Tag Archives: Crime & Justice

Dutch police say they’ve taken down Redline and Meta credential stealer malware

Posted on by

Today, Dutch National Police announced that it had gained access to the servers of Redline and Meta. Not to be confused with Facebook parent company Meta, Redline and Meta are a type of malware known as infostealers criminals can use to obtain the credentials of users and companies. Operation Magnus, a joint effort by Dutch National Police, the FBI, NCIS and several other law enforcement agencies, disrupted the illegal tools.

TechCrunch notes that Redline has been active since 2020, while the Operation Magnus website states that Meta is newer but “pretty much the same.” A 50-second video in English posted to the Operation Magnus website also lists some “VIPs” or people “very important to the police” that the authorities are looking for.

Redline is often cited as the malware responsible for the 2022 Uber hack. Specops, a password management company, found that Redline was used to steal almost half of the 170 million passwords from data gathered by KrakenLabs. Even gamers aren’t immune to Redline; McAfee found that a variant was hidden in fake game cheats.

The video showed the agencies accessing user credentials, IP addresses and Telegram bots criminals use to steal sensitive data. Additionally, authorities found the source code for both malware programs on the servers.

While there isn’t news of any arrests being made, the Operation Magnus website states that “involved parties will be notified, and legal actions are underway.” There’s also a countdown for almost 20 hours later, promising more news to come.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/dutch-police-say-theyve-taken-down-redline-and-meta-credential-stealer-malware-161531556.html?src=rss

UK man gets 18 years in prison for using AI to generate CSAM

Posted on by

A UK man who used AI to create child sexual abuse material (CSAM) has been sentenced to 18 years in prison, according to The Guardian. Hugh Nelson, 27, created the images by using photographs of real children, which were then manipulated by AI. Nelson was convicted of 16 child sexual abuse offenses back in August, after a lengthy police investigation. This was the first prosecution of its kind in the UK.

Nelson used modeling software called Daz 3D to manufacture the loathsome images. The program has a suite of AI tools, which he used to transform regular photos of children into CSAM. Greater Manchester police said that he sold these images online and was even commissioned in several cases to create specific items of CSAM via photographs of real kids. Police say that Nelson made around $6,500 by selling images online.

He was caught when trying to sell images to an undercover cop in a chatroom. “I’ve done beatings, smotherings, hangings, drownings, beheadings, necro, beast, the list goes on,” Nelson said to the cop to entice a sale. This is according to a transcript of a conversation provided by the prosecution.

It’s worth noting that Daz 3D doesn’t create deepfakes, in which one face is swapped onto another body. Nelson created actual 3D renders by feeding the photos to the AI algorithm.

At sentencing, the judge called the images “harrowing and sickening” and addressed Nelson specifically, saying “there seems to be no limit to the depths of depravity exhibited in the images that you were prepared to create and exhibit to others.” He also said that it was “impossible to know” if children had been abused as a result of the images. Police searches of Nelson’s devices did find a series of text messages in which he encouraged people to sexually abuse children under 13. These suspects and potential victims are allegedly located throughout the world, including the US.

The United States is, of course, not immune from this horrifying trend. A soldier was arrested back in August for allegedly using AI to generate CSAM. A Wisconsin man faces 70 years in prison for allegedly creating over 13,000 AI-generated images depicting CSAM. The world’s leading AI companies have signed a pledge to help stop this type of software from being used to generate child sexual abuse material.

This article originally appeared on Engadget at https://www.engadget.com/ai/uk-man-gets-18-years-in-prison-for-using-ai-to-generate-csam-154037476.html?src=rss

UK man gets 18 years in prison for using AI to generate CSAM

Posted on by

A UK man who used AI to create child sexual abuse material (CSAM) has been sentenced to 18 years in prison, according to The Guardian. Hugh Nelson, 27, created the images by using photographs of real children, which were then manipulated by AI. Nelson was convicted of 16 child sexual abuse offenses back in August, after a lengthy police investigation. This was the first prosecution of its kind in the UK.

Nelson used modeling software called Daz 3D to manufacture the loathsome images. The program has a suite of AI tools, which he used to transform regular photos of children into CSAM. Greater Manchester police said that he sold these images online and was even commissioned in several cases to create specific items of CSAM via photographs of real kids. Police say that Nelson made around $6,500 by selling images online.

He was caught when trying to sell images to an undercover cop in a chatroom. “I’ve done beatings, smotherings, hangings, drownings, beheadings, necro, beast, the list goes on,” Nelson said to the cop to entice a sale. This is according to a transcript of a conversation provided by the prosecution.

It’s worth noting that Daz 3D doesn’t create deepfakes, in which one face is swapped onto another body. Nelson created actual 3D renders by feeding the photos to the AI algorithm.

At sentencing, the judge called the images “harrowing and sickening” and addressed Nelson specifically, saying “there seems to be no limit to the depths of depravity exhibited in the images that you were prepared to create and exhibit to others.” He also said that it was “impossible to know” if children had been abused as a result of the images. Police searches of Nelson’s devices did find a series of text messages in which he encouraged people to sexually abuse children under 13. These suspects and potential victims are allegedly located throughout the world, including the US.

The United States is, of course, not immune from this horrifying trend. A soldier was arrested back in August for allegedly using AI to generate CSAM. A Wisconsin man faces 70 years in prison for allegedly creating over 13,000 AI-generated images depicting CSAM. The world’s leading AI companies have signed a pledge to help stop this type of software from being used to generate child sexual abuse material.

This article originally appeared on Engadget at https://www.engadget.com/ai/uk-man-gets-18-years-in-prison-for-using-ai-to-generate-csam-154037476.html?src=rss

The FBI arrested an Alabama man for allegedly helping hack the SEC’s X account

Posted on by

A 25-year-old Alabama man has been arrested by the FBI for his alleged role in the takeover of the Securities and Exchange Commission's X account earlier this year. The hack resulted in a rogue tweet that falsely claimed bitcoin ETFs had been approved by the regulator, which temporarily juiced bitcoin prices.

Now, the FBI has identified Eric Council Jr. as one of the people allegedly behind the exploit. Council was charged with conspiracy to commit aggravated identity theft and access device fraud, according to the Justice Department. While the SEC had previously confirmed that its X account was compromised via a SIM swap attack, the indictment offers new details about how it was allegedly carried out.

According to the indictment, Council worked with co-conspirators who he coordinated with over SMS and encrypted messaging apps. These unnamed individuals allegedly sent him the personal information of someone, identified only as “C.L,” who had access to the SEC X account. Council then printed a fake ID using the information and used it to buy a new SIM in their name, as well as a new iPhone, according to the DoJ. He then coordinated with the other individuals so they could access the SEC’s X account, change its settings and send the rogue tweet, the indictment says. 

The tweet from @SECGov, which came one day ahead of the SEC’s actual approval of 11 spot bitcoin ETFS, caused bitcoin prices to temporarily spike by more than $1,000. It also raised questions about why the high profile account wasn’t secured with multi-factor authentication at the time of the attack. “Today’s arrest demonstrates our commitment to holding bad actors accountable for undermining the integrity of the financial markets,” SEC Inspector General Jeffrey said in a statement.

The indictment further notes that Council allegedly performed some seemingly incriminating searches on his personal computer. Among his searchers were: "SECGOV hack," "telegram sim swap," "how can I know for sure if I am being investigated by the FBI," "What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them," "what are some signs that the FBl is after you,” “Verizon store list," "federal identity theft statute," and "how long does it take to delete telegram account," the indictment says.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/the-fbi-arrested-an-alabama-man-for-allegedly-helping-hack-the-secs-x-account-193508179.html?src=rss

Two Sudanese brothers accused of launching a dangerous series of DDoS attacks

Posted on by

Newly unsealed grand jury documents revealed that two Sudanese nationals allegedly attempted to launch thousands of distributed denial of services (DDoS) attacks on systems across the world. The documents allege that these hacks aimed to cause serious financial and technical harm to government entities and companies and even physical harm in some cases.

The US Department of Justice (DoJ) unsealed charges against Ahmed Salah Yousif Omer and Alaa Salah Yusuuf Omer that resulted in federal grand jury indictments. The two are allegedly connected to more than 35,000 DDoS attacks against hundreds of organizations, websites and networks as part of a “hacktivism” scheme as part of the cybercrime group Anonymous Sudan and a for-profit cyberattack service.

Even though Anonymous Sudan claimed to be an activist group, the pair also held some companies and entity’s systems for ransom for rates as high as $1,700 per month.

Both face indictments for their role in the coordinated cyberattacks including one count each of conspiracy to damage protected computers. Ahmed also faces three additional counts of damaging protected computers and could receive a statutory maximum sentence of life in federal prison, according to court records filed last June in the US Central District Court of California.

The brothers’ activities date back to early 2023. The two used a distributed cloud attack tool (DCAT) referred to as “Skynet Botnet” in order to “conduct destructive DDoS attacks and publicly claim credit for them,” according to a DoJ statement. Ahmed posted a message on Anonymous Sudan’s Telegram channel, “The United States must be prepared, it will be a very big attack, like what we did in Israel, we will do in the United States ‘soon.’”

One of the indictments listed 145 “overt acts” on organizations and entities in the US, the European Union, Israel, Sudan and the United Arab Emirates (UAE). The Skynet Botnet attacks attempted to disrupt services and networks in airports, software networks and companies including Cloudflare, X, Paypal and Microsoft that caused outages for Outlook and OneDrive in June of last year. The attacks also targeted state and federal government agencies and websites including the Federal Bureau of Investigation (FBI), the Pentagon and the DoJ and even hospitals including one major attack on Cedars-Sinai Hospital in Los Angeles causing a slowdown of health care services as patients were diverted to other hospitals. The hospital attack led to the hacking charges against Ahmed that carry potential life sentences.

“3 hours+ and still holding,” Ahmed posted on Telegram in February, “they're trying desperately to fix it but to no avail Bomb our hospitals in Gaza, we shut down yours too, eye for eye...”

FBI special agents gathered evidence of the pair’s illegal activities including logs showing that they sold access to Skynet Botnet to more than 100 customers to carry out attacks against various victims who worked with investigators including Cloudflare, Crowdstrike, Digital Ocean, Google, PayPal and others.

Several Amazon Web Services (AWS) clients were among Anonymous Sudan’s victims as part of the hacking-for-hire scheme, according to court records and an AWS statement. AWS security teams worked with FBI cybercrime investigators to track the attacks back to “an array of cloud-based servers," many of which were based in the US. The discovery helped the FBI determine that the Skynet Botnet attacks were coming from a DCAT instead of a botnet that forwarded the DDoS to its victims through cloud-based servers and open proxy resolvers.

Perhaps the group’s most brazen and dangerous attack took place in April of 2023 that targeted Israel’s rocket alert system called Red Alert. The mobile app provides real time updates for missile attacks and security threats. The DDoS attacks attempted to infiltrate some of Red Alert’s Internet domains. Ahmed claimed responsibility for the Red Alert attacks on Telegram along with similar DDoS strikes on Israeli utilities and the Jerusalem Post news website.

“This group’s attacks were callous and brazen — the defendants went so far as to attack hospitals providing emergency and urgent care to patients,” US Attorney Martin Estrada said in a released statement. “My office is committed to safeguarding our nation’s infrastructure and the people who use it, and we will hold cyber criminals accountable for the grave harm they cause.”

Update, October 16, 7:25PM ET: This article was modified after publish to make clear that AWS clients, rather than AWS, were the target of Anonymous Sudan.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/two-sudanese-brothers-accused-of-launching-a-dangerous-series-of-ddos-attacks-215638291.html?src=rss

FTX advisor and Alameda CEO Caroline Ellison gets two years in prison

Posted on by

A US district court judge sentenced Caroline Ellison, the former advisor and ex-girlfriend to the convicted crypto fraudster and FTX founder Sam Bankman-Fried, to two years in prison.

The New York Times reported Ellison’s sentence for her role in the $8 billion in fraud committed by the FTX crypto exchange that sent Bankman-Fried to federal prison for 25 years back in March. Ellison will also have to serve three years of supervised release once she’s finished her prison sentence.

Ellison pled guilty at the end of 2022 to seven counts of fraud just as Bankman-Fried was being extradited to the US from the Bahamas. US Securities and Exchange Commission (SEC) Director of Enforcement Sanjay Wadhwa said following Ellison’s plea that she and Wang “were active participants in a scheme to conceal material information from FTX investors.”

Ellison was also the former chief executive officer of FTX’s sister company Alameda Research. Prosecutors said she diverted FTX customers’ funds onto Alameda’s books to hide risks from their clients. Ellison testified against Bankman-Fried, making her a key witness in his criminal fraud trial.

Prosecutors also got Bankman-Friend’s house arrest and bail revoked when a judge determined the FTX founder tried to hinder Ellison’s testimony last year. Bankman-Fried tried to message FTX’s general counsel on Signal and email in 2023 to influence Ellison’s testimony who was only identified as “Witness-1.”

Nine months later, Bankman-Fried showed a New York Times reporter personal writings from Ellison that prosecutors said were an attempt to damage her reputation especially amongst prospective jurors. The judge agreed both instances merited Bankman-Fried’s arrest and jailing while he awaited trial. Bankman-Fried is currently serving his 25-year sentence in a federal prison in Brooklyn awaiting appeal for his conviction.

Ellison issued a statement before her sentence apologizing for her crimes to the people she and her former firm defrauded. Prosecutors did not issue a recommended sentence and characterized her cooperation with investigators as “exemplary” in a memo to the judge.

“Not a day goes by that I don’t think of the people I hurt,” Ellison said in court. “I am deeply ashamed of what I have done.”

This article originally appeared on Engadget at https://www.engadget.com/big-tech/ftx-advisor-and-alameda-ceo-caroline-ellison-gets-two-years-in-prison-214828333.html?src=rss

FTX advisor and Alameda CEO Caroline Ellison gets two years in prison

Posted on by

A US district court judge sentenced Caroline Ellison, the former advisor and ex-girlfriend to the convicted crypto fraudster and FTX founder Sam Bankman-Fried, to two years in prison.

The New York Times reported Ellison’s sentence for her role in the $8 billion in fraud committed by the FTX crypto exchange that sent Bankman-Fried to federal prison for 25 years back in March. Ellison will also have to serve three years of supervised release once she’s finished her prison sentence.

Ellison pled guilty at the end of 2022 to seven counts of fraud just as Bankman-Fried was being extradited to the US from the Bahamas. US Securities and Exchange Commission (SEC) Director of Enforcement Sanjay Wadhwa said following Ellison’s plea that she and Wang “were active participants in a scheme to conceal material information from FTX investors.”

Ellison was also the former chief executive officer of FTX’s sister company Alameda Research. Prosecutors said she diverted FTX customers’ funds onto Alameda’s books to hide risks from their clients. Ellison testified against Bankman-Fried, making her a key witness in his criminal fraud trial.

Prosecutors also got Bankman-Friend’s house arrest and bail revoked when a judge determined the FTX founder tried to hinder Ellison’s testimony last year. Bankman-Fried tried to message FTX’s general counsel on Signal and email in 2023 to influence Ellison’s testimony who was only identified as “Witness-1.”

Nine months later, Bankman-Fried showed a New York Times reporter personal writings from Ellison that prosecutors said were an attempt to damage her reputation especially amongst prospective jurors. The judge agreed both instances merited Bankman-Fried’s arrest and jailing while he awaited trial. Bankman-Fried is currently serving his 25-year sentence in a federal prison in Brooklyn awaiting appeal for his conviction.

Ellison issued a statement before her sentence apologizing for her crimes to the people she and her former firm defrauded. Prosecutors did not issue a recommended sentence and characterized her cooperation with investigators as “exemplary” in a memo to the judge.

“Not a day goes by that I don’t think of the people I hurt,” Ellison said in court. “I am deeply ashamed of what I have done.”

This article originally appeared on Engadget at https://www.engadget.com/big-tech/ftx-advisor-and-alameda-ceo-caroline-ellison-gets-two-years-in-prison-214828333.html?src=rss

Former MoviePass CEO reportedly pleads guilty to securities fraud

Posted on by

Mitch Lowe, one of two MoviePass leaders indicted by the Justice Department in 2022, has pleaded guilty to securities fraud charges. The former CEO admitted to conspiring to deceive the public and investors about the service’s sustainability. Variety reports that the details of Lowe’s plea agreement haven’t been made public.

Prosecutors claim Lowe knew from the start that the company’s $9.95 “unlimited” plan was a short-term gimmick to attract subscribers and inflate stock. He’s also accused of making false statements in press releases, interviews and SEC filings about MoviePass’ long-term viability.

Those statements included allegedly lying about the company’s ability to become profitable on subscription fees alone and having tech that could generate revenue from customer data. He also claimed MoviePass was profiting from multiple revenue streams despite not having any income beyond subscriptions.

Prosecutors also accused Lowe and Ted Farnsworth, former CEO of MoviePass’ parent company Helios and Matheson, of preventing subscribers from getting what was promised from the “unlimited” subscription. The company settled with the FTC in 2021 over allegations that it intentionally invalidated subscriber passwords to freeze their accounts, blocking their ability to get the movie tickets the service promised. MoviePass and its parent company declared bankruptcy in 2020.

Although no sentencing date has been set, Lowe is free on bond and has a status conference court date scheduled in Miami for March 2025. The 72-year-old former executive faces a maximum of five years in federal prison.

“Mitch is a good man who is looking to move forward with his life,” Lowe’s attorneys, Margot Moss and David Oscar Markus, said in a statement to Variety. “He has accepted responsibility for his actions in this case and will continue to try to make things right.”

Meanwhile, Farnsworth is still in custody. He was initially freed on a $1 million bond that was revoked in August 2023 after the feds accused him of misusing nearly $300,000 in company funds. Farnsworth's former boyfriend, who he met on an escort site, was paid $147,000, and received a Cadillac worth $144,000; after the pair split up, the feds say he falsely accused his ex of stealing the vehicle.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/former-moviepass-ceo-reportedly-pleads-guilty-to-securities-fraud-201131284.html?src=rss

Telegram will allow users to report illegal content in private chats

Posted on by

Telegram has quietly edited its FAQs to remove language stating that it doesn't moderate private and group chats, as reported by CoinDesk. A section with the heading "There's illegal content on Telegram. How do I take it down?" previously stated that content in chats and group chats remains between participants. Now, though, the section says that "all Telegram apps have 'Report' buttons" that will give a way for users to flag illegal content for the app's moderators. Users only have to tap the message on Android, or press and hold it on iOS, and choose the Report option. They can also take note of links to the content they want to report and send an email to the service's takedown email address (abuse@telegram.org). 

The change comes after Telegram chief Pavel Durov published his first public comment following his arrest on his channel. Durov was arrested at an airport in France in late August as part of authorities' investigation into the lack of moderation on the app and its failure to curb criminal activities. He was already released from custody, but he was charged with "complicity in distributing child pornography, illegal drugs and hacking software" on the messaging app, as well as "refusing to cooperate with investigations into illegal activity on the Telegram."

French authorities apparently told Durov that he was arrested because they didn't receive any responses from Telegram about their investigation. That was surprising, the app's founder explained in his post, because Telegram has an official representative in the EU and an email address publicly available for anyone. He also said that French authorities had numerous ways to reach him for assistance and that he even previously helped them establish a Telegram hotline to address threats of terrorism in the country. In addition, he called the French authorities' decision to "charge a CEO with crimes committed by third parties on the platform" they manage a "misguided approach." No innovators will build ever new tools, he said, he they can be held responsible for the potential abuse of those tools. 

Durov also talked about how Telegram defends the basic rights of people, especially in places they're violated. In Russia, for instance, Telegram got banned when the service refused to hand over encryption keys that will allow authorities to spy on users. He said the service takes down "millions of harmful posts and channels every day," publishes transparency reports and maintains direct hotlines with NGOs for urgent moderation requests. 

The CEO admits, however, that Telegram has room for improvement. Its "abrupt increase in user count" to 950 million "caused growing pains" that made it easier for criminals to abuse its platform. Telegram aims to "significantly improve things in this regard" and has already started the process internally. Presumably, this change in its rules is part of the messaging service's efforts to address authorities' accusations that it has failed to prevent criminals from using its app. To note, service reported earlier this year that it has 41 million users in the European Union, but officials believe it lied about its user numbers to avoid being regulated under the Digital Services Act (DSA). 

This article originally appeared on Engadget at https://www.engadget.com/apps/telegram-will-allow-users-report-illegal-content-in-private-chats-130053441.html?src=rss

Telegram CEO Pavel Durov has been charged and released from police custody

Posted on by

Telegram CEO Pavel Durov has been formally charged by French prosecutors and is barred from leaving the country amid their investigation into the Russian billionaire. Durov was officially charged Wednesday with “complicity in distributing child pornography, illegal drugs and hacking software” on the messaging app he founded, as well as “refusing to cooperate with investigations into illegal activity on the Telegram,” The Wall Street Journal reported.

Durov, who was arrested outside of Paris on Saturday, was released from police custody after paying €5 million in bail. He is required to stay in France “under court monitoring” and check in at a police station twice a week while the investigation plays out. That could take months or possibly years, as The WSJ points out.

That means Durov, who is known for frequently moving around and working from other countries, will be stuck in France for the foreseeable future unless the charges against him are dropped. In an earlier statement, Telegram called the charges against its founder “absurd” and said that he should not be responsible for the actions of his app’s users.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/telegram-ceo-pavel-durov-has-been-charged-and-released-from-police-custody-214333241.html?src=rss