The incident was the largest known data breach of names and email addresses on record.
Indictments in the case accuse two Vietnamese nationals of hacking into at least eight major email services from February 2009 to June 2012 and stealing the email addresses that were then used for various spam and marketing schemes.
The scheme netted at least $US2 million from the marketing of various products and services, according to the US Justice Department.
The charges were unsealed following the arrest of David-Manuel Santos Da Silva, 33, of Montreal in Canada, who is accused of conspiracy to commit money laundering for helping Nguyen and Vu to generate revenue from the scheme and launder the proceeds.
“These men – operating from Vietnam, the Netherlands and Canada – are accused of carrying out the largest data breach of names and email addresses in the history of the Internet,” assistant attorney general Leslie Caldwell said.
The indictment against the two Vietnamese nationals was returned in 2012 charging them with wire fraud, conspiracy and computer fraud.
Vu was arrested in 2012 in the Netherlands and extradited to the United States in March 2014.
Last month, he pleaded guilty to conspiracy to commit computer fraud and is to be sentenced on April 21.
Nguyen remains a fugitive.
Da Silva was arrested last month at Fort Lauderdale International Airport.
Authorities unnerved by scope of the fraud
Acting US attorney John Horn in Atlanta said the case reflected the cutting-edge problems posed by today’s cybercrime cases, where the hackers did not target just a single company; they infiltrated most of the country’s email distribution firms.
“And the scope of the intrusion is unnerving, in that the hackers didn’t stop after stealing the companies’ proprietary data – they then hijacked the companies’ own distribution platforms to send out bulk emails and reaped the profits from email traffic directed to specific websites,” he said.
Officials said it was the subject of a 2011 congressional inquiry.
According to investigators, Da Silva owned 21 Celsius Inc., a Canadian corporation that ran Marketbay.com, which he used to help generate revenue from the data thefts.
Nguyen received a commission on sales generated from internet traffic that he directed to websites promoting specific products, officials said.
The scheme sent millions of spam emails to the victims, some of them containing malware that allowed hackers to access their personal information.
RELATED! CIA to Boost Cyber Capability
The CIA plans to radically overhaul operations, ramping up its capability to deal with cyber threats while boosting integration between departments via a network of new units, the agency says.
Central Intelligence Agency director John Brennan outlined the proposed changes to the agency in a message to staff on Friday described as a “Blueprint for the Future” covering four key areas.
Mr Brennan said the US espionage agency would set up a new “Directorate of Digital Innovation” to reflect the rapidly evolving cyber landscape :: Read the full article »»»»
RELATED! NSA Wreaks Havoc! Hacking Report Highlights
In a pickle once again, the US National Security Agency – NSA – has apparently hacked into communications links used by the planets largest techs, Google and Yahoo. According to documents leaked by former NSA contractor Edward Snowden the tech-behemoths security was breached in transit between data-centres.
It seems the more this pot gets stirred, the more sludge surfaces, weak restrictions on the NSA’s overseas activities are apparently used to exploit major US companies’ data to a much greater extent than previously thought, The Washington Post reported. It however remains unclear how the NSA accessed the links.
Like other major tech-behemoths, Yahoo and Google constantly send data over shared and exclusive international fibre-optic telecommunication lines. The newly disclosed NSA program, operated with the UK’s spy agency GCHQ – Government Communications Headquarters – jointly amassing 181 MILLION individual records, in just one 30-day splurge, according to the Post.
The head of the NSA, General Keith Alexander, said: “To my knowledge, this never happened.” WinkWink Nudge Nudge :: Read the full article »»»»
RELATED! LulzSec Leader Arrested In Australia
The self-proclaimed leader of international hacking group Lulz Security has been arrested by AFP – Australian Federal Police – on the New South Wales central coast. The AFP says the 24-year-old man was arrested in the Gosford suburb of Point Clare yesterday.
He has been charged with two counts of unauthorised modification of data to cause impairment and one count of unauthorised access to a restricted computer system. The AFP says he claims to be in charge of Lulz Security, or LulzSec, which has previously claimed responsibility for high-profile hacking attacks, includinga DDS attack that took the CIA website offline, and a hack which caused some serious headaches for Sony Corp.
AFP is alleging that the 24 year old IT worker hacked an Australian Government website site last month, the man has been bailed to appear in court later this year.
In June last year the hack-group allegedly broke into Australian Government departments, universities and schools. Some of the targets included AusAid, Victorian Government departments and local councils in Victoria and New South Wales. The group bragged over the Aussie hack, saying in a Twitter post, “Releasing 62,000 possible account combinations is the loot for creative minds to scour; think of it like digging a very unique mineshaft.” At the time LulzSec claimed more than 5,000 people had downloaded the leaked files.
Passwords for email accounts within eight Australian universities were leaked, along with the log-ins for two high schools in Queensland and Melbourne. The 24-year-old man is the first alleged member of the group to be charged by the AFP UPDATED :: Read the full article »»»»
RELATED! Ebay Helps Snare Welfare Cheats
Data from online trading site eBay.com.au has helped Australia’s Government welfare agency, Centrelink, catch out social security recipients who are not declaring big profits from internet sales. Centrelink has cleverly compared its payment records with the activity of nearly 20,000 people who are running profitable eBay businesses.
The government agency identified 25 people who must repay close to $AU900,000 in welfare payments they weren’t entitled to. Centrelink general manager Hank Jongen said some matters had been referred to the director of public prosecutions, but no charges have yet been laid.
Welfare fraud costs Australia more than $AU600 million a year, the Australian Institute of Criminolgy –AIC – says welfare fraud is difficult to measure because it falls outside the two main crime measures of incidents reported to police and victim experience surveys. The AIC says the UK department responsible for social welfare estimated in 2009 that more than two percent of all benefit expenditures, or £3 billion a year, was fraudulently claimed :: Read the full article »»»»