Incidents

Anthony Clark2005-12-21 00:00:00 UTC

Mr. Clark pleaded guilty to a criminal information charging him with intentionally causing damage to a protected computer in violation of 18 U.S.C. §1030a5Ai, a5Bi, c4A and 2. The maximum statutory penalty for this offense is ten years imprisonment, a $250,000 fine or twice the gross gain or loss, and three years supervised release. However, any sentence following conviction would be imposed by the Court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553. United States District Judge James Ware has scheduled a status hearing regarding sentencing for April 3, 2006, at 1:30 p.m. In pleading guilty, Mr. Clark admitted as follows: From July through August 2003, Mr. Clark participated with several others in distributed denial of service "DDOS" attacks on the Internet against eBay, Inc. and other entities. A DDOS attack is one in which many compromised computers or "bots attack a single target, thereby causing a denial of service for legitimate users of the targeted system. Mr. Clark and his accomplices accumulated approximately 20,000 "bots" by using a worm program that took advantage of a computer vulnerability in the Windows Operating System - the "Remote Procedure Call for Distributed Component Object Model," or RPC-DCOM vulnerability. The "bots" were then directed to a password-protected Internet Relay Chat IRC server, where they connected, logged in, and waited for instructions. When instructed to do so by Mr. Clark and his accomplices, the "bots" launched DDOS attacks at computers or computer networks connected to the Internet. Mr. Clark personally commanded the "bots" to launch DDOS attacks on the nameserver for eBay.com. As a result of these commands, Mr. Clark intentionally impaired the infected computers and eBay.com. The prosecution is the result of an investigation by agents of the U.S. Secret Services Electronic Crimes Task Force, which was overseen by the U.S. Attorneys Offices Computer Hacking and Intellectual Property CHIP Unit. Christopher P. Sonderby, Chief of the CHIP Unit, is the Assistant U.S. Attorney prosecuting the case.

Chad Hatten2005-11-01 00:00:00 UTC

As part of his plea, Hatten admitted to being a member of the Shadowcrew criminal organization, an international criminal organization with numerous members that promoted and facilitated a wide variety of criminal activities including, among others, electronic theft of personal identifying information, credit card and debit card fraud, and the production and sale of false identification documents. As a member of the Shadowcrew criminal organization, Hatten used the Shadowcrew website to engage in credit card fraud and gift card vending i.e., purchasing gift cards from retail merchants at their physical stores using counterfeit credit cards and reselling such cards for a percentage of their actual value. In addition to possessing and using stolen credit card numbers to obtain things of value, Hatten was also charged with possessing equipment used to encode counterfeit credit cards with stolen numbers. Hattens guilty plea represents a continuing effort to prosecute individuals targeted during Operation Firewall, a year- long investigation undertaken by the U.S. Secret Service, working in cooperation with the U.S. Attorneys Office for the District of New Jersey; the Computer Crime and Intellectual Property Section of the Criminal Division of the Department of Justice; and other U.S. Attorneys offices and law enforcement agencies. The undercover investigation led to the arrests of 21 individuals in the United States on criminal complaints in October 2004. Additionally, several individuals were arrested in foreign countries in coordination with the domestic arrests.

Jeanson Ancheta2005-11-01 00:00:00 UTC

Accused of running a huge botnet and was the first person in US to be charged with such thing.

Daniel Cuthbert2005-10-07 00:00:00 UTC

IT security consultant donated £30 to Disasters Emergency Committee Tsunami appeal website, then checked site security. Defendant found guilty of unauthorised access "with deep regret", convicted and fined £400.

William Shea2005-09-08 00:00:00 UTC

According to the indictment and evidence introduced at trial, Mr. Shea placed malicious computer code on the network of the Bay Area Credit Services, Inc. in San Jose that caused the deletion and modification of financial records and disruption of the proper functioning of the computer network. More than 50,000 debtor accounts were ultimately affected by the operation of the code before it was stopped. Testimony at trial indicated that the loss to the company as a result of the defendant’s time bomb exceeded $100,000, though the exact amount has not yet been determined. Evidence presented at the six-day trial showed that Mr. Shea was hired around August 2001 as a programmer and manager of the company’s specialized financial software computer network. In this position, Mr. Shea had administrative level access to and familiarity with the company’s computer systems, including the database server. After Mr. Shea was advised of adverse employment issues near the end of 2002, he was placed on a performance improvement plan on January 6, 2003. The evidence showed that a “time bomb” was placed onto the company’s network around that time. When the defendant failed to show up at work without any prior notice on January 17, 2003, he was terminated. Company officials did not know at the time that he had placed malicious code on the computer network that was set to delete and modify data at the end of the month. After the code corrupted financial records, investigators and others traced the access and modification of the time bomb to the defendant. Each point of access was through one of the defendant’s accounts. The malicious code was written to delete the source code but officials eventually found a copy on a backup tape, which further confirmed Mr. Shea’s involvement. Evidence was also presented that Mr. Shea deleted computer records concerning his command history of access to the time bomb. The maximum statutory penalty resulting from the conviction is five years in prison, a maximum fine of $250,000 or twice the gross gain or loss whichever is greater; a three year term of supervised release; and $100 mandatory special assessment. However, any sentence following conviction would be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553. United States District Judge Ronald M. Whyte, who presided over the trial, set sentencing for November 21, 2005, at 9:00 a.m. in San Jose. The prosecution is the result of an investigation by the Federal Bureau of Investigation’s Cyber Crime Squad in Oakland. The investigation was overseen by the Computer Hacking and Intellectual Property CHIP Unit of the United States Attorney’s Office for the Northern District of California. Mark L. Krotoski is the Assistant U.S. Attorney from the CHIP Unit who is prosecuting the case. Further Information:

Unknown 2005-09-08 00:00:00 UTC

United States Attorney Michael J. Sullivan for the District of Massachusetts; United States Attorney H. E. Bud Cummins, III for the Eastern District of Arkansas; United States Attorney R. Alexander Acosta for the Southern District of Florida; Steven D. Ricciardi, Special Agent in Charge of the U.S. Secret Service in New England; Kenneth W. Kaiser, Special Agent in Charge of the Federal Bureau of Investigation in New England; William Sims, Special Agent in Charge of the Secret Service in Miami, Florida; and William C. Temple, Special Agent in Charge of the Federal Bureau of Investigation in Little Rock, Arkansas, announced today that in a sealed court proceeding a Massachusetts teenager pled guilty before U.S. District Judge Rya W. Zobel to an Information charging him with nine counts of Juvenile Delinquency. By statute, federal juvenile proceedings and the identity of juvenile defendants are underseal. The Court has authorized limited disclosure in this case at the request of the government and defendant. Judge Zobel also imposed a sentence today of 11 months’ detention in a juvenile facility, to be followed by 2 years of supervised release. During his periods of detention and supervised release, the Juvenile is also barred from possessing or using any computer, cell phone or other electronic equipment capable of accessing the Internet.

Mark Hopkins2005-09-01 00:00:00 UTC

MD and Website designer of NXGN hacked into competitor ME Publishings Motorcycle Trader website. Defendant pleaded Guilty. Five months sentence suspended for two years, 100 hours community service and £5,000 compensation order.

Farid Essebar2005-08-26 00:00:00 UTC

He was one of the two people along with Turkish Atilla Ekici behind the spread of the Zotob computer worm that targeted Windows 2000 operating systems in 2005. Among the affected were CNN, ABC News, New York Times, Caterpillar, United Parcel Service, Boeing and also United States Department of Homeland Security.

Atilla Ekici2005-08-26 00:00:00 UTC

A signature in the Zotob worm code suggested it was coded by Diabl0 and the IRC server it connects to is the same used in previous version of Mytob. Diabl0 is believed to have incorporated the code of a Russian nicknamed houseofdabus [11] whose journal has been shut down by authorities,[12] just after the arrest of Diabl0. The coder Ekici probably paid Diabl0 Essebar to write the code.

Achraf Bahloul2005-08-25 00:00:00 UTC

arrested for part in the zotob malware

Edward Davidson2005-06-05 00:00:00 UTC

violating the CAN SPAM Act. He pleaded guilty in U.S. District Court before Judge Marcia S. Krieger on December 3, 2007. On April 28, 2008, Davidson was sentenced by Krieger to serve 21 months in federal prison. Judge Krieger also ordered him to pay $714,139 in restitution to the Internal Revenue Service IRS. As part of the restitution, Davis agreed to forfeit property, including gold coins, which he purchased with the proceeds of his activities. At the time of sentencing Judge Krieger ordered Davidson to report to a facility designated by the Federal Bureau of Prisons on May 27, 2008. This case was investigated by the Federal Bureau of Investigation FBI Denver field office, and the IRS Criminal Investigation Division. Assistant U.S. Attorney Tim Neff prosecuted the case.

Jonathan Giannone2005-06-04 00:00:00 UTC

carding, selling stolen cards on deepweb markets

Unknown 2005-04-22 00:00:00 UTC

Alleged to have gained access to her webcam after infecting her PC with a trojan that the man sent in an infected email. Accused of taking pictures and attempting to black mail the victim who refused to comply and reported it to police.

Rafael Núñez-Aponte2005-04-02 00:00:00 UTC

Under the monicker "Rafa," Nuñez joined a hacker group known as World of Hell, which prided itself on highlighting weaknesses in the security of government and corporate computers, according to Nuñezs federal indictment. A site run by the Defense Information Systems Agency DISA for the U.S. Air Force was among the Web sites defaced by Rafa, the indictment stated.

John Matthews2005-04-01 00:00:00 UTC

setup hacking companies with 5 others

Unknown 2005-03-28 00:00:00 UTC

detained as apart of a investigation to criminal activity of of Medexpress company.

Unknown 2005-03-06 00:00:00 UTC

breached over 100,000 computers to launch a botnet.

Roman Meydbray2005-02-16 00:00:00 UTC

According to the indictment, Mr. Meydbray was employed by Creative Explosions from November 2001 to November 7, 2003, originally as Information Technology Manager and then as Network Manager. Creative Explosions is a software development company that produces and sells software programs that enable users to create high quality multimedia websites. The indictment alleges that less than two weeks after the company terminated his employment, Mr. Meydbray gained unauthorized access into Creative Explosions computer system to change passwords on email accounts, read email of its president, and intentionally and recklessly cause damage. The maximum statutory penalty for the counts of unlawful access to stored communications and causing reckless damage on a computer is five years in prison. The maximum penalty for intentionally causing damage to a computer is ten years in prison. Each offense also carries a maximum fine of $250,000 or twice the gross gain or loss whichever is greater; a three year term of supervised release; and $100 mandatory special assessment. An indictment simply contains allegations against an individual and, as with all defendants, Mr. Meydbray must be presumed innocent unless and until convicted. Mr. Meydbray is expected to make his initial appearance in February 2005 before a U.S. Magistrate Judge in San Jose, but a date has not been set yet.

Unknown 2005-01-15 00:00:00 UTC

Involved alleged "denial of service" attacks, which attempt to disrupt a computer network by flooding it with useless traffic.

Unknown 2005-01-01 00:00:00 UTC

Charged breaking into a computer system owned by a company that publishes computer magazines. Alleged to have changed polite recorded greetings to rude messages, added bomb threats and wiped advertisers orders. Customers linked into the system only to be told that Daffy Duck is not available!

Unknown 2005-01-01 00:00:00 UTC

Charged breaking into a computer system owned by a company that publishes computer magazines. Alleged to have changed polite recorded greetings to rude messages, added bomb threats and wiped advertisers orders. Customers linked into the system only to be told that Daffy Duck is not available!

Brett Johnson2005-01-01 00:00:00 UTC

While working as an informant to find illegal activities in cyber crime websites and then reveal them to the government, Johnson managed to put up two of his own illegal websites – CardersMarket and ScandinavianCarding.