in many colors, and have “M” and “30” imprinted on opposite sides of the pill.