Former Commercial Pilot Found Guilty of Internet Stalking

Source: United States Department of Justice News

SAN ANTONIO – A federal jury convicted a Chesterfield, Missouri man today for internet stalking.

According to court documents and evidence presented at trial, from May 2020 to September 2020, Mark Joseph Uhlenbrock, 69, with the intent to harass and intimidate another person, used the internet to engage in a course of conduct that caused substantial emotional distress to his victim.  This course of conduct included posting nude photographs of the victim on the internet without the victim’s consent.  The conduct from this crime occurred while Uhlenbrock was still on supervised release for a 2016 federal conviction for internet stalking the same victim.

In 2016, U.S. District Judge Xavier Rodriguez sentenced Uhlenbrock to 41 months in federal prison, followed by three years of supervised release, after Uhlenbrock plead guilty to internet stalking.  As part of his plea in that case, Uhlenbrock admitted that from January 2006 to August 2015, he caused substantial emotional distress by posting nude photographs of his victim on the internet without the victim’s consent.

Uhlenbrock is scheduled to be sentenced on August 30, 2023.  He has remained in federal custody since his arrest on December 10, 2020, for violating conditions of his supervised release.

U.S. Attorney Jaime Esparza of the Western District of Texas and FBI Special Agent in Charge Oliver E. Rich Jr., made the announcement.

The FBI is investigating the case.

Assistant U.S. Attorneys William Calve and Karina O’Daniel are prosecuting the case.

###

Former Head of Non-Governmental Organization Sentenced for Bribing Officials of Republic of Marshall Islands

Source: United States Department of Justice News

The former president of a New York-based non-governmental entity (NGO) was sentenced today to three years and six months in prison for paying bribes to elected officials of the Republic of the Marshall Islands (RMI) in exchange for passing certain legislation.

According to court documents, beginning in or around 2016 and continuing until at least August 2020, Cary Yan, 51, conspired with others – including his assistant, Gina Zhou – in connection with a multi-year bribery scheme. Yan offered and paid tens of thousands of dollars in bribes to high-level RMI officials, including members of the RMI legislature, in exchange for supporting legislation creating a semi-autonomous region within the RMI called the Rongelap Atoll Special Administrative Region (RASAR) that would benefit the business interests of Yan and his associates. Yan carried out the bribery scheme using the New York-based NGO, including the physical use of its headquarters in Manhattan, to meet and communicate with RMI officials.

In December 2022, Yan and Zhou each pleaded guilty to one count of conspiracy to violate the anti-bribery provisions of the Foreign Corrupt Practice Act. On Feb. 16, Zhou was sentenced to two years and seven months in prison for her role in the scheme.

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division, U.S. Attorney Damian Williams for the Southern District of New York, and Assistant Director Luis Quesada of the FBI’s Criminal Investigative Division made the announcement.

The FBI New York Field Office investigated the case. The Royal Thai Government, the U.S. Department of State’s Diplomatic Security Service, the Embassy of the United States in Bangkok, and the Justice Department’s Office of International Affairs provided substantial assistance in securing the arrest and extradition of Yan.

Assistant Chief Gerald M. Moody, Jr. and Trial Attorney Anthony Scarpelli of the Criminal Division’s Fraud Section and Assistant U.S. Attorneys Hagan Scotten, Lara Pomerantz, and Derek Wikstrom for the Southern District of New York prosecuted the case.

The Fraud Section is responsible for investigating and prosecuting Foreign Corrupt Practices Act (FCPA) matters. Additional information about the Justice Department’s FCPA enforcement efforts can be found at www.justice.gov/criminal/fraud/fcpa.

Russian National Charged with Ransomware Attacks Against Critical Infrastructure

Source: United States Department of Justice Criminal Division

The Justice Department today unsealed two indictments charging a Russian national and resident with using three different ransomware variants to attack numerous victims throughout the United States, including law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide.

According to the indictment obtained in the District of New Jersey, from at least as early as 2020, Mikhail Pavlovich Matveev, aka Wazawaka, aka m1x, aka Boriselcin, aka Uhodiransomwar, allegedly participated in conspiracies to deploy three ransomware variants. These variants are known as LockBit, Babuk, and Hive, and Matveev transmitted ransom demands in connection with each. The perpetrators behind each of these variants, including Matveev, have allegedly used these types of ransomware to attack thousands of victims in the United States and around the world. These victims include law enforcement and other government agencies, hospitals, and schools. Total ransom demands allegedly made by the members of these three global ransomware campaigns to their victims amount to as much as $400 million, while total victim ransom payments amount to as much as $200 million.

“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”

On or about June 25, 2020, Matveev and his LockBit coconspirators allegedly deployed LockBit ransomware against a law enforcement agency in Passaic County, New Jersey. Additionally, on or about May 27, 2022, Matveev and his Hive coconspirators allegedly deployed Hive against a nonprofit behavioral healthcare organization headquartered in Mercer County, New Jersey. On April 26, 2021, Matveev and his Babuk coconspirators allegedly deployed Babuk against the Metropolitan Police Department in Washington, D.C.

“From Russia and hiding behind multiple aliases, Matveev is alleged to have used these ransomware strains to encrypt and hold hostage for ransom the data of numerous victims, including hospitals, schools, nonprofits, and law enforcement agencies, like the Metropolitan Police Department in Washington, D.C.,” said U.S. Attorney Philip R. Sellinger for the District of New Jersey. “Thanks to the extraordinary investigative work of prosecutors from my office and our FBI partners, Matveev no longer hides in the shadows – we have publicly identified his criminal acts and charged him with multiple federal crimes. Let today’s charges be a reminder to cybercriminals everywhere – my office is devoted to combatting cybercrime and will spare no resources in bringing to justice those who use ransomware attacks to target victims.” 

According to the indictment obtained in the District of Columbia, between April 21, 2021, and May 9, 2021, Matveev allegedly participated in conspiracies to deploy Babuk and to transmit a ransom demand. Specifically, on April 26, 2021, Matveev and his Babuk co-conspirators allegedly deployed Babuk ransomware against the Metropolitan Police Department in Washington, D.C., and then threatened to disclose sensitive information to the public unless a payment was made.

“Data theft and extortion attempts by ransomware groups are corrosive, cynical attacks on key institutions and the good people behind them as they go about their business and serve the public,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “Whether these criminals target law enforcement, other government agencies, or private companies like health care providers, we will use every tool at our disposal to prosecute and punish such offenses. Thanks to exceptional work by our partners here, we identified and charged this culprit.”

“The FBI is steadfast in our commitment to disrupting cybercriminals like Matveev,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “The FBI will continue to impose costs on cyber adversaries through our joint collaboration with our private sector and international partners, and we will not tolerate these criminal acts against American citizens.”

The LockBit ransomware variant first appeared around January 2020. LockBit actors have executed over 1,400 attacks against victims in the United States and around the world, issuing over $100 million in ransom demands and receiving over $75 million in ransom payments.

The Babuk ransomware variant first appeared around December 2020. Babuk actors executed over 65 attacks against victims in the United States and around the world, issuing over $49 million in ransom demands and receiving as much as $13 million in ransom payments.

Since June 2021, the Hive ransomware group has targeted more than 1,400 victims around the world and received as much as $120 million in ransom payments.

The LockBit, Babuk, and Hive ransomware variants operated in the same general manner: first, the ransomware actors would identify and unlawfully access vulnerable computer systems, sometimes through their own hacking, or by purchasing stolen access credentials from others. Second, the actors would deploy the ransomware variant within the victim computer system, allowing the actors to encrypt and steal data thereon. Next, the actors would send a ransom note to the victim demanding a payment in exchange for decrypting the victim’s data or refraining from sharing it publicly. Finally, the ransomware actors would negotiate a ransom amount with each victim willing to pay. If a victim did not pay, ransomware actors would often post that victim’s data on a public website, often called a data leak site.  

Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. If convicted, he faces over 20 years in prison. 

The FBI Newark Field Office’s Cyber Crimes Task Force is investigating the case with valuable assistance from the Jersey City Police Department, New Jersey State Police, Newark IRS Criminal Investigation, and international partners from European Cyber Crime Centre of Europol, National Police Agency of Japan, Gendarmerie Nationale Cyberspace Command of France, National Crime Agency and South West Regional Organized Crime Unit of the United Kingdom, Kantonspolizei Zürich of Switzerland, High-Tech Crime Unit of the Dutch Police Services Agency of the Netherlands, Bundeskriminalamt and Landeskriminalamt of Germany, Mossos d’Esquadra Police Department of Spain, Norwegian Police Service of Norway, and Swedish Police Authority of Sweden.

Trial Attorneys Jessica C. Peck, Benjamin Proctor, and Jorge Gonzalez of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS); Assistant U.S. Attorneys Andrew M. Trombly and David E. Malagold for the District of New Jersey’s Cybercrime Unit in Newark; and Assistant U.S. Attorney Elizabeth Aloi for the District of Columbia’s Fraud, Public Corruption, and Civil Rights Section are prosecuting the case.

The FBI Tampa Field Office and Orlando Resident Agency, along with Assistant U.S. Attorney Chauncey Bratt for the Middle District of Florida and CCIPS Trial Attorneys Christen Gallagher and Alison Zitron, made critical contributions to the case. The FBI Washington Field Office and Metropolitan Police Department also provided valuable assistance.

The Justice Department’s Office of International Affairs and National Security Division also provided significant assistance.

Victims of LockBit, Babuk, or Hive ransomware should contact their local FBI field office for further information. For additional information on ransomware, including the LockBit, Babuk, and Hive variants, please visit StopRansomware.gov.

Additionally, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) today announced that it is designating the defendant for his role in launching ransomware attacks against U.S. law enforcement, businesses, and critical infrastructure.

Finally, the Department of State has also announced an award of up to $10 million for information that leads to the arrest and/or conviction of this defendant. Information that may be eligible for this award can be submitted at tips.fbi.gov or RewardsForJustice.net. Congress established the Transnational Organized Crime Rewards Program in 2013 to support law enforcement efforts to dismantle transnational criminal organizations and bring their leaders and members to justice. The Department of State’s Bureau of International Narcotics and Law Enforcement Affairs manages the program in coordination with other U.S. federal agencies.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Former D.C. Police Union Vice Chairman Pleads Guilty to Time and Attendance Fraud Scheme

Source: United States Department of Justice News

Defendant Billed MPD While Working Outside Employment

            WASHINGTON – Medgar Webster Sr., 52, of Washington, D.C., pleaded guilty yesterday, in Superior Court, to one count of first degree felony fraud for committing time and attendance fraud on the Metropolitan Police Department. U.S. Attorney Matthew M. Graves, D.C. Attorney General Brian L. Schwalb, and Chief Robert Contee III, of the Metropolitan Police Department made the announcement.

            The Honorable Errol Arthur accepted Webster’s guilty plea and scheduled sentencing for July 25, 2023. As part of his plea, Webster must pay full restitution.

            According to court documents, Webster, a former MPD officer and Vice Chairman of the D.C. Police Union, engaged in unauthorized outside employment at three Whole Foods Market locations in Washington, D.C. between January 2021 and April 2022, while concurrently employed by MPD.  Although employment outside of MPD may be permitted in certain circumstances, Webster never submitted the necessary administrative forms or received the proper authorizations, which are required by MPD, in part, to maintain records of an MPD member’s hours worked throughout the year.

            Acting unchecked during this period, Webster stole more than $33,845 from MPD after billing MPD for regular, overtime and holiday hours that he never worked. In total, Webster worked more than 1,400 hours of outside employment at Whole Foods, of which 514 hours were worked simultaneously with time he fraudulently reported working for MPD. This double-billed time included submissions by Webster for 246.5 hours in overtime pay, at an adjustable hourly rate of $79.67 per hour.

            This fraud prosecution is the result of a partnership between the Office of the Attorney General and the U.S. Attorney’s Office for the District of Columbia.

            In announcing the guilty plea, U.S. Attorney Graves, D.C. Attorney General Schwalb, and Chief Contee commended the work of those who investigated the case from the Metropolitan Police Department’s Internal Affairs Division. They also expressed appreciation for the work of those who investigated and prosecuted the matter, including Assistant U.S. Attorney Benjamin D. Bleiberg, and former Special Assistant U.S. Attorney Bayly Leighton, on detail from the Office of the Attorney General to prosecute local fraud and public corruption cases. 

Former Tribal Official Sentenced for Bribery Scheme

Source: United States Department of Justice Criminal Division

A former Tribal government official of the Three Affiliated Tribes of the Mandan, Hidatsa, and Arikara Nation (MHA Nation) was sentenced yesterday to five years in prison for soliciting and accepting bribes and kickbacks from a contractor providing construction services on the Fort Berthold Indian Reservation in North Dakota, which is the home of the MHA Nation.

According to court documents, Randall Judge Phelan, 58, of Mandaree, North Dakota, was an elected representative on the Tribal Business Council – the governing body of the MHA Nation – from 2013 to 2020. Beginning around 2013 and continuing through 2020, Phelan solicited and accepted bribes and kickbacks totaling more than $645,000 from a contractor operating on the Fort Berthold Indian Reservation. In exchange for payments, Phelan used his official position to help the contractor’s business, including by awarding millions of dollars in contracts, fabricating bids during purportedly competitive bidding processes, advocating for the contractor with other Tribal officials, and facilitating the submission and payment of fraudulent invoices.

In October 2022, Phelan pleaded guilty to conspiracy to commit bribery concerning programs receiving federal funds, honest services wire fraud, and bribery concerning programs receiving federal funds.

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division, U.S. Attorney Mac Schneider for the District of North Dakota, and Assistant Director Luis Quesada of the FBI’s Criminal Investigative Division made the announcement.

The FBI Minnesota Field Office investigated the case.

Trial Attorneys Andrew Tyler and John J. Liolos of the Criminal Division’s Fraud Section and Assistant U.S. Attorney Matthew Greenley for the District of North Dakota prosecuted the case.