Dutch man charged with allegedly stealing Wash. credit cards

June 12, 2012

Associated Press on June 11, 2012 released the following:

“By MANUEL VALDES
Associated Press

SEATTLE (AP) — In an investigation that spanned from a Seattle restaurant to Romania, a 21-year-old Dutch national pleaded not guilty Monday to federal computer hacking charges that include the theft of at least 44,000 credit card numbers.

Federal prosecutors said David Benjamin Schrooten is a prominent figure known as “Fortezza” in the international hacking community who sold stolen credit card numbers in bulk through websites.

The 44,000 credit card numbers included in these charges come from just one sale, authorities said.

Schrooten was arrested in Romania and arrived in Seattle on Saturday. He has been charged with 14 crimes, ranging from access device fraud to identity theft, authorities said.

“People think that cyber criminals cannot be found or apprehended. Today we know that’s not true. You cannot hide in cyberspace,” said U.S. Attorney Jenny A. Durkan at a news conference. “We will find you. We will charge you. We will extradite you and we will prosecute you.”

A message left with Schrooten’s listed attorney was not immediately returned.

Seattle and federal authorities credited a local Italian restaurant owner for sparking the investigation.

Corino Bonjrada said he became alarmed after several complaints from customers of suspicious charges after dining at Modello Risorante Italiano.

Customers suspected his workers had taken their credit card information and used it, but Bonjrada found no evidence of that. He then called computer experts and eventually the police, he said.

That led police to Christopher A. Schroebel, 21, of Maryland, who they say planted spying malware in the sales systems of two Seattle businesses, two of dozens of businesses targeted. Schroebel had collected at least 4,800 credit card numbers in 2011.

“Some of my customers were saying they didn’t know if they wanted to come back,” Bonjrada said. “They were afraid.”

Schroebel was arrested in November 2011 and pleaded guilty last month to federal charges that included bank fraud. He is set to be sentenced in August.

Investigators said Schrooten worked with Schroebel in creating websites to sell the credit card numbers.

Bonjrada said some customers were charged within “10 minutes” of using their credit card at his restaurants in the amounts of $70 or $80.

Authorities said the investigation into the ring run by Schrooten is continuing.

Schrooten is scheduled back in court Aug. 20.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing

————————————————————–

To find additional federal criminal news, please read Federal Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition Defense, OFAC SDN Sanctions Removal, International Criminal Court Defense, and US Seizure of Non-Resident, Foreign-Owned Assets. Because we have experience dealing with INTERPOL, our firm understands the inter-relationship that INTERPOL’s “Red Notice” brings to this equation.

The author of this blog is Douglas C. McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.


FBI’s ‘Sabu’ Hacker Was a Model Informant

March 9, 2012

The Wall Street Journal on March 8, 2012 released the following:

“By CHAD BRAY

As soon as he was caught, an influential computer hacker agreed to become a government informant and “literally worked around the clock” to help federal agents nab an elusive collective of alleged cyber criminals who have launched online attacks against companies, governments and individuals.

The new details, revealed in court documents made public on Thursday, show how quickly investigators were able to turn 28-year-old Hector Xavier Monsegur against his fellow alleged hackers.

Known as “Sabu” in hacking circles, he was placed under supervision by Federal Bureau of Investigation agents shortly after he was arrested at 10:15 p.m. on June 7 last year. His file was sealed by a judge.

“Since literally the day he was arrested, the defendant has been cooperating with the government proactively,” sometimes staying up all night engaging in conversations with co-conspirators to help the government build cases against them, Assistant U.S. Attorney James Pastore said at a secret bail hearing on Aug. 5, 2011, according to a transcript released on Thursday.

The investigation led to the unveiling of criminal charges on Tuesday against a group of men allegedly behind Lulz Security, or LulzSec. The group, formed last May, claimed responsibility for a series of brazen online attacks including hacking computer servers of television network PBS in retaliation for a “Frontline” episode about WikiLeaks, and stealing personal information from about 100,000 customers of hacked Sony Pictures.

In addition to the Sony and PBS attacks, LulzSec has claimed responsibility for attacks on the U.S. Senate and InfraGard, an affiliate of the Atlanta chapter of the FBI. Those attacks were all cited in Tuesday’s charging documents.

Mr. Monsegur, a few days after his bail hearing in August, pleaded guilty to 12 criminal charges, including three counts of conspiracy to engage in computer hacking, computer hacking in furtherance of fraud, conspiracy to commit access device fraud, conspiracy to commit bank fraud and aggravated identity theft. He faces up to 124 years in prison. A lawyer for Mr. Monsegur declined to comment Thursday.

On Aug. 10, 2011, a federal prosecutor in Los Angeles who was working on the case asked that details for charges against Mr. Monsegur in Los Angeles remain secret. In a document, Assistant U.S. Attorney Stephanie S. Christensen said other hackers were aware of Mr. Monsegur’s true identity, even though he often used a nickname or online personality while communicating with them. She said if news of his arrest were made public, he might be identified as a cooperator. She noted that the hackers monitored public court dockets.

“The FBI has informed me that the hackers are known to take steps against those who cooperate with the government,” Ms. Christensen said. She pointed to a practice known as “Doxing” where hackers post personal details about a person for public consumption online. “The publicly available information may then be used to harass the cooperator and the cooperator’s family in a variety of ways,” she said. “This obviously creates danger for the cooperator, the cooperator’s family, and law enforcement.”

Prosecutors, who said Mr. Monsegur was kept under close surveillance during the investigation—with software installed on his computer to track his online activity and video surveillance set up in his home—also said that Mr. Monsegur agreed to cooperate at “a significant amount of personal risk” to himself. Mr. Monsegur, who was unemployed at the time, is a foster parent to two nieces.

Some hackers retaliate against cooperators by ordering hundreds of pizzas to their house or calling in hostage situations and having a SWAT team show up, Mr. Pastore said.

During the investigation, Mr. Monsegur, who lived in and worked from a public-housing project in New York City, received information on a day-to-day basis of “upwards of two dozen vulnerabilities” in computer systems from a network of cybercriminals, Mr. Pastore said in court documents released Thursday. The FBI was able to identify more than 150 security vulnerabilities at the time, allowing companies to prevent a hack before it occurred or mitigate harm from prior hacking activity, he said.

Ultimately, federal agents were able to thwart more than 300 attacks that other hackers were planning as a result of information provided by Mr. Monsegur, according to a person familiar with the matter.

LulzSec is one of several shadowy hacker groups that have sprung to global prominence over the past year and are loosely organized, often with no central leadership. Mr. Monsegur is described in charging documents as an “influential” member of three such hacking organizations—LulzSec and two others known as Anonymous and Internet Feds. Charges against a total of six men were announced on Tuesday, after which Mr. Monsegur’s identity was revealed.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing

————————————————————–

To find additional federal criminal news, please read Federal Crimes Watch Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.