Month: January 2025

Source: United States Department of Justice Criminal Division

A Minnesota man was arrested last week and charged with federal hate crime offenses for assaulting a Black man outside of a bar.

According to the indictment that was unsealed yesterday, on or about Feb. 3, 2024, Justin Anthony Kudla used force or the threat of force to injure, intimidate and interfere with the victim — a Black man identified in the indictment as Victim 1 — because of Victim 1’s race, color, religion and/or national origin, and because Victim 1 was enjoying the goods, services, facilities, privileges, advantages and accommodations of a local bar. The indictment also charges Kudla with willfully causing bodily injury to Victim 1 because of Victim 1’s actual and perceived race.  

If convicted, Kudla faces a maximum penalty of 10 years in prison for each offense and a fine of up to $250,000. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Assistant Attorney General Kristen Clarke of the Justice Department’s Civil Rights Division, U.S. Attorney Andrew M. Luger for the District of Minnesota and Special Agent in Charge Alvin M. Winston Sr. of the FBI Minneapolis Field Office made the announcement.

The FBI Minneapolis Field Office is investigating the case, with assistance from the Belle Plaine Police Department.

Assistant U.S. Attorney Evan Gilead for the District of Minnesota and Trial Attorneys Katherine G. DeVar and Briana M. Clark of the Justice Department’s Civil Rights Division are prosecuting the case.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: United States Department of Justice Criminal Division

Medsinbox Pharmacy LTC LLC, doing business as Farmacia San Antonio (Medsinbox), a pharmacy located in Camden, New Jersey, has agreed to pay $625,000.00 to resolve allegations that it violated the False Claims Act by knowingly billing federal health care programs for medications that it never dispensed.

The United States alleged that, from Jan. 1, 2019, through Jan. 24, 2022, Medsinbox caused the submission of claims for reimbursement to the Medicare Part D Program and the New Jersey Medicaid Program for drugs that were never dispensed to beneficiaries. The government contends that inventory records showed that Medsinbox did not purchase enough of these medications from wholesalers to fill all of the prescriptions billed to these federal health care programs.

“Health care providers defraud federal health care programs when they bill for goods or services that they did not provide,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “We will hold accountable those who improperly seek to profit from taxpayer funded programs.”

“Pharmacies play an important role in maintaining the safety and accuracy of prescribed medications, and allegedly billing for medications not actually dispensed undermines that role and defrauds our healthcare programs,” said Acting U.S. Attorney Vikas Khanna for the District of New Jersey. “The government will continue to pursue entities that engage in fraud and abuse at the taxpayers’ expense.”

The resolution obtained in this matter was the result of a coordinated effort between the Civil Division’s Commercial Litigation Branch, Fraud Section, and U.S. Attorney’s Office for the District of New Jersey.

The investigation and resolution of this matter illustrates the government’s emphasis on combating health care fraud. One of the most powerful tools in this effort is the False Claims Act. Tips and complaints from all sources about potential fraud, waste, abuse and mismanagement can be reported to the Department of Health and Human Services at 800-HHS-TIPS (800-447-8477).  

Senior Trial Counsel Jennifer Cihon of the Justice Department’s Civil Division and Assistant U.S. Attorneys Kruti Dharia and Robert Toll for the District of New Jersey handled the matter.

The claims resolved by the settlement are allegations only. There has been no determination of liability.

Settlement

Source: United States Department of Justice Criminal Division

The Justice Department today filed a civil lawsuit against KKR & Co. Inc. and over a dozen of its investment advisors and funds (collectively, KKR) for repeatedly flouting the premerger antitrust review process. Filed in the U.S. District Court for the Southern District of New York, the complaint alleges that KKR senior executives, deal teams and investment funds evaded antitrust scrutiny for at least 16 separate transactions by failing to comply with the Hart-Scott-Rodino Antitrust Improvements Act of 1976 (HSR Act).

“KKR’s rinse-and-repeat failures to provide complete and accurate information about its mergers and acquisitions were systemic,” said Acting Assistant Attorney General Doha Mekki of the Justice Department’s Antitrust Division. “Through document omissions, alterations, and failures to report deals, KKR threatened the integrity of the Division’s premerger reviews and, in some cases, obscured the market impact of its deals and serial acquisitions.”

The HSR Act requires parties to a merger, acquisition, or other transaction above a certain size to submit a premerger filing to the Justice Department’s Antitrust Division and the Federal Trade Commission to aid in the agencies’ enforcement of merger law. As a sophisticated private equity firm in the business of buying and selling companies, KKR is familiar with the HSR Act and its requirements. Since 2021, KKR was required to make more than 100 premerger filings under the HSR Act.

The department’s complaint alleges that over the course of two years — 2021 and 2022 — KKR failed to make complete and accurate premerger filings for at least 16 transactions. Specifically, KKR violated the HSR Act by:

• Altering documents in HSR filings for at least eight transactions. For example, in April 2021, a KKR partner instructed a deal team member to edit a portion of an Investment Committee report in advance of the HSR review process by circling the “Competitive Behavior” section of a diligence chart and writing “[need to revise for HSR purposes]” in the document. The KKR deal team member did not merely revise the language but deleted it entirely before submitting the altered document to the Antitrust Division.
• Failing to make any HSR filing for at least two transactions. KKR did not submit an HSR filing prior to consummating an acquisition valued at $6.9 billion. It also did not submit a filing prior to consummating an acquisition worth between $376 million and $919 million.
• Systematically omitting required documents in HSR filings for at least 10 transactions. KKR repeatedly certified that it had complied with the HSR Act but did not include required documents in those filings. In many cases, KKR only identified such documents in response to an Antitrust Division investigation.

The complaint cites internal documents that reveal a pervasive culture of noncompliance with the HSR Act at KKR. One KKR employee who omitted and altered multiple documents from an HSR Act filing described KKR’s approach to its premerger filing obligations: “I’ve always been told less is more 😊.” In response, a more senior executive replied, “I believe in less is more too….”

As alleged in the complaint, KKR’s conduct allowed it to repeatedly evade legally mandated scrutiny of its investment business and reap millions of dollars in revenues from closing transactions without proper prior review by the federal antitrust agencies. In some cases, KKR’s misconduct obscured the threat its deals posed to competition, including serial acquisitions affecting important markets. By preventing the federal antitrust agencies from effectively investigating the potential anticompetitive effects of KKR’s transactions, KKR imperiled competition and potentially harmed consumers across the nation.

The HSR Act authorizes civil penalties for violations of the Act at more than $50,000 per day per violation. As a result, the maximum penalty for KKR’s alleged violations exceeds $650 million. The complaint also seeks structural relief as well as other equitable relief, including compliance measures.

KKR is a global investment firm headquartered in New York. It is one of the world’s largest investment firms with over $500 billion in total assets under management.

Source: United States Department of Justice Criminal Division

Note: View the affidavit here.

The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of hackers sponsored by the People’s Republic of China (PRC), known to the private sector as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers.

According to court documents, the PRC government paid the Mustang Panda group to, among other computer intrusion services, develop this specific version of PlugX. Since at least 2014, Mustang Panda hackers then infiltrated thousands of computer systems in campaigns targeting U.S. victims, as well as European and Asian governments and businesses, and Chinese dissident groups. Despite previous cybersecurity reports, owners of computers still infected with PlugX are typically unaware of the infection. The court-authorized operation announced today remediated U.S.-based computers infected with Mustang Panda’s version of PlugX.    

“The Department of Justice prioritizes proactively disrupting cyber threats to protect U.S. victims from harm, even as we work to arrest and prosecute the perpetrators,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “This operation, like other recent technical operations against Chinese and Russian hacking groups like Volt Typhoon, Flax Typhoon, and APT28, has depended on strong partnerships to successfully counter malicious cyber activity. I commend partners in the French government and private sector for spearheading this international operation to defend global cybersecurity.”

“Leveraging our partnership with French law enforcement, the FBI acted to protect U.S. computers from further compromise by PRC state-sponsored hackers,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “Today’s announcement reaffirms the FBI’s dedication to protecting the American people by using its full range of legal authorities and technical expertise to counter nation-state cyber threats.”

“This wide-ranging hack and long-term infection of thousands of Windows-based computers, including many home computers in the United States, demonstrates the recklessness and aggressiveness of PRC state-sponsored hackers,” said U.S. Attorney Jacqueline Romero for the Eastern District of Pennsylvania. “Working alongside both international and private sector partners, the Department of Justice’s court-authorized operation to delete PlugX malware proves its commitment to a ‘whole-of-society’ approach to protecting U.S. cybersecurity.”

“The FBI worked to identify thousands of infected U.S. computers and delete the PRC malware on them. The scope of this technical operation demonstrates the FBI’s resolve to pursue PRC adversaries no matter where they victimize Americans,” said Special Agent in Charge Wayne Jacobs of the FBI Philadelphia Field Office.

The international operation was led by French law enforcement and Sekoia.io, a France-based private cybersecurity company, which had identified and reported on the capability to send commands to delete the PlugX version from infected devices. Working with these partners, the FBI tested the commands, confirmed their effectiveness, and determined that they did not otherwise impact the legitimate functions of, or collect content information from, infected computers. In August 2024, the Justice Department and FBI obtained the first of nine warrants in the Eastern District of Pennsylvania authorizing the deletion of PlugX from U.S.-based computers. The last of these warrants expired on Jan. 3, 2025, thereby concluding the U.S. portions of the operation. In total, this court-authorized operation deleted PlugX malware from approximately 4,258 U.S.-based computers and networks.

The FBI, through the victims’ internet service providers, is providing notice to U.S. owners of Windows-based computers affected by this court-authorized operation.

The FBI’s Philadelphia Field Office and Cyber Division, the U.S. Attorney’s Office for the Eastern District of Pennsylvania, and the National Security Cyber Section of Justice Department’s National Security Division led the domestic disruption operation. This operation would not have been successful without the valuable collaboration of to the Cyber Division of the Paris Prosecution Office, French Gendarmerie Cyber Unit C3N, and Sekoia.io.

The FBI continues to investigate Mustang Panda’s computer intrusion activity. If you believe you have a compromised computer or device, please visit the FBI’s Internet Crime Complaint Center (IC3). You may also contact your local FBI field office directly. The FBI strongly encourages the use of anti-virus software as well as the application of software security updates to help prevent reinfection.