Month: May 2023

Source: United States Department of Justice Criminal Division

A Virginia man pleaded guilty today to a money laundering conspiracy involving funds embezzled from the Embassy of Kuwait’s health office in Washington, D.C.

According to court documents, from approximately January through September 2014, Ahmed El Khebki, aka Ahmed Khider El Khebki, of Lorton, conspired to launder money embezzled from the Kuwaiti Embassy. El Khebki and his co-conspirators stole money from the embassy’s health office earmarked to pay for medical care for Kuwaiti citizens who traveled to the United States to receive treatment at, among other places, Johns Hopkins Hospital and MedStar Georgetown University Hospital.

To embezzle and launder the funds, El Khebki and his co-conspirators created fake companies with names meant to mimic actual U.S. healthcare providers, including “Hopiken” and “MedStar.” The co-conspirators then submitted fraudulent invoices to the health office, claiming that they had provided medical services to real Kuwaiti citizens under the auspices of those fake companies. Employees at the health office in the embassy who were in on the scheme approved the invoices and wrote checks to El Khebki and his co-conspirators’ fake companies. During the course of the conspiracy, the health office paid more than $1.5 million in fraudulent invoices. El Khebki personally deposited hundreds of thousands of dollars of stolen funds into accounts he controlled and used the stolen funds to make numerous personal purchases.

El Khebki joins two co-conspirators, Wael Sedik and Huwida Fadl, in pleading guilty for his role in the conspiracy. El Khebki’s co-defendant and co-conspirator Hussein Fadl Osman remains at large.

El Khebki pleaded guilty to money laundering. He is scheduled to be sentenced on Aug. 24 and faces a maximum penalty of 20 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division and Special Agent in Charge Derek W. Gordon of Homeland Security Investigations (HSI) Washington, D.C. made the announcement.

HSI investigated the case.

Senior Trial Attorney Jonathan Baum and Trial Attorney Shai D. Bronshtein of the Criminal Division’s Money Laundering and Asset Recovery Section (MLARS) are prosecuting the case as part of the department’s Kleptocracy Asset Recovery Initiative.

The Kleptocracy Asset Recovery Initiative in MLARS was formed to prosecute money launderers and forfeit the proceeds of foreign official corruption and, where appropriate, to use those recovered assets to benefit the people harmed by the corruption and abuse of office. Individuals with information about possible proceeds of foreign corruption located in or laundered through the United States should contact federal law enforcement or send an email to kleptocracy@usdoj.gov.

Source: United States Department of Justice News

Good morning. I am Matt Olsen, the Assistant Attorney General for National Security. Thank you all very much for being here.

I am joined by Matt Axelrod, the Assistant Secretary for Export Enforcement at the Department of Commerce.

Exactly three months ago, we launched the Disruptive Technology Strike Force. This is an interagency enforcement effort led by the Departments of Justice and Commerce. The FBI and Homeland Security Investigations, our law enforcement partners who are integral to this effort, are also represented here on stage. I also want to thank the Attorney General and the Deputy Attorney General for their support of our work.

The mission of the Strike Force is to prevent foreign adversaries from obtaining critical advanced technologies. We have established 14 local cells around the country – more than a third of which are represented here today on stage – to investigate and prosecute violations of U.S. laws.

Our work is supported by an interagency team of data analysts who identify gaps in enforcement and prioritize our lines of effort. Collectively, our work is critical to defend U.S. military readiness, to preserve our technological advantage over our adversaries, and to protect human rights and democratic values worldwide.

Five U.S. Attorneys from around the country are here with us: Breon Peace, of the Eastern District of New York; Gary Restaino, of the District of Arizona; Martín Estrada, of the Central District of California; Ismail Ramsey, of Northern District of California; and Damian Williams, of the Southern District of New York.

Today, we are announcing five cases from each of these districts. The cases – which were brought by the U.S. Attorneys’ Offices in partnership with the National Security Division – span a range of emerging technologies and malicious actors.

These cases demonstrate the breadth and complexity of the threats we face, as well as what is at stake. They show our ability to accelerate investigations and surge our collective resources to defend against these threats.

As you’ll hear more about in a moment, two of the five cases involve dismantling alleged procurement networks created to help the Russian military and intelligence services obtain sensitive technologies in violation of U.S. export-control laws. These technologies include military tactical equipment, airplane braking technology, and quantum cryptography.

Two other cases charge former software engineers with stealing software and hardware source code from U.S. tech companies in order to market it to Chinese competitors – including, in one of the cases, Chinese state-owned enterprises. The stolen code is alleged to be trade secrets used by the U.S. companies to develop self-driving cars and advanced automated manufacturing equipment.

The final case charges a Chinese national with violating U.S. sanctions in attempting to sell to Iran materials used to produce weapons of mass destruction. The defendant tried to arrange the sale using two Chinese companies that the U.S. government has sanctioned for supporting Iran’s ballistic missile program.

We stand vigilant in enforcing U.S. laws to stop the flow of sensitive technologies to our foreign adversaries. And that means using everything – from our criminal investigations and prosecutions to administrative enforcement actions to private sector outreach.

So let me be clear: we are committed to doing all we can to prevent these advanced tools from falling into the hands of foreign adversaries, who wield them in ways that threaten not only our nation’s security, but democratic values everywhere.

And with that, let me turn it over to Assistant Secretary Axelrod, and then to the U.S. Attorneys to discuss these prosecutions.

Source: United States Department of Justice News

Defendant Posted a Video to YouTube Admitting He Carried a Knife

            WASHINGTON – An Alabama man was sentenced today on felony and misdemeanor charges for his actions during the Jan. 6, 2021, Capitol breach. His actions and the actions of others disrupted a joint session of the U.S. Congress convened to ascertain and count the electoral votes related to the presidential election.

            Joshua Matthew Black, 46, of Leeds, Alabama, was sentenced to 22 months in prison for three felony charges and two misdemeanors. Black was found guilty on January 13, 2020, following a trial in the U.S. District Court in the District of Columbia, of entering and remaining in a restricted building or grounds with a deadly or dangerous weapon; disorderly and disruptive conduct in a restricted building or grounds with a deadly or dangerous weapon; unlawful possession of a dangerous weapon on Capitol grounds or buildings; entering and remaining on the floor of Congress; and disorderly conduct in a Capitol building. In addition to the prison term, U.S. District Court Judge Amy B. Jackson ordered 24 months of supervised release and  restitution of $2,000.

            According to the government’s evidence, on Jan. 6, 2021, Black was among a mob of rioters illegally on the Capitol grounds. He entered the Capitol Building and was captured in photographs and on video, posted to social media sites, standing on the floor of the Senate chamber. Black later posted a video to YouTube in which he discussed entering the Capitol and the floor of the Senate chamber on Jan. 6, 2021.  He explained that “once we found out Pence turned on us and that they had stolen the election, like officially, the . . . crowd went crazy. I mean, . . .  it became a mob.  We crossed the gate, we got up.”  He also admitted carrying a knife to the Capitol because “you’re not allowed to carry guns in DC and I don’t like being defenseless.” 

            During a search of his residence on Jan. 14, 2021, the Federal Bureau of Investigation recovered the knife Black admitted he carried at the Capitol.  The FBI arrested him later that day at a police station in Moody, Alabama. 

            The case was investigated by the FBI’s Birmingham and Washington Field Offices, which listed Black as #6 on its seeking information photos. Valuable assistance was provided by the U.S. Capitol Police and the Metropolitan Police Department.

            The case was prosecuted by the U.S. Attorney’s Office for the District of Columbia. Valuable assistance was provided by the U.S. Attorney’s Office for the Northern District of Alabama.

            In the 28 months since Jan. 6, 2021, more than 1,000 individuals have been arrested in nearly all 50 states for crimes related to the breach of the U.S. Capitol, including more than 320 individuals charged with assaulting or impeding law enforcement. The investigation remains ongoing. 

            Anyone with tips can call 1-800-CALL-FBI (800-225-5324) or visit tips.fbi.gov.

Source: United States Department of Justice Criminal Division

An Illinois man pleaded guilty yesterday to leading a conspiracy to sell stolen financial information on the dark web, aka darknet.

According to court documents, Michael D. Mihalo, aka Dale Michael Mihalo Jr., 40, of Naperville, was the founder of a darknet “carding” site called Skynet Market, which was used to sell stolen financial information on the internet. Operating under the moniker ggmccloud1, Mihalo and his co-conspirators were also prominent vendors on additional darknet markets, including AlphaBay Market, Wall Street Market, and Hansa Market. Each market required users to conduct transactions in digital currencies, including Bitcoin. Through these markets, Mihalo and his co-conspirators sold the stolen financial information, primarily the credit and debit card numbers and associated information, of tens of thousands of U.S. victims between Feb. 22, 2016, and Oct. 1, 2019.

Mihalo assembled and directed the team that helped him sell this stolen financial information on the darknet. Each of the co-conspirators benefitted from the trusted reputation Mihalo, as ggmccloud1, had built on the darknet sites to sell more stolen financial information than they would have been able to sell individually. Taylor Ross Staats, 40, of Texas, conspired with Mihalo and others to sell stolen financial information on the internet. Staats served as a “card-checker,” who ensured the financial information sold by Mihalo and others on multiple darknet sites remained active and had not been canceled by the relevant financial institutions. Staats personally earned at least $21,000 worth of Bitcoin for these services.

Mihalo personally possessed, sent, and received the information associated with 49,084 stolen payment cards with the intent that the payment card information would be trafficked on darknet sites, all in furtherance of the conspiracy. Mihalo earned at least $1 million worth of cryptocurrencies at the time of the sales, including Bitcoin, Ethereum, and Monero. These funds have significantly appreciated since that time.

Mihalo pleaded guilty to one count of conspiracy to commit access device fraud, one count of access device fraud, and six counts of money laundering. He will be sentenced on a later date. He faces a maximum penalty of five years in prison for the conspiracy count and a maximum penalty of 10 years in prison on each of the remaining counts. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Under the terms of his plea agreement, Mihalo must also forfeit to the government any property he personally obtained through the offenses, including several million dollars’ worth of cryptocurrency, financial accounts, and real property, and has agreed to entry of a money judgment of an amount to be determined by the judge at sentencing.

Mihalo is the second defendant to plead guilty in this case. Staats pleaded guilty on Dec. 14, 2022, to one count of conspiracy to commit access device fraud in connection with his role as “card-checker” for Mihalo and the other co-conspirators. He faces a maximum penalty of five years in prison for the conspiracy count and will be sentenced on a later date.

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division, U.S. Attorney Teresa A. Moore for the Western District of Missouri, Assistant Director Bryan Vorndran of the FBI’s Cyber Division, and Special Agent in Charge Charles Dayoub of the FBI Kansas City Field Office made the announcement.

The FBI Kansas City Field Office investigated the case.

Senior Counsel Louisa Becker of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Matthew Blackwood for the Western District of Missouri are prosecuting the case. The Justice Department’s Office of International Affairs provided significant assistance.

The Justice Department also thanks its law enforcement colleagues at the Royal Canadian Mounted Police in Canada for their assistance in this case.

Stolen victim payment card information obtained over the course of the investigation has been and/or will continue to be provided to the financial institutions that issued the payment cards. If you were active on Skynet Market, AlphaBay Market, Wall Street Market, or Hansa Market; have been in contact with any of Skynet Market’s administrators; or believe your financial information may have been stolen and sold on any of these markets between Feb. 22, 2016, and Oct. 1, 2019, please file a report with the FBI’s Internet Crime Complaint Center (ic3.gov) and reference this press release.