NewzIntel.com

Category: Business

  • MIL-OSI Security: Charlotte Man Sentenced to Prison for His Role in Multimillion-Dollar Bank Fraud Scheme

    Source: US FBI

    CHARLOTTE, N.C. – A Charlotte man was sentenced to prison today for his role in a multi-million dollar bank fraud scheme, announced Russ Ferguson, U.S. Attorney for the Western District of North Carolina. Bruce Howard Marko, 66, was sentenced to 12 months and a day in prison followed by two years of supervised release, and was ordered to pay restitution in the amount of $1.5 million. Marko pleaded guilty to conspiracy to commit wire fraud and bank fraud.

    Marko’s three co-defendants, Kotto Yaphet Paul, 50, of Waxhaw, N.C., Latoya Tamieka Ford, 50, of Covington, Georgia, and Love Norman, 50, of West Palm Beach, Florida, have each pleaded guilty to wire fraud and bank fraud conspiracy and are awaiting sentencing. Paul also pleaded guilty to money laundering.

    According to filed court documents and today’s sentencing hearing, beginning in 2018, Marko conspired with Peebles, Paul and Ford to orchestrate a fraudulent loan scheme that defrauded at least 17 federally insured financial institutions of more than $17 million. Marko participated directly in at least five of these fraudulent loans totaling over $2.8 million. To execute the scheme, Marko and his co-defendants submitted loan applications to financial institutions that contained fraudulent information, including false employment and income information, false tax returns, and misrepresentations regarding the applicants’ assets, liabilities, and the intended use the loan proceeds. Based on the fraudulent loan applications, Marko and his co-defendants secured at least 42 loans from the victim financial institutions. Contrary to information provided on the loan applications about the purposes of the loans, the defendants used the loan proceeds to purchase real estate, cover unrelated business expenses, make investments, make payments toward earlier loans, and pay for personal expenditures. Court documents show that the defendants defaulted on most of the loans, causing substantial losses to the victim financial institutions that issued the loans.

    Four additional defendants were previously convicted of bank fraud conspiracy for their involvement in the scheme. Amrish D. Patel was sentenced to 15 months in prison, Dwight A. Peebles, Jr. was sentenced to 18 months in prison. Denise Woodard was ordered to serve 36 months in prison, and Derrick L. Harrison, was sentenced to a year and a day in prison. The defendants were also ordered to pay restitution ranging from $620,000 to more than $3.1 million.

    In making today’s announcement, U.S. Attorney Ferguson credited the Office of the Inspector General of the Board of Governors of the Federal Reserve System, the Office of the Inspector General for the Federal Housing Finance Agency, the Office of the Inspector General for the Federal Deposit Insurance Corporation, the Federal Bureau of Investigation in Charlotte, and the Charlotte Field Office of the Internal Revenue Service’s Criminal Investigation, for the investigation of this case.

    Assistant U.S. Attorney Don Gast with the U.S. Attorney’s Office in Asheville is prosecuting the case.

     

    MIL Security OSI

  • MIL-OSI Security: Ohio Man Sentenced to 17 Years in Prison for Conspiracy That Took Nearly $7 Million From Investors

    Source: US FBI

    CLEVELAND – An Ohio man was sentenced to 17 and a half years in prison by U.S. District Judge J. Philip Calabrese after being found guilty of conspiring to artificially inflate prices on a low-value stock being sold to investors. He was also ordered to pay a $200,000 fine. After imprisonment, he was also ordered to serve three years of supervised release. Restitution amounts are yet to be determined.

    Last September, a federal jury convicted Paul Spivak, 66, of Willoughby Hills, Ohio, of conspiracy to commit securities fraud. Spivak was also found guilty on two counts of wire fraud. He then pleaded guilty to four other counts of wire fraud, two counts of securities fraud, and a separate count of conspiracy to commit securities fraud. The jury also convicted codefendant Charles Scott, 70, of Alexandria, Virginia, of securities fraud and conspiracy to commit securities fraud.

    According to court documents, trial testimony, and exhibits, Spivak was the majority owner and chief executive officer of U.S. Lighting Group, Inc. (USLG), a publicly traded Florida corporation based in Euclid, Ohio. At various times, the company designed and manufactured commercial LED lights, aftermarket auto parts, and fiberglass recreational campers, and boats. USLG traded on OTC Markets as a “penny” stock due to its low market value. Penny stocks are known to be vulnerable to price manipulation due to lower trading volume and because they draw less scrutiny than other stocks.

    Between 2016 and 2019, Spivak and several co-conspirators took USLG public through a reverse merger with a shell company. Using a variety of tactics, they artificially inflated the price of USLG stock to facilitate getting the company listed on a stock exchange.

    When the stock price was artificially high, Spivak had a team of co-conspirators use aliases to act as unlicensed stockbrokers to cold-call potential investors and persuade them to buy restricted stock shares. The brokers offered the stock at a steep discount relative to the apparent market price, convincing investors that the stock purchase was a great investment.

    USLG took in approximately $6.9 million between 2016 and 2019 from investors throughout the country, including many who were elderly. Individuals paid anywhere between $4,000 and $1 million to purchase the restricted stock shares which they were led to believe were a good deal on the investment.

    Spivak rewarded the success of these unlicensed stockbrokers with large, undisclosed commissions. He disguised their compensation as payments on invoices he asked them to submit for purported consulting services. In total, approximately 200 payments worth $2 million in undisclosed commissions were paid out to the unlicensed stockbrokers.

    Additionally, in early 2021 Spivak and Scott worked with co-conspirators to continue manipulating stock value by having them receive USLG shares to sell at inflated prices. They arranged for co-conspirators to manipulate the price of the stock through the use of a call room, also known as a boiler room.

    In covertly recorded discussions with one of the would-be co-conspirators, Spivak explained that, because of how few shares the investing public traded without manipulation, it “wouldn’t take very much to get the stock to go very high. I mean like very high.” Spivak explained that securities regulators “don’t care what we do out of the country.” So, for his long-term plans to get USLG’s stock price “going like crazy,” he hoped to set up a boiler room operation “someplace in Barcelona, someplace outta the United States.” 

    Spivak set up a cyclical arrangement for all participants to profit from this stock manipulation. At Spivak’s direction, co-conspirators Scott and Forrest Church, 62, of Haleyville, Alabama, acting as Spivak’s and USLG’s nominees, would sell stock they had acquired at a low price, to the boiler room operators at a higher price. Those operators would then sell that stock to unsuspecting investors at the inflated prices, also netting a profit. Scott and Church would then send about half of the funds they received back to USLG and receive additional low-priced stock, which they would later sell to the boiler room operators to start the cycle again.

    The defendants would later learn that the co-conspirators who had agreed to run the boiler room and buy the stock from Scott and Church were, in fact, undercover agents investigating the case.

    Spivak took numerous steps to conceal the scheme, hide evidence, and otherwise end the investigation and prosecution. He took many of those steps after he was arrested, which investigators discovered on recorded phone calls that he placed to his wife and employees from jail. For example, he repeatedly pressured his wife to have USLG’s chief financial officer call the FBI agent and offer to pay $200,000 “for this thing to go away.” On another call, Spivak outlined plans for USLG and its shareholders to “sue the FBI.”

    Other co-conspirators involved in the scheme have previously pleaded guilty to conspiracy to commit securities fraud and other charges, including Spivak’s wife, Church, and some of the unlicensed stockbrokers who Spivak employed. Two of those brokers, Larry Matyas, 43, of Las Vegas, Nevada, and Christopher Bongiorno, 46, of Mayfield Heights, Ohio, were each sentenced to one year and one day in prison earlier this week. The remaining co-conspirators are scheduled to be sentenced on April 29 and 30, 2025.

    On Feb. 12, 2025, Scott was sentenced to three years and five months in prison after a conviction for securities fraud conspiracy and one count of securities fraud. He was also ordered to pay $500,000.

    The case was investigated by the FBI Cleveland Division. This case was prosecuted by Assistant U.S. Attorneys Elliot Morrison, Megan Miller, and Stephanie Wojtasik for the Northern District of Ohio.

    To report investment, financial, and related violations, visit https://www.sec.gov/submit-tip-or-complaint.

    MIL Security OSI

  • MIL-OSI Security: Wisconsin Man Sentenced to More Than 3½ Years in Prison for ‘Swatting’ Spree that Hacked Doorbell Cameras to Livestream Police Response

    Source: US FBI

    LOS ANGELES – A Wisconsin man was sentenced today to 44 months in federal prison for participating in a one-week nationwide “swatting” spree that gained access to Ring home security door cameras, placed bogus emergency phone calls designed to elicit an armed police response, then livestreamed the events on social media, sometimes while taunting responding police officers in communities such as West Covina and Oxnard.       

    Kya Christian Nelson, 23, of Racine, Wisconsin, was sentenced by United States District Judge John A. Kronstadt.

    Nelson pleaded guilty on January 23 to one count of conspiracy and two counts of unauthorized access to a protected computer to obtain information. He has been in federal custody since August 2024 and previously was serving a prison sentence in Kentucky after being convicted in state court there in an unrelated case.

    From November 7, 2020, to November 13, 2020, Nelson and co-conspirators gained access to home security door cameras sold by Ring LLC, a Santa Monica-based home security technology company. Nelson acquired without authorization the username and password information for Yahoo! email accounts belonging to victims throughout the United States.

    The conspirators then determined whether the owner of each compromised Yahoo! account also had a Ring account using the same email address and password that could control associated internet-connected Ring doorbell camera devices. Using that information, they identified and gathered additional information about their victims.

    Then, the conspirators placed false emergency reports or telephone calls to local law enforcement in the areas where the victims lived. These reports or calls were intended to elicit an emergency police response to the victim’s residence. The conspirators then accessed without authorization the victims’ Ring devices and transmitted the audio and video from those devices on social media during the police response. They also taunted responding police officers and victims through the Ring devices during several of the incidents.

    For example, on November 8, 2020, Nelson and a co-conspirator accessed without authorization Yahoo! and Ring accounts belonging to a victim in West Covina. A hoax telephone call was placed to the West Covina Police Department purporting to originate from the victim’s residence and posing as a minor child reporting her parents drinking and shooting guns inside the residence. The caller claimed that her parents had multiple firearms and had fired approximately seven gunshots inside the house. Based on this hoax call, West Covina Police Department officers made an emergency response to the house and cleared the residents from the home at gunpoint.

    During the police response, Nelson accessed the Ring doorbell camera located at the West Covina residence and used it to verbally threaten and taunt the police officers who responded to the reported incident.

    In another incident, on November 11, 2020, Nelson illegally possessed the Yahoo! and Ring login credentials of a victim living in Oxnard. Nelson then used those credentials to access the victim’s Ring account. Nelson or a co-conspirator made a hoax call to the Oxnard Police Department purporting to be coming from inside the victim’s home.

    The caller told the police that they were a child whose father was wielding a handgun inside the residence. Nelson made a second hoax call to Oxnard Police to report hearing shots fired at the victim’s residence. Based on these hoax calls, Oxnard Police officers made an emergency response to the house and cleared the residents from the home at gunpoint.

    Nelson accessed the Ring doorbell camera located at the Oxnard residence and used it to threaten and taunt the police officers who had responded to the reported incident.

    “[Nelson] and his co-conspirators went on a digital crime spree, terrorizing innocent people around the country from behind their keyboards,” prosecutors argued in a sentencing memorandum. “While [Nelson] was safe behind his keyboard, he subjected others to real danger.”

    One of Nelson’s indicted co-conspirators, James Thomas Andrew McCarty, 22, of Kayenta, Arizona, was sentenced in June 2024 to seven years in federal prison both for his role in this case, and on additional charges in the District of Arizona. In connection with the Ring swatting incidents, McCarty pleaded guilty to the same conspiracy as Nelson.

    McCarty further admitted to illegally accessing a victim’s Ring camera in Florida and making a call to the North Port Florida Police Department, in which he purported to be the victim’s husband who had just killed her, was holding a hostage, and had rigged explosives at the residence. McCarty then livestreamed the law enforcement response and posted a message on social media taking credit for the swatting incident and stating that he thought it was amusing.

    The FBI investigated this matter.

    Assistant United States Attorney Khaldoun Shobaki of the Cyber and Intellectual Property Crimes Section prosecuted this case.

    MIL Security OSI

  • MIL-OSI Security: Two out-of-state residents charged with stealing Alaskan identities to target local financial institutions

    Source: Office of United States Attorneys

    ANCHORAGE, Alaska – A federal grand jury in Alaska returned an indictment yesterday charging two out-of-state residents with conspiring to commit bank fraud by stealing identities and creating false identification documents.

    According to court documents, on April 14, 2025, the Anchorage Police Department (APD) received a report that a female entered three local bank branches in Eagle River, Wasilla and Anchorage, respectively. The female presented potentially fraudulent military ID and passport cards and requested to withdraw $9,500 from accounts at each branch. The documents had the female’s picture but the name and date of birth of the account holders. The female successfully withdrew $9,500 from the Eagle River and Wasilla branches for a total of $19,000.

    On April 15, 2025, Soldotna Police Department (SPD) received a report similar to the report APD received the day prior, detailing that a female entered a local credit union and presented a potentially fraudulent military ID and passport card to try and withdraw cash.  Staff suspected the identification was fraudulent and attempted to contact their fraud department. While on the phone, the female left the credit union.

    Later the same day, the Kenai Police Department (KPD) received the same report of a female presenting a potentially fraudulent military ID and passport card at a local bank to try and withdraw cash. Bank staff recognized the female from a recent internal fraud alert.

    Staff at the Kenai bank attempted to call the police after the female suspect presented the alleged false documents, but she fled the bank in a vehicle. SPD officers located the vehicle and conducted a traffic stop. Law enforcement identified the driver as Karey McLeish, 25, of Texas and the female suspect, who was a passenger in the vehicle, as Rebekah Walker, 45, of Connecticut. Officers searched the defendants and located over $700 in cash and a plane ticket from Texas to Anchorage dated April 13, 2025. Officers also searched the vehicle and discovered over $1,600 in cash, three cell phones and key cards for a local hotel.

    Court documents further explain that law enforcement searched the hotel room McLeish and Walker were staying at in Soldotna and located a bag containing men’s clothing and hygiene products, as well as 11 military ID’s and 11 U.S. passport cards. The identification documents contained different names and dates of birth for Alaska residents, but all had Walker’s picture. 

    McLeish and Walker were originally charged by complaints on May 16, 2025, and were arrested in Kenai on May 21, 2025.

    McLeish and Walker are charged with one count of conspiracy to commit bank fraud, five counts of aggravated identity theft, five counts of forgery or false use of a passport and one count of fraud in connection with identification documents. The defendants are scheduled to make their initial court appearance on May 23, 2025, before U.S. Magistrate Judge Kyle F. Reardon of the U.S. District Court for the District of Alaska. If convicted, they face a mandatory minimum penalty of two years in prison for each aggravated identity theft count, and up to 30 years in prison for the other seven counts. A federal district judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

    U.S. Attorney Michael J. Heyman for the District of Alaska and Special Agent in Charge William Chang of the U.S. Department of State Diplomatic Security Service (DSS), San Francisco Field Office made the announcement.

    The DSS San Francisco Field Office, with assistance from APD, KPD and SPD, is investigating the case.

    Assistant U.S. Attorney Amy Miller is prosecuting the case.

    An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

    ###

    MIL Security OSI

  • MIL-OSI Security: Sonoma Real Estate Developer Arrested On Charges Of Defrauding Hundreds Of Investors

    Source: Office of United States Attorneys

    Former President of LeFever Mattson Allegedly Used Victims’ Money to Fund Personal Expenses and Pay Existing Investors

    SAN FRANCISCO – Kenneth W. Mattson, 63, of Sonoma, was arrested today pursuant to an indictment returned by a federal grand jury charging him with wire fraud, money laundering, and obstruction of justice.  

    According to the nine-count indictment filed May 13, 2025, and unsealed today, Mattson was the President of LeFever Mattson, a corporation based in Citrus Heights, Calif., that controlled several limited partnerships that owned and managed commercial and residential properties.  For more than a decade, Mattson allegedly solicited and obtained millions of dollars in investments from hundreds of investors—many of whom were nearing or in retirement—in what he represented were legitimate and safe interests of limited partnerships that owned real estate.  Those representations were false: although many of the partnerships were real entities, Mattson’s victims, referred to in the indictment as “off-books investors,” never had interests in those partnerships.

    “This indictment alleges that Kenneth Mattson defrauded hundreds of victims, many of whom entrusted him with retirement savings they could not afford to lose.  He allegedly raised tens of millions of dollars by falsely claiming that investors would have legitimate stakes in real estate projects.  Instead of delivering the investment returns he promised, Mr. Mattson is charged with cheating these investors out of their hard-earned money and, in many cases, out of their life savings,” said Acting United States Attorney Patrick D. Robbins.  “Mr. Mattson will now be held to account on charges of perpetrating a scheme that he kept afloat only by using new investors’ money to pay obligations to earlier investors—a classic Ponzi scheme.”

    “As alleged, Mattson orchestrated a fraudulent real estate investment scheme over several years, stealing millions of dollars from hundreds of victims, many of them retirees or nearing retirement.  This case underscores the serious impact financial fraud can have on a community, particularly on those least able to recover,” said FBI Special Agent in Charge Sanjay Virmani.  “The investigation in this case is ongoing.  We encourage anyone who believes they may be a victim to come forward.  The FBI and our partners remain steadfast in our commitment to uncovering the truth and seeking justice for those affected.”

    “The allegations against Mr. Mattson describe a long-standing scheme with hundreds of victims duped out of millions of dollars,” said IRS Criminal Investigation (IRS-CI) Oakland Field Office Special Agent in Charge Linda Nguyen. “Simply put, white-collar crime is not victimless, and our special agents and professional staff are the experts at tracing money trails and building cases that lead to justice while simultaneously deterring future criminal activity.”

    “Postal inspectors will not allow the mail to be used to defraud people. The American people trust us to end fraud schemes and bring fraud perpetrators to justice—we are proud to work with our federal law enforcement partners in investigations like this one,” said U.S. Postal Inspection Service (USPIS), San Francisco Division Inspector in Charge Stephen M. Sherwood.

    The indictment describes that, from at least 2009 and continuing through 2024, Mattson solicited investments from off-books investors into Divi Divi Tree, LP (Divi Divi), a LeFever Mattson-controlled partnership that owned an apartment complex in Riverside County, Calif.  The vast majority of these investors used their retirement funds to invest in Divi Divi.  Mattson never told the LeFever Mattson company about these investors, and the investors were not listed as partners in the company’s official books and records.  Contrary to Mattson’s representations to these victims, these “off-books” investors never became true owners in the partnership.  Although some investors received distribution payments from their “off-books” investments, that money did not come from the rents of the partnership’s underlying property, as Mattson promised; instead, it came from loans, Mattson’s comingling of other assets, and from new investors, in the manner of a Ponzi scheme.

    Mattson’s scheme reached beyond Divi Divi to other LeFever Mattson limited partnerships, including Heacock Park Apartments, LP, an entity that was formed to purchase another apartment complex.  Among other conduct, the indictment describes Mattson’s concealment from the “off-books” investors of the 2021 sale of the Heacock Park Apartments, the asset underlying Heacock Park, which resulted in net proceeds of over $8 million.  Notwithstanding Mattson’s prior representations to “off-books” investors that they would be notified upon sale and be entitled to share in profits proportionate to their ownership stake, Mattson concealed the sale from existing “off-books” investors and omitted that the primary asset of the entity had, in fact, been sold when recruiting new investors for Heacock Park.

    The indictment also alleges that Mattson engaged in similar fraudulent conduct through another real estate holding entity over which he exercised sole business control, KS Mattson Partners, LP.

    Between 2019 and 2024, Mattson obtained at least $28 million from investors for “off-books” investments in Divi Divi and Heacock Park alone.

    The indictment further alleges that Mattson learned of an investigation into his conduct by the U.S. Securities and Exchange Commission (SEC) in April 2024.  After the SEC instructed Mattson to preserve and retain relevant evidence and served him with a subpoena for documents, Mattson deleted thousands of files that were relevant to the SEC’s investigation.  

    The indictment charges Mattson with seven counts of wire fraud in violation of 18 U.S.C. § 1343, one count of engaging in monetary transactions in property derived from specified unlawful activity (money laundering) in violation of 18 U.S.C. § 1957, and one count of destruction of records in a federal investigation (obstruction of justice) in violation of 18 U.S.C. § 1519.

    Mattson is scheduled to make his initial federal court appearance at 10:30 a.m. on May 23, 2025, before U.S. Magistrate Judge Alex G. Tse in San Francisco.

    An indictment merely alleges that crimes have been committed, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt.  If convicted, Mattson faces a maximum sentence of 20 years in prison as to each count of wire fraud and the obstruction of justice count and 10 years in prison as to the money laundering count.  Any sentence following conviction would be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.  

    Individuals who believe that they are “off-books” investors with Mattson are urged to fill out the following form: https://forms.fbi.gov/victims/lfminvestors and send copies of any relevant documents to LFMInvestors@fbi.gov.

    The SEC today filed a civil enforcement action against Mattson and KS Mattson Partners LP in the Northern District of California.  

    Assistant U.S. Attorneys Christoffer Lee and Nikhil Bhagat are prosecuting the case with the assistance of Mimi Lam.  The prosecution is the result of an investigation by the FBI, IRS-CI, and USPIS.  The U.S. Attorney’s Office thanks the San Francisco Regional Office of the SEC for its assistance in the investigation.

    Mattson Indictment
     

    MIL Security OSI

  • MIL-OSI Security: Former Exec at O.C. Company and Illegal Alien Arrested on Federal Complaint Alleging He Embezzled $7 Million from His Employer

    Source: Office of United States Attorneys

    SANTA ANA, California – A former executive at a Newport Beach company that specializes in the purchase of classic cars – who also happens to be an illegal alien from Mexico – was arrested today on a federal complaint alleging he embezzled approximately $7 million from his employer.

    Alexander G. Ramos, 62, of Newport Beach, is charged with wire fraud, a felony that carries a statutory maximum sentence of 20 years in federal prison.

    A federal magistrate judge ordered Ramos jailed without bond and scheduled an arraignment for June 30.

    According to an affidavit filed with the complaint, Ramos was employed at the victim company since 2017 until his termination in September 2024 in the company’s Risk Management Department. Through his positions, he knew his employer’s loans and held relationships with title agents or other partners nationwide. He also oversaw requests by the company’s Title and Risk Department to its Accounting Department for payment to title agents, sometimes submitting the requests himself.

    Ramos allegedly caused checks to be issued from the victim company to certain parties, including a Las Vegas DMV services business. The checks were supposed to cover expenses for tax, titling, and licensing associated with car purchases.

    However, Ramos purposely caused his employer to send too much money to the outside entities. He then directed those entities on how to dispose of the extra money, including by sending the funds to bank accounts that he controlled.

    A law enforcement review of financial records revealed that approximately $7 million in checks and wires were deposited into Ramos-controlled bank accounts from the outside entities in the car industry. The origin of some of the funds deposited into Ramos’s bank accounts showed the checks and wires were made out to the victim company and were intended as refunds to that company’s clients who had overpaid for vehicle registration fees.

    Instead of being returned directly to the Ramos’s employer, Ramos allegedly moved the funds to other accounts he controlled for his personal use, including buying a home in Irvine. The illegal transfers date back to at least January 2020, according to the complaint.

    Ramos is an illegal alien from Mexico who was removed from the United States in 2017 but later returned.

    A complaint contains allegations that a defendant has committed a crime. Every defendant is presumed to be innocent until and unless proven guilty beyond a reasonable doubt in court.

    The FBI and the Federal Deposit Insurance Corporation Office of Inspector General are investigating this matter.

    Assistant United States Attorney Kevin Fu of the Orange County Office is prosecuting this case.

    MIL Security OSI

  • MIL-OSI Security: Meet the Cyber Action Team

    Source: US FBI

    Across the globe, malicious cyber activity threatens public safety and national and economic security. Criminals target organizations such as schools, hospitals, power and utility companies, and other critical infrastructure entities that serve communities.

    As the lead federal agency for investigating cyberattacks and intrusions, the FBI developed a specialty group—the Cyber Action Team, or CAT—that can deploy across the globe within hours to respond to major cyber threats and attacks against these critical services.

    Composed of about 65 members, CAT is an investigative rapid response fly team that leverages special agents, computer scientists, intelligence analysts, and information technology specialists from across FBI field offices and Headquarters.

    “We respond onsite to victims who may include national government entities, private companies, or even sometimes foreign partner networks that have been compromised by an adversary,” said Scott Ledford, head of the Cyber Action Team and the Advanced Digital Forensics Team. “Our job is to help conduct the investigation—we collect digital evidence and locate, identify, and reverse engineer malware. We also help the victim understand when they were compromised and how, writing a timeline and a narrative of that intrusion with the ultimate goal of identifying who is responsible, attributing that attack.”

    CAT was established in 2005 in response to an increase in the number and complexity of computer intrusion investigations in FBI field offices. At the time, not all field offices had personnel with the cyber expertise necessary to properly respond to and investigate sophisticated computer intrusions.

    “There was this transition that was taking place between what investigations the FBI was responsible for and the types of crimes that we were starting to see,” explained Ledford. “Cyber was such a growing threat at the time, and so it became necessary that some field offices would reach out and say, ‘Hey, do you know of any cyber experts who can help me work through an investigation?”

    As the team formalized its processes and expanded, in 2016, the Presidential Policy Directive 41, “United States Cyber Incident Coordination” was signed, setting forth principles for the federal government’s response to cyber incidents involving government or private sector entities. The FBI was appointed the lead federal agency for cyber threat response activities.

    “From an investigative standpoint, the FBI is unique. We’re one of the few agencies in the U.S. government that has both law enforcement and counterintelligence authorities,” said Ledford. “And those authorities, and the American people’s trust in us, help us to deliver a unique blend of national security and criminal investigative skills, expertise, and resources to implement that blended response and help facilitate an investigation, regardless of whether it leads us overseas or to a courtroom here in the U.S.”

    The bulk of CAT’s cases usually involve the FBI identifying an organization with a particular intrusion that’s either so complex or large-scale that the local field office requests additional assistance.

    In one case, CAT deployed to a health care company that a separate intrusion investigation had identified as compromised. CAT’s response helped lead to the identification of several compromised systems and accounts on their network. While working alongside the company, CAT disrupted the threat—and prevented further exploitation across their network.

    CAT also receives requests from FBI legal attachés, the State Department, the National Security Council, and the White House to assist other countries when they face cyberattacks.

    “It could be a country that doesn’t have the resources or the expertise that the U.S. government has, and they’ve reached out and asked for help,” said Ledford. “There can be a NATO or a non-NATO ally country that says, ‘We’ve been hit hard by this adversary, and we don’t have the localized personnel, we don’t have the resources, we don’t have the expertise to respond to this. Can you help us with it?”

    In another case, CAT deployed overseas to provide incident response support to a NATO ally that had been targeted by a destructive cyberattack. CAT responded and worked together with U.S. partners to determine the initial intrusion vector, identify other networks that were impacted, collect and analyze digital evidence, and ultimately attribute the intrusion to a foreign government. The NATO ally severed diplomatic ties with the foreign government, closed the foreign government’s in-country embassy, and evicted them from the country.

    “We have some talented people, and they work hard every single day,” said Ledford. “It’s an honor to sit alongside them.”

    Key Tactic: Strong Communication Skills

    In addition to excellent technical skills, CAT members are closely vetted for strong communication skills. Ledford explained that part of the CAT applicant selection process entails a multi-day live technical exercise that’s designed and curated by CAT:

    “We design a network environment. We may mimic an industry, for example, an electric utility. And then we compromise that environment, and we litter it with artifacts, digital evidence, and malware. Then we task applicants to investigate this cyber incident and present their findings.

    At the end of the five days, applicants present their findings, and we identify who has the technical capability and expertise to find digital evidence of a crime hidden within this mountain of data that we’ve thrown at them.

    If the applicant passes that phase of that selection exercise, we invite them to participate in a panel presentation. Our CAT members will play the roles of the victims we’re trying to help and their own resource teams, for example, a company CEO, a U.S. attorney, a third-party legal counsel, or IT administrator.

    You’re essentially giving us the narrative of the cyber intrusion. You’re telling us a story about what happened. While some of the panel questions will be very technical in nature, some will be more basic questions—the applicant will need to be able to explain to a CEO, for example, who might not have technical expertise, what the problem was and how to fix it. We’re looking to see whether you can take something that’s exceptionally technically complex and explain it in such a way that everyone in the room understands it.

    We’re also looking for interpersonal ability. For example, in the case of a company CEO, at that moment during a cyberattack, they may be going through one of the most stressful times of their company’s existence—there may be data leaked that can make or break that company’s future and their profits, as well as their ability to employ people and their ability to deliver services to their customers. You need the communications skills to interact with them during a difficult time and gain trust.”

    MIL Security OSI

  • MIL-OSI Security: Ensuring Safety at Sea

    Source: US FBI

    In addition to reporting the incident to a cruise ship security officer as soon as possible, you can also report the incident to the FBI directly. Knowing your rights can help you speak up if something happens.

    For investigators, a big challenge is delayed reporting.

    Pagliarini stressed the importance of immediate reporting by victims and witnesses, especially considering the complexities of investigating crimes at sea.

    Delays often occur because victims feel ashamed or uncertain and may only report the incident after discussing it with others once they return home, said Pagliarini.

    “We get that a lot, or somebody has something stolen, and they don’t know until they got home and then report it,” said Pagliarini. “This delay complicates investigations, especially when victims are far from the location of the incident.”

    Parker and Pagliarini suggest passengers avoid taking valuable jewelry—as it’s easy to lose or have stolen—be responsible when drinking, and go directly through the cruise line company when booking excursions.

    They also explained that it is important to familiarize yourself with the guest services locations on the ship. And if you see an incident, do your best to be a helpful witness.

    Behind every cruise ship crime incident is a human story of victims seeking justice and families grappling with loss. The FBI’s Victim Services Division offers support to those affected by crimes at sea.

    “It’s very common if we have a juvenile involved, we make our best efforts to notify Victim Services ahead of time, and often they’ll accompany myself or whoever’s going out initially on the investigation,” said Pagliarini. From counseling referrals to support navigating the criminal justice process, their efforts extend to both victims and their families.

    Additionally, the FBI conducts specialized training for industry partners, enhancing their ability to assist law enforcement with securing and documenting a crime scene at sea.

    “We try to hold trainings with the cruise industry personnel, kind of a best practice as far as evidence preservation,” said Parker.

    The collaborative approach to security at sea, along with passengers understanding how to mitigate risk, is vital to ensuring the FBI can work with partners at every level to investigate crimes on the high seas and keep Americans safe.

    MIL Security OSI

  • MIL-OSI Security: FBI Director Announces Chinese Botnet Disruption, Exposes Flax Typhoon Hacker Group’s True Identity at Aspen Cyber Summit

    Source: US FBI

    The FBI and our partners disrupted a Chinese botnet and freed thousands of impacted devices from its clutches, Director Christopher Wray announced September 18. 

    The botnet, which was operated by a Chinese government-sponsored hacker group known as Flax Typhoon, targeted internet-connected devices such as storage devices, cameras, and video recorders to compromise victims’ systems and steal their confidential data, Director Wray said during a keynote at the 2024 Aspen Cyber Summit in Washington, D.C.

    “Ultimately, as part of this operation, we were able to identify thousands of infected devices, and, then, with court authorization, issued commands to remove the malware from them, prying them from China’s grip,” Wray said.  

    Approximately half of the devices under the botnet’s control were based in the United States, he noted. The hacker group’s targets included organizations in the public and private sectors, as well as academia and the media, he added. Wray also revealed the hacker group’s true identity to be an information security company known as the Integrity Technology Group. “But their chairman has publicly admitted that for years his company has collected intelligence and performed reconnaissance for Chinese government security agencies,” Wray added. 

    Wray called the cyber disruption a success but cautioned that the effort was “just one round in a much longer fight.” 

    “The Chinese government is going to continue to target your organizations and our critical infrastructure—either by their own hand or concealed through their proxies,” Wray said. “And we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.” 

    Saving victims time and money 

    During his remarks, Wray also underscored the Bureau’s dedication to working with victims of cyber intrusions, whether they’re individuals or organizations. According to Wray, reporting ransomware attacks to the FBI can potentially help us: 

    • Recover ransomed data 
    • Negotiate-down ransoms demanded by cybercriminals—or spare victims from having to pay ransoms at all 
    • Help impacted organizations resume their normal operations in a speedy manner 

    “I’m extremely proud to report that, in just the past two years, the FBI has handed out nearly 1,000 decryptors, and we’ve saved victims around the world something like $800 million in ransom payments,” Wray said. 

    Decryptors—also known as decryption keys—function like passwords to unlock data that ransomware criminals hold captive. But, Wray explained, some of those keys require information about the victim to work.  

    So it’s paramount that organizations contact the FBI if they fall victim to ransomware attacks. Otherwise, he cautioned, the Bureau “might not be able to make that match—and we might not be able to save you that ransom payment.” 

    Wray also discussed how information sharing between the Bureau and our public and private sector partners can help the FBI combat ongoing cyberattacks and lessen the impact of future cyber incidents.  

    As an example, he pointed to a recent interagency effort to alert the private sector that a pro-Russian hacktivist group was targeting “operational technology networks.”  

    “They had set their sights across our critical infrastructure—from dams and wastewater systems to the energy, food, and agriculture sectors,” Wray explained.  

    But, he said, the FBI’s joint advisory about the cyber threat allowed private sector organizations to fix the vulnerability these bad actors were using to infiltrate networks, thereby protecting the companies and the American public, alike. 

    “So, if there’s only one thing you take away from my time here today, I hope it’s this: The FBI needs and wants to work with you,” Wray said. “Let us save you money, save you time, and save you from future attacks so that you can keep your organization’s focus where it should be: on your operations, and—together—we can help keep our nation safe.” 

    West Palm Beach investigation updates 

    During his remarks, Wray also addressed the Bureau’s investigation into the September 15 assassination attempt on former President Donald Trump.  

    “For the second time in just over two months, we’ve witnessed what appears to be an attempt to attack our democracy and our democratic process,” he said. “I’m relieved that former President Trump is safe, and I want the American people to know the men and women of the FBI are working tirelessly to get to the bottom of what happened.” 

    Wray acknowledged that the ongoing nature of the investigation limited how much the Bureau could say about the matter. 

    “What I can say is that we have dedicated the full force of the FBI to this investigation, and that runs the gamut from criminal to national security resources, from tactical support to Evidence Response Teams, from forensic scientists to operational technology personnel,” he said.“Together, we’re working around the clock to investigate this.” 

    MIL Security OSI

  • MIL-Evening Report: Disaster or digital spectacle? The dangers of using floods to create social media content

    Source: The Conversation (Au and NZ) – By Samuel Cornell, PhD Candidate in Public Health & Community Medicine, School of Population Health, UNSW Sydney

    Almost 700 rescues had been carried out in New South Wales by Friday morning as
    record-breaking rainfall pounds the state. Tragically, four people have died in floodwaters.

    Amid the chaos, videos posted on social media show people deliberately entering or standing above swollen rivers and flooded roads. It is a pattern of dangerous behaviour that occurs frequently during natural disasters in Australia.

    Filming unsafe acts for social media is not just risky for participants. It may inspire copycat behaviour, and, if things go wrong, can endanger the lives of rescuers. It’s a public health problem which requires new remedies.

    Selfies in floods: a risky business

    During a flood, water can be deceiving. Just 15cm of water can knock an adult off their feet or cause a car to lose traction and float. Submerged debris and contaminated water add to the dangers.

    Emergency services routinely warn the public not to enter floodwaters – on foot or in vehicles. But many people ignore the warnings, including those out to create social media content.

    In a startling example posted on Tiktok during the current floods, a young man stands on a mossy log which has fallen over a flooded river. The video, accompanied by dramatic music, shows swirling floodwaters surging beneath him. One wrong step, and the man could easily have drowned.

    In other examples posted on Tiktok in recent days, a woman wades through murky floodwaters, and a person films as the car they are travelling in drives down a flooded road.

    Similar behaviour was observed during floods in Townsville earlier this year. Residents filmed themselves diving and wading into floodwaters, and towing each other on inflatable rafts.

    And during ex-Tropical Cyclone Alfred, social media was filled with images of people in Queensland surfing dangerous swells and wading in rough surf.

    A worrying trend

    Our research explores the links between social media and adverse health outcomes.

    Selfie-related injury has become a public health concern. People are increasingly venturing off-trail, seeking out attractive but hazardous locations such as cliff edges and coastal rock platforms.

    These behaviours can lead to injury and death. They can also put emergency services personnel in harm’s way. In 2021, for example, a woman fell into a swollen river on Canberra’s outskirts while trying to take a selfie with friends, prompting a police official to warn:

    There is no photo or social media post that is worth risking your life to get. Any water rescue puts the lives of not only of yourself but those of emergency services personnel at risk.

    Getting to grips with the problem

    How should the problem be tackled? Previous research by others has recommended “no-selfie zones”, barriers, and signs as ways to prevent selfie incidents. But our research suggests these measures may not be enough.

    The phenomenon of selfie-related incidents requires a public health approach. This entails addressing the behaviour through prevention, education, and other interventions such as via social media platforms.

    In the latest floods, unsafe behaviour has occurred despite a series of official flood, weather and other warnings. Residents also continue to drive into floodwaters, despite repeated pleas from authorities.

    Official warnings compete with – and can lose out to – more emotionally compelling, visually rich content. If the public sees other people behaving recklessly and apparently unharmed, then even clear, fact-based warnings can be ignored.

    This is especially true in communities experiencing “alert-fatigue” after having gone through disasters before.

    Sometimes, vague terminology in warnings means the messages don’t necessarily cut through. We’ve seen this before in relation to surf safety. Technical phrases such as “hazardous swell” don’t change behaviour if people don’t understand what they mean.

    For warnings to work, they need to be clear and provide instruction – stating what the danger actually is, and what to explicitly do, or not do.

    For social media users, that might mean spelling out not to go into floodwaters to capture content for social media.

    We’ve also previously called on social media companies to be held more accountable for the dangerous content they publish – by flagging risky content and supporting in-app safety messaging, especially at high-risk locations or during extreme weather events.

    What to do right now

    If you’re in or near a flood zone, follow guidance from emergency services to keep yourself and your loved ones safe.

    When it comes to using social media in an emergency:

    • stay entirely out of floodwaters, even for a quick photo

    • think before you post. Your safety is more important than your content. No post is worth risking your life

    • avoid glamourising risk. Sharing risky photos or videos can influence others to do the same, potentially with worse outcomes

    • follow official advice. Floodwaters are unpredictable. Warnings are issued for a reason

    • use your platform for good. Share verified information, support affected communities and help amplify safety messages.

    As extreme weather becomes more frequent in Australia under climate change, so too will the urge to document them. But we risk turning disasters into digital spectacles – at the expense of our lives and that of rescuers.

    Samuel Cornell receives funding from Meta Platforms, Inc. His research is supported by a University of New South Wales Sydney, University Postgraduate Award. His research is supported by Royal Life Saving Society – Australia to aid in the prevention of drowning. Research at Royal Life Saving Society – Australia is supported by the Australian government. He has been affiliated with Surf Life Saving Australia and Surf Life Saving NSW in a paid and voluntary capacity.

    Amy Peden receives funding from the National Health and Medical Research Council, Meta Platforms, and NSW National Parks and Wildlife Service. She holds an honorary affiliation with Royal Life Saving Society – Australia.

    ref. Disaster or digital spectacle? The dangers of using floods to create social media content – https://theconversation.com/disaster-or-digital-spectacle-the-dangers-of-using-floods-to-create-social-media-content-257350

    MIL OSI AnalysisEveningReport.nz

  • MIL-OSI Security: President and CEO of Las Vegas-Based Company Pleads Guilty for Role in Investment Fraud Scheme Where He Stole Millions in Victim Investor Funds

    Source: US FBI

    LAS VEGAS – A Nevada man pleaded guilty yesterday to one count of wire fraud stemming from his role in a years-long fraud scheme, during which he stole more than $6.1 million in victim investor funds.

    According to court documents, Mykalai Kontilai, formerly Michael Contile, 55, of Las Vegas, facilitated an investment fraud scheme involving his company, Collector’s Coffee Inc., doing business as Collector’s Café (Collector’s Coffee), a company incorporated in California and headquartered in Las Vegas. From 2012 to 2018, Kontilai made or caused to be made numerous materially false and misleading representations to induce victims to invest in Collector’s Coffee — a company he claimed was on the verge of launching an online auction house for third-party owned collectibles, such as Hollywood and sport memorabilia. As a result of Kontilai’s numerous false and misleading statements, including that investor funds would be used for legitimate business purposes, that Kontilai had personally invested millions of his own money in the company, and that he did not take a salary, Kontilai successfully raised approximately $23 million from Collector’s Coffee investors. However, rather than using the proceeds as represented, Kontilai stole approximately $6.1 million for his own personal use, including for the purchase of luxury goods, apartments, and vehicles.

    The U.S. Securities and Exchange Commission (SEC) began investigating Kontilai for misappropriating investor funds in or around 2017. Kontilai obstructed the investigation by forging documents that he caused to be transmitted to the SEC and lied under oath to the SEC. Kontilai was charged in connection with this conduct both in the present case on June 3, 2020, and in a separate case in the District of Colorado on March 10, 2020. While under investigation but prior to charging, Kontilai fled to Russia and was ultimately arrested on an Interpol Red Notice in Germany in 2023. He was extradited back to the United States to face the pending charges in May. As part of the plea agreement in this case, the government will move to dismiss the Colorado case at sentencing.

    Kontilai pleaded guilty to one count of wire fraud. He is scheduled to be sentenced on Dec. 4 and faces a maximum penalty of 20 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

    Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division; U.S. Attorney Jason M. Frierson for the District of Nevada; Special Agent in Charge Spencer L. Evans of the FBI Las Vegas Field Office; and Special Agent in Charge Carissa Messick of IRS Criminal Investigation (IRS-CI) made the announcement.

    The FBI and IRS-CI are investigating the case. The Justice Department’s Office of International Affairs provided significant assistance in securing the extradition from Germany of Kontilai.

    Trial Attorneys Brandon Burkart and Sara Hallmark of the Criminal Division’s Fraud Section (FRD) and Assistant U.S. Attorney Jessica Oliva for the District of Nevada prosecuted this case. Former FRD Trial Attorney Emily Scruggs provided valuable assistance. 

    ###

     

    MIL Security OSI

  • MIL-OSI Security: Las Vegas Man Sentenced to Prison for Defrauding More Than $7 Million From Loan Lenders

    Source: US FBI

    LAS VEGAS – A Las Vegas resident was sentenced today by United States District Judge Gloria M. Navarro to 51 months in prison to be followed by three years of supervised release for orchestrating a scheme to defraud loan lenders and cause more than $7 million in losses.

    According to court documents, from February 1, 2017 to October 1, 2018, Brandon David Sattler, 47, devised a scheme to defraud and obtain loans from three individual lenders. As part of the scheme, Sattler made false representations that his company needed loans to fulfill renovation contracts that he had with one hotel and casino and claimed to hold with other hotels and casinos. Sattler altered information from his bank to show his bank account held more than it actually did in order to influence the three individual lenders to loan money to his company. After obtaining the loans, Sattler made misrepresentations in order to extend the maturity date of the loans and delay the deadline for repayment. In total, Sattler caused a loss of more than $7 million.

    Sattler pleaded guilty to one count of wire fraud. He has two prior convictions for fraud in California and Texas.

    United States Attorney Jason M. Frierson for the District of Nevada and Special Agent in Charge Spencer L. Evans for the FBI made the announcement.

    This case was investigated by the FBI, and Assistant United States Attorney Daniel Schiess prosecuted the case.

    ###

     

    MIL Security OSI

  • MIL-OSI Security: President and CEO of Las Vegas-Based Company Sentenced for Role in Investment Fraud Scheme Where He Stole Millions in Victim Investor Funds

    Source: US FBI

    LAS VEGAS — A Nevada man was sentenced yesterday to 51 months in prison and was ordered to pay $6.1 million in restitution stemming from his role in a years-long fraud scheme.

    According to court documents, Mykalai Kontilai, formerly Michael Contile, 55, of Las Vegas, facilitated an investment fraud scheme involving his company, Collector’s Coffee Inc., doing business as Collector’s Café (Collector’s Coffee), a company incorporated in California and headquartered in Las Vegas. From 2012 to 2018, Kontilai made or caused to be made numerous materially false and misleading representations to induce victims to invest in Collector’s Coffee — a company he claimed was on the verge of launching an online auction house for third-party owned collectibles, such as Hollywood and sport memorabilia. As a result of Kontilai’s numerous false and misleading statements, including that investor funds would be used for legitimate business purposes, that Kontilai had personally invested millions of his own money in the company, and that he did not take a salary, Kontilai successfully raised approximately $23 million from Collector’s Coffee investors. However, rather than using the proceeds as represented, Kontilai stole approximately $6.1 million for his own personal use, including for the purchase of luxury goods, apartments, and vehicles.

    The U.S. Securities and Exchange Commission (SEC) began investigating Kontilai for misappropriating investor funds in or around 2017. Kontilai obstructed the investigation by forging documents that he caused to be transmitted to the SEC and lied under oath to the SEC. Kontilai was charged in connection with this conduct both in the present case on June 3, 2020, and in a separate case in the District of Colorado on March 10, 2020. While under investigation but prior to charging, Kontilai fled to Russia and was ultimately arrested on an Interpol Red Notice in Germany in 2023. He was extradited back to the United States to face the pending charges in May.

    On Nov. 21, Kontilai pleaded guilty to one count of wire fraud. As part of the plea agreement in this case, the government has moved to dismiss the Colorado case.

    Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division; U.S. Attorney Jason M. Frierson for the District of Nevada; Special Agent in Charge Spencer L. Evans of the FBI Las Vegas Field Office; and Special Agent in Charge Carissa Messick, IRS Criminal Investigation (IRS-CI)’s Phoenix Field Office made the announcement.

    FBI and IRS-CI investigated the case. The Justice Department’s Office of International Affairs provided significant assistance in securing the extradition from Germany of Kontilai.

    Trial Attorneys Brandon Burkart and Sara Hallmark of the Criminal Division’s Fraud Section and Assistant U.S. Attorney Jessica Oliva for the District of Nevada prosecuted this case. Former Fraud Section Trial Attorney Emily Scruggs provided valuable assistance.

    ###

     

    MIL Security OSI

  • MIL-OSI Security: Rapids Theatre Owner Pleads Guilty to Defrauding COVID Relief Programs Out of More Than $1.8 Million

    Source: US FBI

    BUFFALO, N.Y.-U.S. Attorney Michael DiGiacomo announced today that John L. Hutchins, 71, of Lewiston, NY, pleaded guilty before Judge Meredith A. Vacca to conspiracy to commit wire fraud and bank fraud, which carry a maximum penalty of 30 years in prison and a $1,000,000 fine.

    Assistant U.S. Attorneys Paul E. Bonanno and Douglas A. C. Penrose, who are handling the case, stated that between March 2020, and March 2024, Hutchins conspired with co-defendant Roberto Soliman and others to file fraudulent loan applications under the Economic Injury Disaster Loan (EIDL), the Paycheck Protection Program (PPP), and the Shuttered Venue Operators Grant (SVOG). The loans available for these programs were designed to provide emergency financial assistance pursuant to the Coronavirus Aid, Relief, and Economic Security (CARES Act). Hutchins and Soliman applied for loans under the following companies, which were owned by Hutchins:

    •           Rapids Theatre Niagara Falls, USA, Inc.

    •           1711 Main, LLC

    •           Bear Creek Entertainment, LLC

    •           Hutch Enterprises, LLC

    •           The Hutchins Agency, LLC

    •           CWE Entertainment, Corp. (owned by defendant Soliman)

    Between March and August 2020, Hutchins and Soliman received five Economic Injury Disaster Loans totaling $779,500.00. In addition, they received SVOG loans totaling $989,905.05, a PPP loan from Bank on Buffalo totaling $74,838, and a PPP loan from Northwest Bank totaling $41,140. In support of each of the loans, Hutchins and Soliman submitted false revenue and expense figures for the businesses on the loan applications.

    Charges remain pending against Roberto Soliman.

    The plea is the result of an investigation by the Federal Bureau of Investigation, under the direction of Special Agent-in-Charge Matthew Miraglia, the Internal Revenue Service, Criminal Investigation Division, under the direction of Acting Special Agent-in-Charge Harry Chavis, U.S. Customs and Border Protection, under the direction of Rose Brophy, Director of Field Operations, and the New York State Office of Professional Discipline. 

    # # # #

     

    MIL Security OSI

  • MIL-OSI Security: Ringleader of COVID-19 Relief Fraud Scheme Sentenced to Federal Prison

    Source: US FBI

    CINCINNATI – Joseph Lentine III, 55, of Cincinnati, was sentenced in U.S. District Court to 63 months in prison for orchestrating a COVID-19 relief fraud scheme involving millions of dollars.

    According to court documents, Lentine oversaw a fraud scheme in which he prepared and filed fraudulent loan applications and controlled a significant portion of the loan proceeds once obtained. He knowingly and intentionally made false statements to receive funds to which he and other applicants were not entitled. In addition to defrauding Small Business Administration loan programs, Lentine also fraudulently sought unemployment assistance and emergency rental assistance.

    In total, Lentine submitted more than 20 loan applications seeking more than $3 million and obtaining $1.5 million.

    The defendant personally received more than $450,000 in PPP loan proceeds related to this scheme and used the money to buy a yacht and a Mercedes Benz vehicle.

    As part of his sentence, Lentine was ordered to pay $1.2 million in restitution to the Small Business Administration and nearly $33,000 to the Ohio Department of Job and Family Services.

    Lentine pleaded guilty in April 2023 to conspiring to commit bank fraud and making a false statement on a loan or credit application.

    Kenneth L. Parker, United States Attorney for the Southern District of Ohio, and Elena Iatarola, Special Agent in Charge, Federal Bureau of Investigation (FBI), Cincinnati Division, announced the sentence imposed yesterday by U.S. District Court Judge Jeffery P. Hopkins. Assistant United States Attorney Ebunoluwa A. Taiwo is representing the United States in this case.

    # # #

    MIL Security OSI

  • MIL-OSI Security: Texas Man Formerly Employed by Ohio Company Convicted of Damaging Source Code and Deleting Data

    Source: US FBI

    CLEVELAND — A federal jury in Cleveland convicted a Texas man today for writing and deploying malicious code on his former employer’s network.

    According to court documents and evidence presented at trial, Davis Lu, 55, of Houston, was employed as a software developer for the victim company headquartered in Beachwood, Ohio, from November 2007 to October 2019.

    Following a 2018 corporate realignment that reduced his responsibilities and system access, Lu began sabotaging his employer’s systems. By Aug. 4, 2019, he introduced malicious code that caused system crashes and prevented user logins. Specifically, he created “infinite loops” (in this case, code designed to exhaust Java threads by repeatedly creating new threads without proper termination and resulting in server crashes or hangs), deleted coworker profile files, and implemented a “kill switch” that would lock out all users if his credentials in the company’s active directory were disabled. The “kill switch” code — which Lu named “IsDLEnabledinAD”, abbreviating “Is Davis Lu enabled in Active Directory” — was automatically activated upon his termination on Sept. 9, 2019, and impacted thousands of company users globally. Lu named other code “Hakai,” a Japanese word meaning “destruction,” and “HunShui,” a Chinese word meaning “sleep” or “lethargy.”

    Additionally, on the day he was directed to turn in his company laptop, Lu deleted encrypted data. His internet search history revealed he had researched methods to escalate privileges, hide processes, and rapidly delete files, indicating an intent to obstruct efforts of his co-workers to resolve the system disruptions. Lu’s employer suffered hundreds of thousands of dollars in losses as a result of Lu’s actions.

    “Mr. Lu was calculating in his intent to inflict damage to a company that provides products and services to businesses and organizations that span a variety of industries and fields,” said Acting United States Attorney Carol M. Skutnik of the United States Attorney’s Office for the Northern District of Ohio. “Together with our colleagues from the Criminal Division and the FBI, the U.S. Attorney’s Office will prosecute those who intend to disrupt business operations, especially, if it has the potential to inflict greater harm on national and international levels. We will hold perpetrators accountable and pursue justice against vindictive employees who break federal laws.”

    “Sadly, Davis Lu used his education, experience, and skill to purposely harm and hinder not only his employer and their ability to safely conduct business, but also stifle thousands of users worldwide,” said FBI Special Agent in Charge Greg Nelsen. “The FBI and its cadre of exceptionally qualified agents and analysts will continue to identify, find, and investigate individuals who seek to carry out deliberate and destructive actions against businesses or organizations for retaliatory or malicious purposes.”

    The jury convicted Lu of causing intentional damage to protected computers, for which he faces a maximum penalty of 10 years in prison. A sentencing date has not been set. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

    The FBI Cleveland Division investigated the case.

    Senior Counsel Candina S. Heath of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Daniel J. Riedl and Brian S. Deckert for the Northern District of Ohio are prosecuting the case.

    MIL Security OSI

  • Markets open higher; Nifty crosses 24,700 mark on broad-based buying

    Source: Government of India

    Source: Government of India (4)

    Indian equity markets opened on a firm note on Friday, with benchmark indices trading higher amid mixed global cues and strong domestic macroeconomic fundamentals. Early gains were led by buying interest in FMCG, IT, and auto stocks.

    At 9:29 AM, the BSE Sensex was up by 281.75 points, or 0.35%, at 81,233.74, while the NSE Nifty climbed 109.75 points, or 0.45%, to trade at 24,719.45.

    The Nifty Bank index was also in the green, rising 69.85 points, or 0.13%, to 55,011.15. Broader markets mirrored the positive trend, with the Nifty Midcap 100 gaining 258.10 points (0.46%) to 56,582.95 and the Nifty Smallcap 100 advancing 58.30 points (0.33%) to 17,561.40.

    Market experts attributed the upbeat sentiment to India’s robust economic indicators, including steady GDP growth and declining inflation and interest rates.

    Top gainers in the Sensex included ITC, Adani Ports, Infosys, PowerGrid, Tech Mahindra, Tata Steel, SBI, HCL Tech, UltraTech Cement, Tata Motors, and L&T. On the flip side, Sun Pharma, M&M, NTPC, Bajaj Finance, Bharti Airtel, Maruti Suzuki, and ICICI Bank were among the major laggards.

    In Asia, major markets such as China, Hong Kong, Bangkok, Seoul, Jakarta, and Japan were trading in the green, providing a supportive backdrop to Indian equities.

    Overnight in the US, key indices posted a mixed close. The Dow Jones Industrial Average ended almost flat at 41,859.09, down 1.35 points. The S&P 500 slipped 2.60 points to 5,842.01, while the Nasdaq Composite rose 53.09 points to 18,925.74.

    Experts noted that US equities were volatile following the retreat of Treasury yields after the passage of tax and spending legislation by the US House of Representatives.

    On the institutional front, foreign institutional investors (FIIs) were net sellers to the tune of ₹5,045.36 crore on May 22, while domestic institutional investors (DIIs) bought equities worth ₹3,715.00 crore.

    “Even when the market turns weak, domestic demand-driven segments like financials, telecom, and aviation remain resilient. This is evident in the strength of stocks like ICICI Bank, Bharti Airtel, and InterGlobe Aviation. The market is sending a clear signal,” said Dr. V.K. Vijayakumar, Chief Investment Strategist at Geojit Financial Services.

    -IANS

  • MIL-OSI Security: Ohio Woman Loses Life Savings in Cryptocurrency Investment Scam

    Source: US FBI

    CLEVELAND – The United States Attorney’s Office for the Northern District of Ohio (USAO) has filed a civil complaint in forfeiture against 8,207,578 Tether (USDT) cryptocurrency, valued at more than $8.2 million. USDT is a virtual currency which are digital tokens of value circulated over the internet. Its transactions are publicly recorded on what is known as a blockchain.

    According to court documents, the FBI has identified 33 victims of an investment fraud scheme across the country, including a victim from Northeast Ohio residing in the city of Mentor. In total, victims lost approximately $4.9 million. Five more accounts have also been found to be affected and the FBI is attempting to identify the respective owners. The victims associated with the additional accounts have lost approximately $1,071,086.

    Investigators found that scammers initially contacted the victims through seemingly misdirected, or “wrong number,” text messages. The fraudster then gained the victim’s trust and affection using various manipulative tactics. Once trust was established with the victim, the fraudster would share how much success they, or someone they knew, had with investing in cryptocurrency. This personal testimonial lessened any uncertainties the victims may have had about virtual currencies and eventually had the intended effect to persuade the victim to proceed with the investment.

    The fraudster would then guide the victim, step-by-step, on how to open a legitimate cryptocurrency account, most often with a U.S. based virtual currency exchange such as Crypto.com or Coinbase. The scammer would walk the victim through the entire process of transferring money from their bank to the newly created cryptocurrency account. Next, the victim received instructions on how to transfer the purchased cryptocurrency assets to an online “investment platform,” which would turn out to be a fake site created by the fraudsters to look like a legitimate company. Information on the platforms promised lucrative returns which encouraged victims to invest further. However, once the victim transferred their funds to the “investment platform” they unknowingly handed over complete control and ownership of their funds to the scammer. 

    The complaint also outlines that the perpetrators of such investment fraud schemes often allow victims to withdraw a portion of their “profits” early on in the scheme to build trust and reinforce their belief that the “investment platform” was legitimate. But as the scheme progressed, victims were unable to withdraw their funds and given excuses as to why they could not access their funds. For example, the fraudsters referred to a fake “tax” requirement, stating that taxes must be paid on the proceeds generated from the investment platform. Knowing that the scam would run its course soon, the fraudsters used last-ditch efforts to lie to victims that they had to pay a tax. Ultimately, victims were locked out of their account on the investment platform and lost their funds.

    A woman in Lake County, Ohio became the target of such a scam when she responded to a text on her phone from an unknown number in November 2023. She began sharing information via text with the person and the two bonded over topics such as hobbies and religion. Over a period of time, the victim followed instructions from her new “friend” and opened an account at Crypto.com and then transferred funds into the account. When the victim wanted to withdraw funds, her “friend,” relented and said additional payments were needed and she complied. When the victim no longer had any funds left after making additional payments, her “friend” began to threaten her that he would send his friends to “take care of” her friends and family. Having lost her entire life savings of approximately $663,352, including funds from her Roth IRA, the victim filed a complaint with the FBI’s Internet Crime Complaint Center to report the losses in June 2024. The FBI Cleveland Division subsequently initiated an investigation.

    Investigators conducted a blockchain analysis and determined that a portion of the funds stolen from victims were converted to USDT cryptocurrency and placed into three cryptocurrency addresses. Law enforcement officers executed a federal seizure warrant to recover 8,207,578 USDT tokens, in November 2024. Tether Limited then transferred these funds to a law-enforcement-controlled virtual currency wallet.

    By the Complaint in Forfeiture filed on Feb. 27, 2025, the United States seeks to forfeit the entire 8,207,578 USDT cryptocurrency. In the complaint, the United States alleges that the cryptocurrency accounts also contained additional funds above the victims’ traceable losses and, as proceeds of fraud, are also subject to forfeiture. Additionally, the complaint alleges that such other funds were involved in money laundering violations.     

    The claims asserted in the complaint are allegations only, and the United States must prove these allegations by a preponderance of the evidence at trial.

    If successful in this forfeiture action, the United States would seek to return the stolen funds to the victims.

    The FBI Cleveland Division is actively investigating cryptocurrency fraud schemes perpetrated on victims throughout the United States, including in the Northern District of Ohio. The United States is represented in this matter by Assistant United States Attorney James L. Morford. The USAO would like to acknowledge Tether for its assistance in this matter.

    If you observe something that you believe might be fraudulent conduct involving an older adult, contact the dedicated National Elder Fraud Hotline at 1-833-FRAUD-11 or 1-833-372-8311 and visit the FBI’s IC3 Elder Fraud Complaint Center at IC3.gov to report it.

    View Complaint:

    /usao-ndoh/media/1391461/dl?inline 

    MIL Security OSI

  • MIL-OSI Security: Pennsylvania Man Sentenced to Nine Years for Conspiring to Launder Cybercrime Fraud Proceeds

    Source: US FBI

    BIRMINGHAM, Ala. – A recidivist money launderer from Pennsylvania has been sentenced for his role in an international money laundering conspiracy, announced U.S. Attorney Prim F. Escalona and FBI Special Agent in Charge Carlton Peeples.

    U.S. District Court Judge L. Scott Coogler sentenced Toochukwu Michael Okorie, 46, of Bristol, Pennsylvania, to 108 months in prison.  Okorie was convicted in July of conspiracy to commit money laundering. In 2011, Okorie was convicted of wire fraud and money laundering in the Eastern District of Pennsylvania.

    According to evidence presented at trial, from June 2017 through May 2019, Okorie helped launder hundreds of thousands of dollars in fraud proceeds through two front companies: TMO Consulting LLC and Collective Intelligence Forensics LLC. During the conspiracy, Okorie and his co-conspirators would receive wire transfers from business email compromise, romance scam, and other frauds—including from victims in the Northern District of Alabama. Okorie and his co-conspirators would then move the fraud proceeds among bank accounts in an effort to disguise their origin and conceal their fraudulent nature. After paying themselves a commission, members of the conspiracy ultimately would wire the proceeds to bank accounts in Nigeria or use them to purchase automobiles that were shipped overseas.

    U.S. District Court Judge Anna M. Manasco previously sentenced two other individuals involved in the money laundering conspiracy: On January 20, 2022, Paulinus Ebhodaghe, 40, of Clementon, New Jersey, was sentenced to 37 months in prison; and Ohimai Asikhia, 37, of Glassboro, New Jersey, was sentenced to 18 months in prison.

    The FBI investigated the case. Assistant U.S. Attorneys Edward J. Canter and John M. Hundscheid prosecuted the case. 

    The U.S. Secret Service Cyber Fraud Task Force provided assistance during the investigation.

    For more resources on cybercrime, visit www.ic3.gov.

    MIL Security OSI

  • MIL-OSI Economics: Result of Underwriting Auction conducted on May 23, 2025

    Source: Reserve Bank of India

    In the underwriting auction conducted on May 23, 2025, for Additional Competitive Underwriting (ACU) of the undernoted Government securities, the Reserve Bank of India has set the cut-off rates for underwriting commission payable to Primary Dealers as given below:

    Nomenclature of the Security Notified Amount
    (₹ crore)    		 Minimum Underwriting Commitment (MUC) Amount
    (₹ crore)    		 Additional Competitive Underwriting Amount Accepted
    (₹ crore)    		 Total Amount underwritten
    (₹ crore)    		 ACU Commission Cut-off rate
    (paise per ₹100)
    6.75% GS 2029 15,000 7,518 7,482 15,000 0.03
    7.09% GS 2054 12,000 6,006 5,994 12,000 0.19
    Auction for the sale of securities will be held on May 23, 2025.

    Ajit Prasad          
    Deputy General Manager
    (Communications)    

    Press Release: 2025-2026/392

    MIL OSI Economics

  • MIL-OSI New Zealand: Budget 2025 – Oranga Whenua, Oranga Tangata: Hāpai Te Hauora Responds to Budget 2025

    Source: Hapai Te Hauora

    Hāpai Te Hauora says Budget 2025 is not a Budget for whānau – it is a Budget for landlords, corporates, and cuts.
    Finance Minister Nicola Willis promised no lolly scramble; but somehow, the sweet stuff still landed in boardrooms and business accounts, while the pantry stayed locked for whānau.
    “This Budget is a choice – and that choice is clear,” says Jacqui Harema, CEO of Hāpai Te Hauora. “A choice to gut pay equity. A choice to ask rangatahi to prove their poverty. A choice to back the boardroom while gutting community support.”
    Businesses receive a 20% tax write-off on new assets. Meanwhile, whānau get 25-cent KiwiSaver contributions, tighter benefit rules, and income-tested child payments. “A baby’s best start now depends on a parent’s payslip – that’s not equity,” Harema says.
    The wealthy retain their capital gains. Yet rangatahi on Jobseeker now face new restrictions based on their parents’ income. “We’re means-testing the vulnerable while letting privilege off the hook.”
    Health receives funding, but only just. Emergency departments remain overwhelmed. Nurses are still burning out. And while primary care sees a modest boost, there is no targeted investment in Māori health – and prevention is notably missing.
    “If we want to reduce long-term costs and create better outcomes, we must fund prevention,” says Jason Alexander, COO of Hāpai. “That means backing kaupapa Māori solutions before harm happens – not waiting until our people are in crisis.”
    Education receives $2.5 billion, but $614 million of that comes from scrapped initiatives. Programmes like Kāhui Ako are axed, and school lunches (Ka Ora, Ka Ako) are set to expire in 2026. “You do not build brighter futures by cutting kai from classrooms,” says Harema.
    Tax cuts favour business, while low- to middle-income families receive just $14 more a fortnight under Working for Families tweaks – roughly the cost of a pack of nappies.
    This Budget did not prioritise Māori health, wellbeing, or equity. It disestablished Te Aka Whai Ora, clawed back unspent Māori housing funds, and continued the short-term funding cycle.
    Hāpai Te Hauora’s Budget 2025 Wishlist included:
    • Investment in Māori-led housing
    • Protection of school lunch programmes
    • Long-term contracts for Māori health services
    • Increased income support and kaupapa Māori employment pathways
    • Serious investment in prevention
    What we got instead were cuts, exclusions, and short-term gains.
    “This is not the Budget for tamariki. Not for our mokopuna. Not for our taiao,” Harema says. “Whānau deserve better.” 

    MIL OSI New Zealand News

  • MIL-OSI Security: FBI Seeking Information Related to Attempted Bank Robbery

    Source: US FBI

    ANCHORAGE, AK—The FBI Anchorage Field Office is seeking information regarding an attempted bank robbery that took place on Thursday, August 8, 2024, at the First National Bank Alaska branch located at 1210 W Northern Lights Boulevard in Anchorage.

    At approximately 5:38 p.m., an unknown female suspect entered the bank, produced a note to one of the bank employees, and verbally demanded money. The unknown suspect then grabbed the note from the employee and fled from the area on a bicycle.

    Witnesses described the suspect as a female approximately 5’0″ tall. She wore a dark-colored, cold weather coat, with a face mask and gloves.

    If the public has any information concerning the attempted bank robbery, please contact the FBI Anchorage Field Office at 907-276-4441 or online at tips.fbi.gov.

    MIL Security OSI

  • MIL-OSI Security: Arizona Man Charged with Defrauding at Least 54 Victims in Investment Fraud Scheme

    Source: US FBI

    PHOENIX, Ariz. – Last week, a federal grand jury in Phoenix returned a 19-count indictment against Anthonie Ruinard, Jr., 39, of Chandler, for Wire Fraud and Transactional Money Laundering.

    The indictment alleges that Ruinard scammed at least 54 victims out of more than $5.6 million through an investment fraud scheme operated under the guise of a business called Legacy Investors Group Inc. Ruinard falsely portrayed himself as a successful investor worth over $470 million. He promised victim-investors guaranteed rates of return—generally 5% to 6% per month—through investments in venture capital, private equity, and real estate. While some of the early victim-investors received some initial payments to perpetuate the fraud, others lost their entire investment. Ruinard largely used the victims’ money for himself, including on luxury vehicles (for example, the purchase of an armored vehicle for $344,000), general living expenses, casino gambling, credit card payments, and rental expenses.

    A conviction for wire fraud carries a maximum penalty of 20 years in prison and a fine of up to $250,000, or both. A conviction for transactional money laundering carries a maximum penalty of 10 years in prison and a fine of up to $250,000, or both.

    An indictment is simply a method by which a person is charged with criminal activity and raises no inference of guilt. An individual is presumed innocent until evidence is presented to a jury that establishes guilt beyond a reasonable doubt.

    The Federal Bureau of Investigation – Phoenix Division conducted the investigation. The United States Attorney’s Office, District of Arizona, Phoenix, is handling the prosecution. If you believe you were defrauded by the defendant, and have not previously contacted the FBI, please reach out to the following email address: LegacyGroupVictims@fbi.gov or fill out the questionnaire at this link: https://forms.fbi.gov/legacygroupvictims/view

    CASE NUMBER:           CR-24-01904-PHX-SMB
    RELEASE NUMBER:    2024-163_Ruinard

     

    # # #

    For more information on the U.S. Attorney’s Office, District of Arizona, visit http://www.justice.gov/usao/az/
    Follow the U.S. Attorney’s Office, District of Arizona, on X @USAO_AZ for the latest news.

    MIL Security OSI

  • MIL-OSI Security: Brooklyn Man Admits to Fraudulently Entering Competitor Laboratory, Destroying and Stealing Equipment

    Source: US FBI

    NEWARK, N.J. –  A Brooklyn, New York man admitted to having entered a laboratory business on false pretenses and destroying and stealing that business’ equipment, U.S. Attorney John Giordano announced.

    Eric Leykin, 33, of Brooklyn, New York, pleaded guilty before U.S. District Judge Esther Salas in Newark federal court to a one-count indictment charging him with wire fraud.

    According to documents filed in this case and statements made in court:

    Leykin was the CEO of a clinical reference laboratory based in New Jersey. Leykin’s laboratory competed against the victim business, another clinical reference laboratory also based in New Jersey.  On June 30, 2022, Leykin bought and activated a prepaid mobile phone and called an employee of the victim business, claiming to be a technician with a vendor that the victim business used to service its laboratory equipment. On that false pretense, Leykin arranged with the victim business’ employee to come to the victim business on the following day, supposedly to service the victim business’ laboratory equipment. On July 1, 2022, the date of the supposed service appointment, Leykin went to the victim business, entered the premises fraudulently posing as a vendor technician, and proceeded to destroy a significant amount of the victim business’ laboratory and computer equipment. Leykin also stole multiple hard drives housed within the victim business’ equipment.

    The wire fraud count carries a maximum potential penalty of 20 years in prison and a maximum fine of either $250,000 or twice the gain or loss from the offense, whichever is greatest. Sentencing is scheduled for July 22, 2025.

    U.S. Attorney Giordano credited special agents of the FBI, under the direction of Acting Special Agent in Charge Terence G. Reilly in Newark, with the investigation leading to the guilty plea.  U.S. Attorney Giordano also thanked the Essex County Prosecutor’s Office, under the direction of Prosecutor Theodore N. Stephens II, and the Millburn Police Department, under the direction of Chief Brian Gilfedder, for substantial assistance provided to the investigation.

    The government is represented by Assistant U.S. Attorneys Andrew M. Trombly, Deputy Chief of the Cybercrime Unit, and Chana Y. Zuckier of the Bank Integrity, Recovery, and Money Laundering Unit.

                                                               ###

    Defense counsel: Albert Dayan, Esq.; Robert DeGroot, Esq.; Oleg Nekritin, Esq.

    MIL Security OSI

  • MIL-Evening Report: ‘Starving’ masked Palestine protesters condemn Luxon’s Gaza ‘appeasement’

    Asia Pacific Report

    Protesting New Zealanders donned symbolic masks modelled on a Palestinian artist’s handiwork in Auckland’s Takutai Square today to condemn Israel’s starvation as war weapon against Gaza and the NZ prime minister’s weak response.

    Coming a day after the tabling of Budget 2025 in Parliament, peaceful demonstrators wore hand-painted masks inspired by Gaza-based Palestinian artist Reem Arkan, who is fighting for her life alongside hundreds of thousands of the displaced Gazans.

    The “bodies” represented more than 53,000 Palestinians killed by Israel’s brutal 19-month war on Gaza.

    The protest coincided with Prime Minister Christopher Luxon addressing the Trans-Tasman Business Circle in Auckland.

    The demonstrators said they chose this moment and location to “highlight the alarmingly tepid response” by the New Zealand government to what global human rights organisations — such as Amnesty International and Human Rights Watch — have branded as war crimes and acts of collective punishment amounting to genocide.

    “This week, we heard yet another call for Israel to abide by international law. This is not leadership. It’s appeasement,” said a spokesperson, Olivia Coote.

    “The time for statements has long passed. What we are witnessing in Gaza is a humanitarian catastrophe, and New Zealand must impose meaningful sanctions.

    “Israel’s actions, including the deliberate targeting of civilian infrastructure, forced displacement, and obstruction of humanitarian aid, constitute grave breaches of the Geneva Conventions of which we are signatories.”

    A self-portrait by Palestinian artist Reem Arkan who depicts the suffering of Gaza – and the beauty – in spite of the savagery of the Israel attacks. Image: Insta/@artist_reemarkan

    Green Party Co-Leader Chlöe Swarbrick challenged Prime Minister Luxon in Parliament over his government’s response earlier this week, saying: “We’ve had lots of words. We need action.”

    Luxon claimed that sanctions were in place — but the only measure taken has been a travel ban on 12 extremist Israeli settlers from the West Bank.

    “This is an action that does nothing to protect the more than two million Palestinians in Gaza who face daily bombardment, siege, and starvation,” Coote said.

    The protesters are calling on the New Zealand government to act immediately by:

    • Imposing sanctions on Israel; and
    • Suspending all diplomatic and trade relations with Israel until there is an end to hostilities and full compliance with international humanitarian law.

    “This government must not be complicit in atrocities through silence and inaction,” Coote said. “The people of Aotearoa New Zealand demand leadership as the world watches a genocide unfold in real time.”

    A street theatre protester demonstrates today against starvation as a weapon of war as deployed by Israel in its brutal war on Gaza. Image: APR

    MIL OSI AnalysisEveningReport.nz

  • MIL-OSI Security: Federal Jury Convicts Siblings of Fraud; Defendants Made Tens of Millions of Dollars from Lying to Manufacturers in Years-Long Scheme

    Source: US FBI

    SAN DIEGO – Adriana Camberos (formerly Adriana Shayota) and Andres Camberos, sister and brother, were convicted by a federal jury of multiple fraud charges on October 25, 2024.

    Their illegal scheme involved lying to manufacturers to sell wholesale groceries and other goods at steep discounts by promising the goods would be sold in Mexico, or to prisons or rehabilitation facilities. Instead, the defendants sold the products at higher prices to U.S. distributors, for the U.S. market. Wire fraud charges arose from the numerous wire transfers, as well as other interstate communications, the defendants made as they bought products from the manufacturers, transferred money among their own companies to facilitate the scheme, and then re-sold the products at higher prices to U.S. customers.

    Following an 11-day trial, the jury found the defendants guilty of eight of 11 counts that went to the jury. Adriana and Andres Camberos were both found guilty of conspiracy to commit wire and mail fraud and seven wire fraud counts, and not guilty of three mail fraud counts.

    According to evidence presented at trial, the defendants owned and controlled three businesses: Tradeway International, Inc., doing business as Baja Exporting (owned by Adriana Camberos); Specialty Foods International, Inc., doing business as Promix Co., Prison Food Depot, Rehab Food Depot and Specialty Foods International (owned by Andres Camberos); and Baja Foodservice S.R.L. de C.V. (95% owned by Andres Camberos and managed by Adriana Camberos). Specialty Foods International and Baja Exporting shared a warehouse and office space in San Diego. Baja Foodservice had a warehouse in Tijuana. All three operated together, as sister companies.

    Baja Exporting claimed to be an exporter of grocery items and consumer goods to Baja California, Mexico. Similarly, Specialty Foods International, claimed to be a regional distributor of groceries and other goods to retailers in Baja California, Mexico, and to correctional facilities and rehabilitation and wellness facilities within the United States. Baja Foodservice likewise claimed to be a regional distributor in Baja California, Mexico.

    The defendants used the three companies—especially Baja Foodservice—to tell manufacturers that they would sell the manufacturers’ products in Mexico, and based on that, they received significant discounts for purported sales, distribution, and exporting to the Baja California market. The defendants also sought discounted goods for Specialty Foods International, d/b/a Prison Food Depot and Rehab Food Depot, based on the claim that they sold products to prisons and rehab facilities.

    But the defendants lied. In a years-long scheme, they used their three companies to get those lower prices from manufacturers and resell the products at higher prices to U.S. customers—often the same distributors the victim companies were already selling their products to. Between 2019 and September 2023 alone, Baja Exporting and Specialty Foods International sold hundreds of millions of dollars of products to U.S. distributors; less than a tenth of one percent of their sales were to any Mexican retailer or distributor, and they did no business with prisons or rehab centers.

    The defendants took other numerous steps to conceal and perpetuate their fraud. For example, the defendants removed GPS tracking devices from manufacturers’ shipments; removed Spanish-language labels or packaging intended for the Mexican market; obtained Mexican customs documents to try to prove to manufacturers that products were being exported; arranged “market visits” in Tijuana, taking manufacturers’ representatives to various stores in Baja California where they placed the manufacturers’ products—often alongside models who were hired by the defendants’ companies and associates—to create the appearance the products were being sold as promised; had a fake “office” in Mexico City to meet with manufacturers, in an effort to make the companies think the defendants did substantial business in Mexico; and otherwise doubled down on their lies when the victim companies suspected the defendants were diverting their products  and defrauding them.

    Baja Exporting and Specialty Foods International made over $58 million in gross profits between January 2019 and September 2023. As owners, the defendants made millions each. In the same time period, Adriana Camberos took in over $12 million from Baja Exporting, and Andres Camberos paid himself over $14 million from Specialty Foods International. This caused manufacturers to lose tens of millions of dollars—money they would have made in the normal course of selling to U.S. distributors, but for the defendants’ lies.

    With the money they made from the scheme, Adriana and Andres Camberos made extensive luxury purchases and investments. They bought or financed a Ferrari F12 Berlinetta, a Lamborghini Huracan, and multiple Range Rovers; purchased multiple homes in the San Diego area; purchased a condominium at the beach in Coronado; and put the money in multiple investment accounts, life insurance policies, a cryptocurrency account, and other assets. These and other items are subject to forfeiture.

    “These defendants’ deception led to millions in illegal profits, but the gain was fleeting,” said U.S. Attorney Tara McGrath. “When this elaborate scheme unraveled, justice prevailed.”

    “The Camberos siblings built a multimillion-dollar empire solely on fraud,” said FBI San Diego Special Agent in Charge Stacey Moy. “This conviction should send a clear message that fraud — no matter the scale — will be thoroughly investigated and those found guilty of perpetrating such schemes will be brought to justice.”

    The defendants are scheduled to be sentenced on March 3, 2025, before U.S. District Judge Cynthia Bashant.

    This case is being prosecuted by Assistant U.S. Attorneys Joshua Mellor, Peter Horn and Jordan Arakawa.

    DEFENDANTS                                             Case Number 23-CR-1916-BAS                            

    Adriana Isabel Camberos (aka Adriana Shayota)      Age: 54                       San Diego, CA

    Andres Enrique Camberos                                          Age: 45                       San Diego, CA

    SUMMARY OF CHARGES

    Conspiracy to Commit Mail and Wire Fraud – Title 18, U.S.C., Section 1349

    Maximum Penalty: Twenty years in prison

    Wire Fraud – Title 18, U.S.C., Section 1343

    Maximum Penalty: Twenty years in prison

    INVESTIGATING AGENCY

    Federal Bureau of Investigation

    MIL Security OSI

  • MIL-OSI Security: Distributor of ANOM Hardened Encrypted Devices Sentenced to 63 Months in Prison for Racketeering Conspiracy

    Source: US FBI

    SAN DIEGO – Osemah Elhassen of Sydney, Australia, was sentenced in federal court today to 63 months in prison for participating in a worldwide conspiracy to distribute hardened encrypted communication devices to criminal syndicates to facilitate drug trafficking and other crimes.

    Elhassen was one of 17 defendants indicted in San Diego in 2021 in connection with Operation Trojan Shield, an international law enforcement effort in which the FBI secretly operated an encrypted messaging network used by criminals, leading to the arrests of hundreds worldwide.

    According to court records, the platform was known as ANOM. While ANOM’s criminal users unknowingly communicated on the system operated by the FBI, agents catalogued more than 27 million messages between users around the world whose criminal discussions were covertly obtained and reviewed by the FBI. The platform was taken down in June 2021. Please see Operation Trojan Shield in 2021.

    Elhassen pleaded guilty in May 2024 to Count 1 of a superseding indictment charging him and the others with a racketeering conspiracy in connection with the ANOM enterprise. A citizen of Australia, Elhassen was a Colombia-based distributor of ANOM devices who was also directly involved in drug trafficking and money laundering.

    Elhassen admitted that around November 2019, he became a member of the ANOM enterprise. According to his plea agreement, he admitted to helping accomplish the illegal objectives of that enterprise, including drug trafficking, money laundering, and obstruction of justice offenses. To that end, Elhassen distributed ANOM devices to criminal end-users for over a year and a half, and in doing so, facilitated the importation, exportation, and distribution of at least 15 kilograms of cocaine and the laundering of proceeds from the enterprise’s illegal activities.

    According to the government’s sentencing filings, Elhassen’s ANOM messages show significant distribution of ANOM devices in Colombia and other places. His messages also show that Elhassen participated in providing ANOM device support and arranging subscription renewals, among other sales and price-setting activity.

    Elhassen was arrested in Colombia in June 2021 and was extradited to the Southern District of California in May 2023. He pleaded guilty in May 2024.

    “Despite use of sophisticated technology and extreme measures to conceal the criminal enterprise, Mr. Elhassen could not thwart federal investigators,” said U.S. Attorney Tara McGrath. “The sentence today demonstrates that even those who go to the greatest lengths to hide will be held to account.”

    “Evidence collected during Operation Trojan Shield showed that distributors of ANOM devices, like Mr. Elhassen, were not merely providing a messaging service but enabling and facilitating Transnational Criminal Organizations,” said FBI San Diego Special Agent in Charge, Stacey Moy. “Today’s sentence should send a strong message to the users and distributors of these types of devices. The FBI will continue to collaborate with domestic and international partners on new and innovative strategies to combat the ever-evolving threat posed by transnational criminal organizations.”

    This case is being prosecuted by Assistant U.S. Attorneys Joshua C. Mellor, Mikaela L. Weber, and Peter S. Horn. The Justice Department’s Office of International Affairs and the Narcotic and Dangerous Drug Section’s Judicial Attaché Office in Bogota provided significant assistance in securing the arrest and extradition of Elhassen. The United States also thanks Colombian law enforcement authorities for their valuable assistance.

    Three other defendants in this case have pleaded guilty, including Dragan Nikitovic, aka Dr. Djek; Edwin Harmendra Kumar, aka Edwin Harmendra Valentine; and Miwand Zakhimi, aka Maiwand Zakhimi. They are scheduled to be sentenced in December 2024 and January 2025. A trial for four other defendants is scheduled for March 10, 2025. Eight other defendants in the case are yet to be extradited to the United States, and one is a fugitive.

    For further information on investigations and prosecutions of encrypted communication providers, see https://www.justice.gov/usao-sdca/pr/fbi-s-encrypted-phone-platform-infiltrated-hundreds-criminal-syndicates-result-massive (ANOM), https://www.justice.gov/usao-sdca/pr/sky-global-executive-and-associate-indicted-providing-encrypted-communication-devices (Sky Global), and https://www.justice.gov/usao-sdca/pr/chief-executive-communications-company-sentenced-prison-providing-encryption-services (Phantom Secure).

    Operation Trojan Shield is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level drug traffickers, money launderers, gangs, and transnational criminal organizations that threaten the United States by using a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks.

    DEFENDANT                                               Case Number 21cr1623-JLS-17                                   

    Osemah Elhassen                                            Age: 51                                   Sydney, Australia

    SUMMARY OF CHARGES

    Count 1:  Racketeering Conspiracy – Title 18, U.S.C., Section 1962(d)

    Maximum penalty: Twenty years in prison, and fine of up to $250,000 or twice the gain or loss

    INVESTIGATING AGENCIES

    Federal Bureau of Investigation

    Drug Enforcement Administration

    United States Marshals Service

    Department of Justice, Office of International Affairs

    Australian Federal Police

    Swedish Police Authority

    Lithuanian Criminal Police Bureau

    National Police of the Netherlands

    EUROPOL                                                          

    MIL Security OSI

  • MIL-OSI Security: Owner of Marketing Companies and DME Company Convicted for Role in $100 Million Scheme to Defraud Medicare and Other Insurers and to Violate the Anti-Kickback Statute

    Source: US FBI

    NEWARK, N.J.  A Florida man was convicted by a federal jury for his role in a durable medical equipment (DME) kickback scheme that caused millions of dollars in losses to Medicare and other insurance providers, United States Attorney John Giordano announced.

    Following a month-long jury trial before U.S. District Judge Michael E. Farbiarz, Raheel Naviwala, 36, of Coral Springs, Florida, was convicted on Feb. 28, 2025, of conspiracy to commit health care fraud and wire fraud, one count of health care fraud, conspiracy to violate the Anti-Kickback Statute, and three counts of violating the Anti-Kickback Statute. He was also acquitted of two counts of health care fraud.

    “This Office is committed to prosecuting those like the defendant who seek to profit by defrauding and corrupting our nation’s medical systems,” United States Attorney John Giordano said. “When people siphon millions from Medicare to line their own pockets, regular citizens pay the price. This case demonstrates that serious consequences will follow for such conduct.”

    “The scheme Naviwala and his co-conspirators created to steal money from the government was complex and expansive,” FBI Acting Special Agent in Charge Terence G. Reilly said. “However, FBI Newark and our law enforcement partners have the expertise and grit to dig through mountains of data and find the fraudsters. We want this case to serve as a warning to anyone hoping to capitalize on hiding under the red tape – we are still here, and you will eventually get caught.”

    “The defendant convicted in this case prioritized greed over the provision of appropriate health care services to patients, bilking the federal government for medically unnecessary durable medical equipment,” stated Special Agent in Charge Naomi Gruchacz with the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners to ensure the integrity of the federal health care system and hold accountable owners and providers engaging in fraud that targets its programs.”

    “Investigating corrupt schemes that undermine the integrity of TRICARE, the healthcare system for military members and their families, is a top priority for the Department of Defense Office of Inspector General’s Defense Criminal Investigative Service (DCIS),” stated Special Agent in Charge Patrick J. Hegarty, DCIS Northeast Field Office. “Mr. Naviwala’s illegal schemes put the TRICARE program and its beneficiaries at risk. We are committed to working with our partner agencies and the Department of Justice to pursue those individuals who selfishly place personal gain over the safety and care of TRICARE beneficiaries.”

    “Schemes such as these compromise the integrity of VA’s programs and services and divert funds from our nation’s deserving veterans,” said Special Agent in Charge Christopher F. Algieri with the Department of Veterans Affairs Office of Inspector General’s Northeast Field Office. “The VA OIG will continue to work with our law enforcement partners to root out fraudsters and hold them accountable.”

    According to the evidence at trial:

    Naviwala and his coconspirators purchased lists of Medicare patients’ names, addresses, and phone numbers, and hired telemarketers to convince the patients to get DME (orthotic braces). These telemarketers pre-filled prescriptions and picked the highest-paying braces to bill to insurers. Naviwala then paid telemedicine doctors to sign the pre-filled prescriptions for braces, regardless of whether the patients needed or wanted braces. Generally, the telemedicine doctor did not even speak to the patients before signing the pre-filled prescriptions.

    Naviwala then sold the signed prescriptions to DME supply companies that could bill Medicare, TRICARE, and other insurers for the braces. To conceal the fraud, Naviwala and his coconspirators signed sham contracts and used sham invoices that falsely represented that Naviwala was billing DME supply companies for marketing or consulting.

    Naviwala also owned and operated a DME supply company that was used to bill Medicare, and which submitted claims to Medicare for up to nine braces for a single patient.

    To further conceal his illegal conduct, Naviwala put multiple of his businesses in the names of nominee owners. The nominee owners generally performed no legitimate work for any company and were paid to hide Naviwala’s involvement.

    Medicare and other insurers paid hundreds of millions of dollars to members of the conspiracy and paid at least approximately $100 million for DME associated with Naviwala’s companies. Naviwala personally pocketed more than $10 million in fraud proceeds.

    Conspiracy to commit health care fraud and wire fraud is punishable by a maximum potential penalty of 20 years in prison. Health care fraud is punishable by a maximum potential penalty of 10 years in prison. Conspiracy to violate the federal Anti-Kickback Statute is punishable by a maximum potential penalty of five years in prison. Each count of illegal kickbacks is punishable by a maximum potential penalty of 10 years in prison. Each count is also punishable by a fine. Sentencing is scheduled for 10 a.m. on July 29, 2025, before Judge Farbiarz in Newark.

    United States Attorney John Giordano credited special agents of the FBI, under the direction of Acting Special Agent in Charge Terence G. Reilly in Newark; HHS-OIG, under the direction of Special Agent in Charge Naomi Gruchacz; DCIS, under the direction of Special Agent in Charge Patrick J. Hegarty; and the U.S. Department of Veterans Affairs Office of Inspector General, under the direction of Special Agent in Charge Christopher F. Algieri with the investigation leading to the conviction.

    The government is represented by Assistant U.S. Attorneys Elaine K. Lou, Deputy Chief of the Criminal Division, Matthew Specht of the Special Prosecutions Division, and Aaron L. Webman of the Economic Crimes Unit in Newark.

                                                               ###

    Defense counsel:

    Jamie Hoxie Solano, Esq. New York, New York

    Amy C. Brown, Esq. New York, New York

    Bryan W. McCracken, Esq. New York, New York

    Ifedapo Benjamin, Esq. New York, New York

    MIL Security OSI

  • MIL-OSI Security: Trussville Man Sentenced in Multimillion-Dollar Health Care Fraud Case

    Source: US FBI

    BIRMINGHAM, Ala. – Another man has been sentenced in a series of cases involving multi-million-dollar health care fraud and kickback conspiracies, announced U.S. Attorney Prim F. Escalona; Federal Bureau of Investigation Special Agent in Charge Carlton L. Peeples; and U.S. Department of Health and Human Services, Office of Inspector General, Special Agent in Charge Tamala E. Miles. 

    “This was a crime of greed and indifference to the consequences of the actions to the overall health system,” said U.S. Attorney Prim Escalona. “The crime cost insurers millions of dollars, and it exploited vulnerable patients trying to get appropriate medical care, not run up the tab on insurance. We will continue to fight hard to keep our community safe from serious crimes like this one.”

    “Health care fraud is not a victimless crime. It costs U.S. taxpayers millions of dollars every year. It can raise health insurance premiums, expose patients to unnecessary medical procedures, and increase taxes,” said James DeLoatch, Acting Special Agent in Charge of the FBI Birmingham Division. “The FBI is committed to coordinating with our partners and aggressively pursuing those who take advantage of others for their personal gain. This sentencing should serve as a warning to others who might engage in these types of schemes.”

    “Kickback arrangements can compromise medical decisions and threaten the integrity of federally funded health care programs,” said Tamala E. Miles, Special Agent in Charge at the U.S. Department of Health and Human Services Office of Inspector General. “Today’s sentence exemplifies our commitment to protecting taxpayer-funded health care programs and the patients they serve.”

    Earlier this week, U.S. District Court Judge L. Scott Coogler sentenced John Alan Robson, 41, of Trussville, to 56 months in prison. Robson was also ordered to pay forfeiture of about $1.1 million, and restitution of about $5.3 million. In February 2024, Robson pleaded guilty to health care fraud conspiracy related to his work with Brian Bowman, James Ray, and others.

    According to Robson’s plea agreement, Robson knew that insurers would not pay for items or services that had been ordered based on kickbacks or that were medically unnecessary for a patient. Yet Robson received kickbacks—from specialty pharmacies, a nerve conduction testing company, and brace suppliers—to generate medically unnecessary orders and prescriptions from doctors’ offices that would be billed to insurance and reimbursed at high rates.

    For example, Robson marketed nerve conduction testing to medical providers for a Huntsville-based company called QBR or Diagnostic Referral Community. QBR paid those providers a flat fee (for example, $50) for each test they ordered that insurance paid for. QBR paid Robson a flat fee for each of those tests, too. QBR paid one of Robson’s medical practices more than $100,000 in per-test kickbacks.

    As another example, Robson marketed high-reimbursing topical creams—such as pain creams and scar creams—to providers on behalf of specialty pharmacies like Global Compounding Pharmacy and Watson Rx Solutions. Robson was paid lucrative commissions on the cream prescriptions that he and his team generated and insurance paid for. Robson got prescriptions for himself and family members regardless of whether those topical creams were medically necessary for the patients. Robson and other sales reps got blank pre-signed prescriptions from medical providers, filled out the prescriptions to make sure insurance would pay for them, and even selected the drugs or drug formulations to make sure insurance would pay for them. Robson admitted that federal insurance programs paid millions of dollars for medically unnecessary prescriptions for which Robson, Ray, and Bowman received commissions.

    This case is the latest in a series of cases involving health care fraud and kickbacks through pain clinics, specialty pharmacies, and a nerve conduction company in north Alabama.

    The FBI and HHS-OIG investigated this case.  Assistant U.S. Attorneys J.B. Ward and Don Long prosecuted the case. 

    See related press here:

    https://www.justice.gov/usao-ndal/pr/medical-sales-rep-and-former-pain-clinic-owner-sentenced-related-multi-million-dollar

    https://www.justice.gov/usao-ndal/pr/pain-clinic-owners-sentenced-unlawfully-distributing-opioids-and-multimillion-dollar

    https://www.justice.gov/usao-ndal/pr/etowah-pain-clinic-owner-pleads-guilty-multi-million-dollar-kickback-and-health-care

    https://www.justice.gov/usao-ndal/pr/multiple-defendants-sentenced-major-compounding-pharmacy-fraud-conspiracy

    https://www.justice.gov/usao-ndal/pr/new-hope-man-sentenced-his-role-multi-million-dollar-kickback-and-health-care-fraud

    MIL Security OSI

  • MIL-OSI Security: Alabama Man Pleads Guilty to Violating Iran Sanctions

    Source: US FBI

    BIRMINGHAM, Ala. – Ray Hunt, also known as Abdolrahman Hantoosh, Rahman Hantoosh and Rahman Natooshas, 70, of Owens Cross Roads, pleaded guilty today to conspiracy to export U.S.-origin goods to the Islamic Republic of Iran in violation of trade sanctions.

    According to court documents, in May 2014, Hunt registered Vega Tools, LLC with the Alabama Secretary of State, listing the nature of the business as “the purchase/resale of equipment for the energy sector.” He operated Vega Tools, including purchasing, receiving, and shipping U.S.-origin goods, from locations in Madison County, Alabama. Beginning at least as early as 2015, Hunt conspired with two Iranian companies located in Tehran, Iran, to illegally export U.S.-manufactured industrial equipment for use in Iran’s oil, gas, and petrochemical industries.

    Hunt engaged in a series of deceptive practices to avoid detection by U.S. authorities, including using third-party transshipment companies in Turkey and the United Arab Emirates (UAE) and routing payments through UAE banks, as well as lying to shipping companies about the value of his exports to prevent the filing of Electronic Export Information to U.S. authorities. Hunt lied to suppliers and shippers by claiming the items he purchased on behalf of the Iranian co-conspirators were destined for end-users in Turkey and UAE, while knowing the exports were ultimately destined for Iran. Hunt lied also to U.S. Customs and Border Patrol officers regarding the nature and existence of his business when questioned upon his return from a March 2020 trip to Iran.   

    Hunt pleaded guilty to a conspiracy charge and faces a maximum penalty of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

    The Department of Commerce Bureau of Industry and Security is investigating the case with valuable assistance provided by the FBI. 

    Assistant U.S. Attorneys Jonathan “Jack” Harrington, Jonathan Cross, and Henry Cornelius and Trial Attorneys Emma Ellenrieder and Adam Barry of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case.

    MIL Security OSI