Tag Archive for: Prison

US Hacker Handed Three-Year Prison Sentence for Looting $12,000,000+ in Crypto From Two Decentralized Exchanges

/in


A US hacker convicted of plundering more than $12 million worth of crypto assets from two decentralized exchanges (DEXs) was sentenced to three years in prison.

In July 2022, Shakeeb Ahmed, a security engineer, used fake pricing data to generate approximately $9 million worth of inflated fees on an unnamed DEX, according to the U.S. Department of Justice.

Ahmed then withdrew those fees in the form of crypto, but he agreed to return all of the stolen funds except for $1.5 million if the exchange agreed not to report the attack to law enforcement.

Later that month, the hacker also hit a DEX called Nirvana Finance, exploiting the project’s smart contracts to offer lower-priced crypto purchases. After purchasing the artificially devalued crypto, Ahmed immediately resold the digital assets at a higher price to the DEX. He managed to loot $3.6 million worth of crypto via the exploit, draining Nirvana’s coffers and causing the DEX to shut down.

The hacker pled guilty to computer fraud and will serve three years of supervised release in addition to his three-year sentence. He was also ordered to forfeit approximately $12.3 million and a “significant quantity” of cryptocurrency, as well as $5 million worth of restitution to the two DEXs.

Damian Williams, the US Attorney for the Southern District of New York, says Ahmed’s prosecution represents the first-ever conviction for the hack of a smart contract.

“No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice.  And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”  

Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox

Check Price Action

Follow us on Twitter, Facebook and Telegram

Surf The Daily Hodl Mix

&nbsp

Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your…

Source…

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

/in


Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Pierluigi Paganini
February 17, 2024

A Ukrainian national pleaded guilty to his role in the Zeus and IcedID operations, which caused tens of millions of dollars in losses.

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations.

“Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for over two weeks,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division. “Before his arrest and extradition to the United States, the defendant was a fugitive on the FBI’s most wanted list for nearly a decade. Today’s guilty pleas should serve as a clear warning: the Justice Department will never stop in its pursuit of cybercriminals.”

On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group.

The man was extradited to the United States in 2023, he was included in the FBI’s “Most Wanted” list and has been sought for 10 years.

Zeus Penchukov FBI wanted

In 2012, the Ukrainian national Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew. JabberZeus was a small cybercriminal ring that was targeting SMBs with a custom-made version of the Zeus banking trojan. At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised.

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Warner explained that Tank was identified by searching Ukrainian…

Source…

Ex-CIA computer engineer gets 40 years in prison for giving spy agency hacking secrets to WikiLeaks

/in


NEW YORK — A former CIA software engineer was sentenced to 40 years in prison on Thursday after his convictions for what the government described as the biggest theft of classified information in CIA history and for possession of child sexual abuse images and videos.

The bulk of the sentence imposed on Joshua Schulte, 35, in Manhattan federal court came for an embarrassing public release of a trove of CIA secrets by WikiLeaks in 2017. He has been jailed since 2018.

“We will likely never know the full extent of the damage, but I have no doubt it was massive,” Judge Jesse M. Furman said as he announced the sentence.

The so-called Vault 7 leak revealed how the CIA hacked Apple and Android smartphones in overseas spying operations, and efforts to turn internet-connected televisions into listening devices. Prior to his arrest, Schulte had helped create the hacking tools as a coder at the agency’s headquarters in Langley, Virginia.

In requesting a life sentence, Assistant U.S. Attorney David William Denton Jr. said Schulte was responsible for “the most damaging disclosures of classified information in American history.”

Given a chance to speak, Schulte complained mostly about harsh conditions at the Metropolitan Detention Center in Brooklyn, calling his cell, “My torture cage.”

But he also claimed that prosecutors had once offered him a plea deal that would have called for a 10-year prison sentence and that it was unfair of them to now seek a life term. He said he objected to the deal because he would have been required to relinquish his right to appeal.

“This is not justice the government seeks, but vengeance,” Schulte said.

Immediately afterward, the judge criticized some of Schulte’s half-hour of remarks, saying he was “blown away” by Schulte’s “complete lack or remorse and acceptance of responsibility.”

The judge said Schulte was “not driven by any sense of altruism,” but instead was “motivated by anger, spite and perceived grievance” against others at the agency who he believed had ignored his complaints about the work environment.

Furman said Schulte continued his crimes from behind bars by trying to leak more classified materials and by creating a hidden…

Source…

US prison allegedly hit by ransomware attack

/in


In what might be considered the first ransomware attack of its kind, the Play ransom gang claims to have successfully hit a maximum-security detention center in the Northeast state of Rhode Island.

The Donald W. Wyatt Detention Facility, located in the City of Central Falls, Rhode Island was listed on the threat actors dark leak site Tuesday evening.

The maximum-security facility at capacity houses over 700 adult males and 40 adult female detainees, according to Central Falls.

Detainees include those in custody by the US Marshals Service, the Federal Bureau of Prisons, the United States Navy, as well as those from the nearby Native American Mashantucket Pequot Reservation.

The threat group claims to have exfiltrated “Private and personal confidential data, clients documents, agreements, budget, HR, IDs, tax, finance information and etc.”

Play ransom Wyatt Detention
Play leak site

Play did not reveal the amount of stolen data it may have acquired from the Facility, instead cryptically posting three question marks “???” followed by a gigabyte symbol in the listing.

The gang also claims it will publish whatever data it has by a November 19th deadline.

Unlike a federal prison, the state detention center holds prisoners who have not yet been arraigned, have been denied bail, or are awaiting trial.

The private Facility is also governed by a board of directors appointed by the Central Falls Mayor, making it a quasi-public corporation.

Besides security systems and operations at the detention facility, files on inmates, especially those that may be found innocent, could supply the hackers with a treasure trove of information that could potentially be used to blackmail detainees in the future.

Additionally, for those inmates awaiting trial, sensitive documents could be used to sway legal proceedings and spur dozens of lawsuits against the Facility for failing to keep personal data secured.

Deemed part of the American Correctional Association (ACA), the Facility takes in prisoners from various jurisdictions, including the surrounding states of Connecticut, Massachusetts, New Hampshire, Maine, and Vermont.

Cybernews has reached out to the The Donald W. Wyatt Detention Facility, as well as…

Source…