SIOUX FALLS – United States Attorney Alison J. Ramsdell announced that a jury has convicted Christopher Spider, a/k/a “House”, age 45 of South Dakota and Lance Brunsting, age 56, of Colorado, of Conspiracy to Distribute a Controlled Substance following a four-day jury trial in federal district court in Sioux Falls, South Dakota. The verdict was returned on March 27, 2025.
The charges carry a mandatory minimum of 10 years and up to life in custody and/or a $10,000,000 fine, mandatory minimum of five years and up to life of supervised release, and a $100 special assessment to the Federal Crime Victims Fund.
Christopher Spider was also convicted of Tampering with a Witness. That charge carries a maximum penalty of 20 years imprisonment and/or a $250,000 fine, a possibility of up to three years of supervised release, and a $100 special assessment to the Federal Crime Victims Fund.
Spider and Brunsting were indicted by a federal grand jury in August 2023.
Brunsting and Spider, along with numerous other individuals, conspired to distribute hundreds of pounds of methamphetamine throughout the state of South Dakota.
Spider, a resident of Crow Creek, was responsible for distributing approximately 30 pounds of methamphetamine throughout the Crow Creek Indian Reservation during his involvement in the conspiracy. While under Indictment for the offense, Spider sent a letter to another witness attempting to intimidate the witness into changing her testimony at trial. The letter was reported to law enforcement and Spider was subsequently indicted for Witness Tampering.
Brunsting, a resident of Denver, Colorado, was responsible for assisting in the weighing, packaging, and ultimate distribution of approximately 100 pounds of methamphetamine. Brunsting made a trip to South Dakota alongside another co-conspirator where he assisted in selling approximately 41 pounds of methamphetamine throughout the state of South Dakota and into Minnesota.
“Christopher Spider and Lance Brunsting were involved in one of the largest methamphetamine conspiracies in South Dakota history,” said U.S. Attorney Alison J. Ramsdell. “Our office was able to successfully prosecute the large-scale drug conspiracy thanks to the exceptional collaborative and investigative efforts of our federal, state, local, and tribal law enforcement partners. Last week’s convictions represent a crucial step toward bringing these individuals to justice for the roles they played in bringing hundreds of pounds of illegal narcotics into our South Dakota communities.”
The Drug Enforcement Administration provided the following statement: “The two individuals convicted last week are responsible for inflicting immeasurable harm on members of our South Dakota communities,” Drug Enforcement Administration Omaha Division Acting Special Agent in Charge Rafael Mattei said. “Their arrest and conviction should serve as a warning to drug traffickers that the combined efforts of state, local and federal law enforcement will bring those pushing these dangerous substances to justice.”
This case was investigated by the Drug Enforcement Administration (including the Rocky Mountain Field Division, Omaha Field Division, Mexico City Country Office, Los Angeles Field Division, Special Operations Division), as well as South Dakota Division of Criminal Investigation, Sioux Falls Area Drug Task Force, FBI, South Dakota Highway Patrol, U.S. Postal Inspection Service, IRS Criminal Investigation team, El Paso Intelligence Center, and collaboration received from the U.S. Attorney’s Office for the District of Colorado, Bureau of Indian Affairs, U.S. Marshals Service, Minnehaha County Sheriff’s Office, Sioux Falls Police Department, Mitchell Police Department, Denver Police Department, Las Vegas Metro Police Department, Worthington Police Department, Brookings Police Department, Brookings Sherriff’s Department, Rock County Sheriff’s Office, Lake Superior Violent Offender Task Force, Central Minnesota Violent Offender Task Force, Minnesota River Valley Drug Task Force, and the Colorado Department of Corrections. Assistant U.S. Attorney Paige Petersen prosecuted the case.
A presentence investigation was ordered and a sentencing date has been set for June 16, 2025. The defendants were remanded to the custody of the U.S. Marshals Service.
Richard G. Frohling, Acting United States Attorney for the Eastern District of announced today that James Poole (age 19) was sentenced to 11 years in federal prison for his role in armed carjackings in Milwaukee.
According to court records, Poole participated in two armed carjackings in late January 2024. In each of the carjackings, Poole brandished a firearm. On January 29, 2024, at approximately 7:45 pm, Poole committed a carjacking on the 2400 block of N. Farwell Avenue on the East Side of Milwaukee. The following day, at approximately 5:00 pm, Poole engaged in a carjacking in a parking lot in downtown Milwaukee, near 2nd Street and Plankinton Avenue. Shortly after the second carjacking, while driving the stolen vehicle, Poole led members of the Milwaukee Police Department on a high-speed chase through residential neighborhoods and reaching speeds of 90 mph. Poole ultimately crashed the stolen car into a tree near 82nd and Burleigh Streets, causing life-threatening injuries to all passengers inside the stolen vehicle. Following his term of imprisonment, Poole also will spend three years on supervised release. He also was ordered to pay restitution.
Poole’s co-defendant, Jabari Griffin (age 21), was sentenced on February 27, 2025, for his role in aiding and abetting Poole in the January 30, 2024, carjacking. Griffin was sentenced to 6 years in federal prison and three years of supervised release.
“Individuals who engage in violent crimes – like these armed carjackings – not only endanger the lives and well-being of their victims but also can shatter the confidence of all residents that our cities are safe places in which to live and work,” said Acting U.S. Attorney Frohling. “The U.S. Attorney’s Office remains committed to working with all of its federal, state, and local law enforcement partners to hold these individuals accountable for their actions and to pursue justice for all impacted victims.”
“Armed carjackings and the dangerous actions of those who committed the offenses in this case endangered the public and impacted the victims of this crime. This sentencing reflects the severity of the crimes committed by James Poole,” said FBI Milwaukee Special Agent in Charge Michael Hensle. “The FBI remains steadfastly committed to working with our partners to investigate violent crime matters—to include armed carjackings—in our ongoing efforts to positively impact public safety within our community.”
“The Milwaukee Police Department (MPD) is proud of the dedication and hard work of everyone involved in holding violent individuals accountable for their actions. Armed carjackings are violent acts that cause great harm to our community. Those that bring harm to our community must be held accountable.” said Milwaukee Police Chief Jeffrey Norman. “MPD values our collaboration with the community, federal, state and local law enforcement partners to build a safer city for everyone to live, work and play.”
This matter was investigated by the FBI’s Milwaukee Area Violent Crimes Task Force, including the Milwaukee Police Department. It was prosecuted by Assistant United States Attorneys Abbey M. Marzick and Michael C. Schindhelm.
Burlington, Vermont – The United States Attorney’s Office for the District of Vermont stated that on March 31, 2025, Nathaniel “JJ” Jones, 39, of Springfield, Massachusetts, was sentenced by United States District Judge William K. Sessions III to a term of 135 months’ imprisonment to be followed by a 3-year term of supervised release. Jones previously pleaded guilty to distribution of fentanyl and cocaine.
Three codefendants had previously been sentenced in the case. Jermaine “Bear” Douchette, 44, of Springfield, Massachusetts also received a sentence of 135 months’ imprisonment on December 16, 2024. Michelle Provencher, 26, of Irasburg, Vermont received a sentence of 37 months’ imprisonment on February 10, 2025. Daniel Peters, 29, of Newport, Vermont received a sentence of 45 months’ imprisonment on February 24, 2025. Three additional codefendants—Tyler Norris, Erica Desormeaux, and Jeremy Young—are awaiting sentencing.
According to court records, “JJ” Jones and co-defendant “Bear” Douchette stayed at multiple short-term rental units and residences in Orleans County in 2022 while distributing fentanyl and cocaine they periodically acquired in Massachusetts. Between August and October 2022, they used the residence of Desormeaux and Young in Barton, Vermont, to prepare, store, and distribute the drugs to customers in the Northeast Kingdom. Provencher assisted Jones and Douchette in finding customers and willing hosts. Many of the conspirators carried firearms as part of their activities, and the group took firearms from some customers in exchange for drugs. Some of the group, including Jones and Douchette, made threats and engaged in acts of violence in furtherance of the conspiracy.
Acting United States Attorney Michael P. Drescher commended the collaborative investigatory efforts of the Northern Vermont Drug Task Force (NVDTF) and the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) in this case. He also noted the assistance NVDTF and ATF received from the Vermont State Police, the Orleans County Sheriff’s Department, the Newport Police Department, the Federal Bureau of Investigation, U.S. Customs and Border Protection’s Air and Marine Operations, and Homeland Security Investigations throughout the investigation and prosecution.
“This case underscores the relentless commitment of ATF and our law enforcement partners to disrupt and dismantle drug trafficking organizations that threaten the safety of our communities through the distribution of deadly narcotics and illegal firearms,” said James M. Ferguson, Special Agent in Charge of the ATF Boston Field Division. “The sentences handed down as a result of this investigation send a clear message: we will not tolerate violent criminal activity in the Northeast Kingdom or anywhere else in Vermont.”
“Our commitment to community safety remains unwavering”, said Sheriff Jennifer L. Harlow of the Orleans County Sheriff’s Department. “We will continue to work alongside our law enforcement partners to dismantle drug trafficking organizations that distribute deadly narcotics and illegal firearms. We thank our federal partners for their dedication to ensuring these individuals are held responsible.”
The case was prosecuted by Assistant U.S. Attorney Matthew Lasher. Jones was represented by Mark Kaplan, Esq.; Douchette was represented by Gregory Mertz, Esq; Provencher was represented by Robert Sussman, Esq.; and Peters was represented by Heather Ross, Esq. Tyler Norris is represented by Chandler Matson, Esq.; Erica Desormeaux is represented by Natasha Sen, Esq.; and Jeremy Young is represented by Allan Sullivan, Esq.
A Met investigation into a savage attack where a man suffered life-changing injuries after he was shot and stabbed in broad daylight has led to three men being handed lengthy prison sentences.
Caleb Wallace, 18 (05.01.07), of Beam Avenue, Barking and Dagenham, Hayat Umar, 18 (13.03.07) of Stern Close, Barking and Dagenham and Joshua Amoaka, 18 (03.08.2006), of Cornflower Road, Chelmsford were sentenced at the Old Bailey on Thursday, 3 April.
Wallace and Umar, who were both convicted of attempted murder, possession of a firearm with intent and possession of a knife following a trial earlier this year were sentenced to 19 years’ imprisonment each.
Amoaka, who was previously found guilty of causing grievous bodily harm, possession of a firearm with intent and possession of a knife, was sentenced to nine years’ imprisonment.
All three were subject to between a third to a half reduction to their sentence due to being aged under 18 at the time the offence was committed.
The court heard that on Thursday, 2 May 2024 the victim, who was 18 at the time of the incident, was cycling along Whalebone Lane South in Dagenham when Wallace, Umar and Amoaka jumped out of a vehicle and chased him.
While attempting to escape from his attackers, the victim briefly collided with a member of the public and fell off his bike. In CCTV footage seen by the jury in court, Umar can be seen firing a sawn-off shotgun into the back of the victim at point-blank range before Wallace stabs him with a machete. Amoaka is also seen in the footage standing nearby, all during the day and in full-view of passers-by.
Officers and the London Ambulance Service attended and treated the victim at the scene before he was taken to hospital. His injuries were life-changing and he required a number of significant surgeries and extensive time spent in hospital recovering.
Detective Inspector Iain Wallace from the Specalist Crime Command, who led the investigation, said: “The brutality displayed by Wallace and Umar, while Amoaka stood menacingly by, all in broad daylight and in full view of passers-by is shocking.
“This has been an incredibly distressing time for the victim and his family. Equally, many of those who witnessed such a vicious attack will still be deeply traumatised and concerned about safety in the community.
“I hope these lengthy sentences will give the victim some small sense of closure, and allow those in the community to feel safer knowing that Wallace, Umar and Amoaka are no longer on the streets.”
A determined manhunt began immediately following the attack, with officers speaking to witnesses at the scene as well as painstakingly combing through hours of CCTV footage to understand what took place and to track the movements of the attackers after they fled the scene.
Umar and Wallace were arrested at an address in Kent on 10 May 2024. During a search of the address, officers found the distinct red trainers that Umar wore during the incident, as well as the multi-coloured trainers Wallace could be seen wearing on CCTV as he attacked the victim. A large black machete matching the one seen on CCTV was also discovered hidden under a bed at the property.
Amoaka was arrested at an address in Birmingham on 17 May 2024, where officers found a quantity of class A drugs as well as a hunting knife.
Wallace and Amoaka’s hats were both discarded at the scene after each came off while they chased the victim. They were sent for forensic testing. DNA found on the hats provided a match to both – further proof they had been at the scene.
Officers also discovered a series of TikTok videos by a gang affiliated with the three men, where those in the videos brazenly claim responsibility for the attack while mocking the victim.
This helped to further establish a watertight case against Wallace, Umar and Amoaka.
On March 25, 2025, Canmore RCMP received multiple reports regarding the theft of e-bikes and mountain bikes which were stolen from locked bike racks near the 1200 block of Bow Valley Trail in Canmore.
RCMP Southern Alberta District Crime Reduction Unit (SAD CRU) was requested to assist Canmore RCMP with the investigation. Through the investigation, a suspect was identified on CCTV footage.
On March 27, 2025, SAD CRU located and arrested a 38-year-old individual, a resident of Calgary, and recovered all four stolen bikes. The individual has been charged with the following:
Trafficking of Property Obtained by Crime Under $5000 (x2)
Possession of Proceeds of Property Obtained by Crime Under $5000
Theft of Bicycle Under $5000 (x2)
Fail to Comply with Release Order (x2)
After a judicial interim release hearing, the individual was remanded into custody to appear in Alberta Court of Justice in Calgary on April 3, 2025.
RCMP would like to thank the victims for their speedy reporting of the thefts, which aided in a quick and successful investigation.
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
WASHINGTON – Ronnie Rogers, 69, of Washington D.C., pleaded guilty today in U.S. District Court to participating in a drug trafficking conspiracy that imported and redistributed wholesale quantities of fentanyl, heroin, cocaine, and crack cocaine in the District of Columbia.
The plea agreement was announced by U.S. Attorney Edward R. Martin, Jr., Special Agent in Charge Ibrar A. Mian of the Drug Enforcement Administration (DEA) Washington Division, FBI Special Agent Sean Ryan of the Washington Field Office Criminal and Cyber Division, Special Agent in Charge Anthony Spotswood of the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) Washington Field Division, and Chief Pamela Smith of the Metropolitan Police Department (MPD).
Rogers pleaded guilty to a three-count Information charging him with conspiracy to distribute 400 grams or more of fentanyl, 100 grams or more of a fentanyl analogue, and 100 grams or more of heroin; conspiracy to distribute 500 grams or more of cocaine and cocaine base; and to possessing a firearm in furtherance of a drug trafficking offense.
U.S. District Court Judge Trevor N. McFadden scheduled a sentencing hearing for July 21, 2025. Rogers is eligible for a mandatory minimum of 15 years in prison to a maximum of life.
According to the plea agreement, between July 2021 and November 2023, Rogers coordinated with his co-conspirators to traffic fentanyl, heroin, cocaine, and cocaine base in the District of Columbia and elsewhere. This included over 12 kilograms of fentanyl (including carfentanil, which is 10,000 times more potent than morphine and 100 times more potent than fentanyl), over 1967 grams of fentanyl analog (p-Fluorofentanyl, which is also more lethal than fentanyl), over 236 grams of heroin, over 500 grams of cocaine, and less than 28 grams of cocaine base.
On November 29, 2023, law enforcement executed search warrants at Rogers’ various residences.
At his apartment on the 1200 block of Massachusetts Avenue, NW, law enforcement recovered an array of narcotics that included a large baggie containing 494.8 grams of mixture of heroin, fentanyl, and carfentanil; another baggie with 704.8 grams of carfentanil, an envelope containing 115.91 grams of fentanyl; another baggie containing 201 grams of fentanyl; and baggies containing 1,785 grams acetaminophen and 18 grams of fentanyl. In addition, officers recovered a Smith & Wesson SD-40 firearm, a Glock 43 pistol, a Rugar LCP pistol, $23,000 in cash, and an assortment of drug packaging materials and scales.
At Roger’s residence on the 6500 block of Gateway Boulevard, in District Heights, Maryland, law enforcement recovered more narcotics and weapons including two baggies containing 151 grams of fentanyl; plastic bags containing 2.4 grams of xylazine and 1.8 grams of heroin; baggies containing bundles of smaller bags containing 7.7 grams of fentanyl, heroin, xylazine, 1.4 grams of carfentanil, and 2.8 grams of acetaminophen, 20 small baggies containing 5.1 grams of fentanyl, heroin and xylazine; and bags containing 97.3 grams of heroin and fentanyl, 45.4 grams of cocaine base, and 14.2 grams of fentanyl with xylazine. Officers also recovered a Smith &Wesson .357 revolver, a Springfield XD 9mm firearm, a Canik TP9 pistol, assorted ammunition and magazines and $1,524 in cash.
At another residence utilized by Rogers located on the 2100 block of Pineview Court, Waldorf, Maryland, law enforcement recovered a FedEx parcel containing 1,013 grams of fentanyl.
This operation is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level drug traffickers, money launderers, gangs, and transnational criminal organizations that threaten the United States by using a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks.
This case is being investigated by the DEA Washington Division, the FBI Washington Field Office, the Alexandria Police Department, and the Metropolitan Police Department. Valuable assistance was provided by the U.S. Postal Inspection Service, Bureau of Alcohol, Tobacco, and Firearms Washington Field Division, U.S. Customs and Border Patrol, U.S. Bureau of Prisons, Montgomery County Police Department, Prince George’s County Police Interdiction Unit, Charles County Sheriff’s Office, Arlington County Police, Montgomery County Department of Police, Virginia State Police, Loudoun County Sherriff’s Office, the U.S. Attorney’s Office for the District of Maryland (Greenbelt), the U.S. Attorney’s Office for the Northern District of Texas, and the U.S. Attorney’s Office for the Middle District of Tennessee.
The case is being prosecuted by Assistant U.S. Attorneys George Eliopoulos and Matthew Kinskey of the Violence Reduction and Trafficking Section.
On March 17, 2025, Vermillion RCMP responded to a report from the Alberta Sheriff’s at the Vermillion Provincial Courthouse, of possible drugs found on someone at the location.
Vermillion RCMP attended and located a 35-year-old individual, of no fixed address, and after investigation, was found to have a quantity of suspected fentanyl in individual baggies.
The individual was charged with Possession of CDSA for the purpose of trafficking, and failure to comply with Undertaking.
The individual was brought before a justice of the peace, where she was remanded with a court date of April 7, 2025 at the Alberta Court of Justice in Vermillion.
The Vermillion RCMP is seeking the public’s assistance in identifying the location of, or sightings of any drug related crimes in the area. Anyone with information in relation to drug or organized crimes is asked to please contact the Vermillion RCMP at 780-835-4441 or your local police. If you wish to remain anonymous, you can contact Crime Stoppers at 1-800-222-8377 (TIPS), online at www.P3Tips.com or by using the “P3 Tips” app available through the Apple App or Google Play Store.
This year’s topic: ‘Making Europe Safer’Participants have to be part of law enforcement agencies of EU Member States or of countries that have agreements and working arrangements with Europol. The 2025 Europol photo competition casts a wide net, inviting submissions that showcase the many ways that law enforcement officers are actively ‘Making Europe Safer’. Europe’s security starts abroad, which is…
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
WASHINGTON – Trevon Timothy Vines, 30, of Washington, D.C., has been indicted on a federal gun charge in the latest case to be federally adopted as part of the “Make D.C. Safe Again” initiative.
The indictment was announced by U.S. Attorney Edward R. Martin Jr., Sean T. Ryan, Special Agent in Charge of the FBI Washington Field Office Criminal and Cyber Division, Special Agent in Charge Anthony Spotswood of the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), and Chief Pamela Smith of the Metropolitan Police Department (MPD).
Vines was indicted on one count of Unlawful Possession of a Firearm and Ammunition by a Person Convicted of a Crime Punishable by Imprisonment for a Term Exceeding One Year.
According to court documents, on March 15, 2025, officers with the Metropolitan Police Department conducted a traffic stop in the vicinity of 1820 7th Street NW after observing a traffic infraction. It is alleged that during the course of the stop, officers observed several open containers of alcohol and requested that all occupants exit the vehicle.
It is alleged that one of the occupants, defendant Vines, was seated in the front passenger seat and holding a cup consistent with the others observed. As officers attempted to place Vines in handcuffs, they felt what they immediately recognized to be a handgun on his person in a front left jacket pocket. Vines then began physically resisting, grabbing one officer’s vest and attempting to move him while repeatedly reaching for the weapon forcibly.
Officers eventually recovered the firearm and discovered that it had been reported stolen from a gun dealer in White Plains, Maryland.
An investigation revealed that Vines is a convicted felon with multiple prior convictions. At the time of the incident, Vines was prohibited from possessing a firearm or ammunition under federal and D.C. law. He did not have a license to carry or own a firearm in the District of Columbia.
This case is being investigated by the FBI Washington Field Office, ATF Baltimore Field Office, and the Metropolitan Police Department. This case is being prosecuted by Assistant U.S. Attorney Emory V. Cole.
This case is part of Make D.C. Safe Again, a public safety initiative led by U.S. Attorney Martin that is surging resources to reduce violent crime in the District of Columbia. This initiative was created to address gun violence in the District, prioritize federal firearms violations, pursue tougher penalties for offenders, and seek detention for federal firearms violators.
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
In mid-March, 2025, a Cuban National attempted to enter Canada from the US by running across the Fort Erie International Railway Bridge. Members of the RCMP Niagara-on-the-Lake Border Integrity Unit, with the assistance of members of the OPP contributing to Ontario’s Operation Deterrence, were able to locate and arrest the individual under the Immigration and Refugee Protection Act.
The individual was transported to the CBSA at the Peace Bridge port of entry in Fort Erie. After being assessed, the individual was found to be ineligible for entry to Canada and was returned to the United States on the same day.
The Niagara-on-the-Lake RCMP Border Integrity Unit currently maintains a 24/7 presence at the railway bridge. The RCMP have recently arrested several people attempting to make illegal entry into Canada at the railway bridge. All individuals who have been arrested were eventually returned to the U.S.
Members of the Niagara-on-the-Lake RCMP are actively conducting patrols along the border in this area on the land, on the water and in the air to disrupt cross-border criminal activity.
The RCMP is committed to working with our partners to protect the residents and communities of Canada. Our collaboration with both the CBSA and OPP continues to provide positive results for Canada. The RCMP also acknowledges the assistance of CN rail.
“The RCMP continues to see positive operational impact from new investments in law enforcement between ports of entry and collaborative efforts with CN Police, OPP and CBSA in maintaining the security and integrity of Canadian borders.” Sgt. Lepa Jankovic, Border Integrity Unit, Niagara-On-The-Lake, Central Region RCMP
“The CBSA and RCMP work in close partnership to maintain the security of our borders. This is yet another example of how our collaboration contributes to protecting the integrity of our border and the safety of our communities.” – Michael Prosia, A/Regional Director General, Southern Ontario Region, Canada Border Services Agency
Fast Facts
In Canada, border security and integrity is a shared mandate between the CBSA and the RCMP. The CBSA is responsible for enforcement at 1,200 ports of entry across the country, while the RCMP is responsible for enforcement between ports of entry.
The RCMP Niagara-on-the-Lake Border Integrity Unit is tasked with the prevention and detection of cross-border smuggling both to and from Canada. This unit supports four CBSA ports of entry by conducting larger criminal investigations that start at the port. The unit is also tasked with protecting the border area between the ports from Cobourg on Lake Ontario to Port Burwell on Lake Erie. The members of the unit will often be found in boats ensuring vessels are complying with reporting requirements when entering Canada.
If you have any information related to smuggling, drug importation, trafficking, or possession, or wish to report other criminality, you can contact the Ontario RCMP at 1-800-387-0020, the confidential CBSA Border Watch toll-free line at 1-888-502-9060 or anonymously through Crime Stoppers at 1-800-222-8477 (TIPS), at any time.
Jacksonville, Florida – United Staes Attorney Gregory W. Kehoe announces that Daniel Tharp has pleaded guilty to the willful failure to pay taxes. Tharp faces a maximum penalty of five years in federal prison. A sentencing date has not yet been set.
According to court records, Tharp was the managing director for Hangar X Holdings, LLC, where he had the corporate responsibility to collect and account for the company’s trust fund taxes, which included income taxes, Medicare taxes, and Social Security taxes withheld from the company’s employees’ pay. From October 2014 through December 2019, the company paid wages to employees and withheld these trust fund taxes. Tharp, however, knowingly and intentionally failed to pay this money to the IRS. In total, Tharp caused the company to fail to pay over $1.2 million in such taxes.
This case was investigated by IRS—Criminal Investigation. The case is being prosecuted by Assistant United States Attorney John Cannizzaro.
Tampa, FL – United States Attorney Gregory W. Kehoe announces that Cristian Javier Vente Ocoro (39, Colombia), a/k/a “Shrek,” “Happy,” and “Teletubis,” has pleaded guilty to conspiring to traffic cocaine on vessels subject to the jurisdiction of the United States. Vente Ocoro faces a maximum penalty of life in federal prison. He was arrested in Colombia in September 2023 at the request of the United States and extradited to the United States a year later. A sentencing date has not yet been set.
According to the plea agreement, Vente Ocoro was part of an organization that smuggled cocaine from South America to Central America and Mexico, a substantial portion of which passed through points of entry on the United States/Mexico border. Vente Ocoro handled the organization, logistics, and planning of smuggling ventures, as well as recruited and paid crewmembers. As part of the investigation, investigators associated Vente Ocoro with two failed smuggling ventures – the first on June 25, 2019, that involved 1,090 kilograms of cocaine; the second on July 31, 2019, that involved 2,125 kilograms of cocaine.
This prosecution is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) Strike Force Initiative, which provides for the establishment of permanent multi-agency task force teams that work side-by-side in the same location. This co-located model enables agents from different agencies to collaborate on intelligence-driven, multi- jurisdictional operations to disrupt and dismantle the most significant drug traffickers, money launderers, gangs, and transnational criminal organizations.
The specific mission of the OCDETF Panama Express Strike Force is to disrupt and dismantle Transnational Criminal Organizations involved in large scale drug trafficking, money laundering, and related activities. The OCDETF Panama Express Strike Force is comprised of agents and officers from the Coast Guard Investigative Service, Drug Enforcement Administration, Federal Bureau of Investigation, and Homeland Security Investigations. The Colombian National Police provided critical investigative support. The Department of Justice’s Office of International Affairs and the Criminal Division’s Narcotic and Dangerous Drug Section’s Office of Judicial Attaché in Bogotá, Colombia provided significant assistance in securing the arrest and extradition of the defendant. The prosecution is being led by the Office of the United States Attorney for the Middle District of Florida. It is being prosecuted by Assistant United States Attorney Dan Baeza.
SAN ANTONIO – A used car dealership manager in San Antonio was sentenced in a federal court to six months in prison and ordered to pay more than $260,000 in restitution for odometer tampering.
According to court documents, Felipe Alcibar, 62, was the primary party responsible for the day-to-day operations of Autotex Financial, a used car dealership. Beginning no later than October 2020 and continuing until at least November 2023, Alcibar knowingly and intentionally disconnected, reset or altered the odometers on multiple vehicles that had been purchased by Autotex and that were advertised for sale to the general public.
Alcibar was charged in a one-count information filed Oct. 8, 2024. He pleaded guilty Oct. 30, 2024. In addition to a six month prison sentence, Alcibar was ordered to pay a restitution of $264,747.05.
Acting U.S. Attorney Margaret Leachman for the Western District of Texas made the announcement.
The Department of Transportation Office of Odometer Fraud investigated the case.
Assistant U.S. Attorney Justin Chung prosecuted the case.
U.S. Navy Seabee Divers, assigned to Underwater Construction Team One (UCT 1), Construction Dive Detachment ALFA (CDD/A), deployed to the U.S. Sixth Fleet (C6F) Area of Operations (AOR) to conduct critical engineering operations in support of maritime security, regional stability, and building partner nation capacity.
NEWPORT NEWS, Va. (March 10, 2025) – The Nimitz-class aircraft carrier USS John C. Stennis (CVN 74) is the second nuclear-powered carrier of its class to implement a new reactor pin program. The program, started in December 2024, recognizes senior in-rate qualifications within the reactor department, providing Sailors with a visible symbol of their expertise and contributions to shipboard operations.
DARWIN, Northern Territory, Australia (April 2, 2025) – The submarine tender USS Emory S. Land (AS 39) departed Darwin, Northern Territory, Australia, following a routine port visit, April 2, 2025. During the visit, Emory S. Land provided logistical support to the Virginia-class fast-attack submarine USS Minnesota (SSN 783).
NAVAL AIR WARFARE CENTER AIRCRAFT DIVISION, Patuxent River, Md. – For the first time, U.S. Marine Corps F-35 and Air Force F-22 pilots trained as a joint fighting force in the Naval Air Warfare Center Aircraft Division’s (NAWCAD) Joint Simulation Environment (JSE) at Naval Air Station Patuxent River, March 24-27.
ALEXANDRIA, Va. – Intelligent Waves, LLC, located in Reston, and its owner agreed to pay $1.95 million to settle False Claims Act allegations involving two Air Force contracts.
In September 2019, Intelligent Waves entered into a contract, known as the Crowd-Sourced Contract, with the Air Force. Under the Crowd-Sourced Contract, Intelligent Waves provided crowd-sourced flight data collection support and data analytics to the 59th Test and Evaluation Squadron at Nellis Air Force Base. The United States alleged that Intelligent Waves knowingly sold certain equipment to the Air Force that was not authorized under the Crowd-Sourced Contract and submitted invoices to the Air Force that portrayed the unauthorized equipment as authorized equipment under the Contract. The United States also alleged that Intelligent Waves knowingly invoiced the Air Force for products and/or labor that it did not deliver in the specific quantities stated in its invoices. After it failed to deliver the products and/or labor stated in its invoices, Intelligent Waves failed to provide a credit to the Air Force for undelivered products and/or labor, providing substitute products requested by non-procurement personnel instead.
In November 2020, Intelligent Waves also entered into a contract, known as the Special Access Program Facilities (SAPF) Contract, with the Air Force to build special access program facilities at Edwards Air Force Base,. The United States alleged that Intelligent Waves knowingly made false statements that induced the award of the SAPF Contract.
The United States alleged that Intelligent Waves provided meals and entertainment to Air Force employees before the award of and during the period of performance of the Crowd-Sourced and SAPF contracts.
This settlement arises in connection with a lawsuit filed by two former Intelligent Waves employees under the whistleblower provision of the False Claims Act, United States ex rel. Taylor et al. v. Intelligent Waves, LLC et al. The lawsuit alleged that Intelligent Waves’ owner was aware of certain of the alleged wrongful conduct. A whistleblower suit, or qui tam action under the False Claims Act, is commenced by an individual filing a complaint under seal in the U.S. District Court and providing a copy of the complaint and evidence to the U.S. Attorney’s Office. The United States then has an opportunity to investigate the claims. The False Claims Act provides whistleblowers with a share of the government’s recovery.
The resolution obtained in this matter was the result of a coordinated effort between the U.S. Attorney’s Office for the Eastern District of Virginia, the U.S. Air Force Office of Special Investigations, the Defense Criminal Investigative Service’s Mid-Atlantic Field Office, and the Defense Contract Audit Agency.
This matter was investigated by Assistant U.S. Attorney Tanya Kapoor and Forensic Auditor Peter Melaragni.
The civil claims settled by this False Claims Act agreement are allegations only; there has been no determination of civil liability.
Related court documents and information from the civil lawsuit can be accessed on PACER by searching for Case No. 1:22-cv-1463.
Detectives investigating the murder of 16-year-old Hani Hicham Abou El Kheir are continuing their efforts to secure justice for his family.
Hani was fatally stabbed in Pimlico on 27 January 2013. Subsequently, five men were convicted of his murder and sentenced to a total of 131 years imprisonment following a trial at the Old Bailey in January 2014.
One suspect remains outstanding. He is Dilawar Hussain, 33, (24.09.91) who was born in Paddington and raised in London.
Hussain’s then home in Rampayne Street, SW1 was searched four days after the murder, but he was not present. An arrest warrant was obtained on 21 March 2013 at Barkingside Magistrates’ Court and officers established that Hussain, who was 21 years old at the time, had travelled to Bangladesh.
Efforts continue to be made to ensure Hussain faces justice for Hani’s murder. Met detectives and Hani’s mother, Pauline Hickey, are appealing for information in relation Dilawar Hussain’s whereabouts.
An arrest warrant remains in place for Hussain.
Hani’s mother Pauline said: “It is now 12 years since my only son, Hani, was hunted down and attacked in a busy street by a group of feral men. While several people have been jailed for his murder, one suspect remains free.
“Hani was only a boy when he was killed – he had his whole life to live and this was brutally taken away. The pain of his loss does not diminish with the passing of time and it only feels greater knowing Dilawar Hussain has evaded justice so far. If you can help, I would plead with you to get in contact with the police.”
Detective Chief Inspector Mark Rogers who leads the investigation said:
“I am appealing for information as to the whereabouts of Dilawar Hussain. In 2014 we released a statement confirming he had fled to Bangladesh soon after the murder and we’ve heard nothing to believe that this situation has changed.
“Hani’s mother Pauline continues to fight for justice and to ensure those responsible for her son’s murder are held to account and we will not rest until we’ve helped achieve this for her.”
If you know where Hussain is or who is harbouring him please share this information with the Met Police via 101 or through our website and quote Op Jabalpur, or notify your local law enforcement agency.
Holyrood RCMP is looking to arrest wanted man, 34-year-old Simon Dobbin of St. Joseph’s. Dobbin is wanted for charges of assault and two counts of breaching a release order.
An image of Dobbin is attached.
Anyone having information about Dobbin’s current location is asked to contact Holyrood RCMP at 709-229-3892. To remain anonymous, contact Crime Stoppers: #SayItHere 1-800-222-TIPS (8477), visitwww.nlcrimestoppers.comor use the P3Tips app.
WASHINGTON, DC – Today, the Cybersecurity and Infrastructure Security Agency (CISA) joined the National Security Agency (NSA) and other government and international partners to release a joint Cybersecurity Advisory (CSA) that warns organizations, internet service providers (ISPs), and cybersecurity service providers about fast flux enabled malicious activities that consistently evade detection. The CSA also provides recommended actions to defend against fast flux.
An ongoing threat, fast flux networks create resilient adversary infrastructure used to evade tracking and blocking. Such infrastructure can be used for cyberattacks such as phishing, command and control of botnets, and data exfiltration. This advisory provides several techniques that should be implemented for a multi-layered security approach including DNS and internet protocol (IP) blocking and sinkholing; enhanced monitoring and logging; phishing awareness and training for users; and reputational filtering.
”Threat actors leveraging fast flux techniques remain a threat to government and critical infrastructure organizations. Fast flux makes individual computers in a botnet harder to find and block. A useful solution is to find and block the behavior of fast flux itself,” said CISA Deputy Executive Assistant Director for Cybersecurity Matt Hartman. “CISA is pleased to join with our government and international partners to provide this important guidance on mitigating and blocking malicious fast flux activity. We encourage organizations to implement the advisory recommendations to reduce risk and strengthen resilience.”
The authoring agencies encourage ISPs, cybersecurity service providers and Protective Domain Name System (PDNS) providers to help mitigate this threat by taking proactive steps to develop accurate and reliable fast flux detection analytics and block fast flux activities for their customers.
Additional co-sealers for this joint CSA are Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand National Cyber Security Centre (NCSC-NZ).
As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection. Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain Name System (DNS) records. Additionally, they can create resilient, highly available command and control (C2) infrastructure, concealing their subsequent malicious operations. This resilient and fast changing infrastructure makes tracking and blocking malicious activities that use fast flux more difficult.
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand National Cyber Security Centre (NCSC-NZ) are releasing this joint cybersecurity advisory (CSA) to warn organizations, Internet service providers (ISPs), and cybersecurity service providers of the ongoing threat of fast flux enabled malicious activities as a defensive gap in many networks. This advisory is meant to encourage service providers, especially Protective DNS (PDNS) providers, to help mitigate this threat by taking proactive steps to develop accurate, reliable, and timely fast flux detection analytics and blocking capabilities for their customers. This CSA also provides guidance on detecting and mitigating elements of malicious fast flux by adopting a multi-layered approach that combines DNS analysis, network monitoring, and threat intelligence.
The authoring agencies recommend all stakeholders—government and providers—collaborate to develop and implement scalable solutions to close this ongoing gap in network defenses against malicious fast flux activity.
When malicious cyber actors compromise devices and networks, the malware they use needs to “call home” to send status updates and receive further instructions. To decrease the risk of detection by network defenders, malicious cyber actors use dynamic resolution techniques, such as fast flux, so their communications are less likely to be detected as malicious and blocked.
Fast flux refers to a domain-based technique that is characterized by rapidly changing the DNS records (e.g., IP addresses) associated with a single domain [T1568.001].
Single and double flux
Malicious cyber actors use two common variants of fast flux to perform operations:
1. Single flux: A single domain name is linked to numerous IP addresses, which are frequently rotated in DNS responses. This setup ensures that if one IP address is blocked or taken down, the domain remains accessible through the other IP addresses. See Figure 1 as an example to illustrate this technique.
Figure 1: Single flux technique.
Note: This behavior can also be used for legitimate purposes for performance reasons in dynamic hosting environments, such as in content delivery networks and load balancers.
2. Double flux: In addition to rapidly changing the IP addresses as in single flux, the DNS name servers responsible for resolving the domain also change frequently. This provides an additional layer of redundancy and anonymity for malicious domains. Double flux techniques have been observed using both Name Server (NS) and Canonical Name (CNAME) DNS records. See Figure 2 as an example to illustrate this technique.
Figure 2: Double flux technique.
Both techniques leverage a large number of compromised hosts, usually as a botnet from across the Internet that acts as proxies or relay points, making it difficult for network defenders to identify the malicious traffic and block or perform legal enforcement takedowns of the malicious infrastructure. Numerous malicious cyber actors have been reported using the fast flux technique to hide C2 channels and remain operational. Examples include:
Bulletproof hosting (BPH) services offer Internet hosting that disregards or evades law enforcement requests and abuse notices. These providers host malicious content and activities while providing anonymity for malicious cyber actors. Some BPH companies also provide fast flux services, which help malicious cyber actors maintain connectivity and improve the reliability of their malicious infrastructure. [1]
Fast flux has been used in Hive and Nefilim ransomware attacks. [3], [4]
Gamaredon uses fast flux to limit the effectiveness of IP blocking. [5], [6], [7]
The key advantages of fast flux networks for malicious cyber actors include:
Increased resilience. As a fast flux network rapidly rotates through botnet devices, it is difficult for law enforcement or abuse notifications to process the changes quickly and disrupt their services.
Render IP blocking ineffective. The rapid turnover of IP addresses renders IP blocking irrelevant since each IP address is no longer in use by the time it is blocked. This allows criminals to maintain resilient operations.
Anonymity. Investigators face challenges in tracing malicious content back to the source through fast flux networks. This is because malicious cyber actors’ C2 botnets are constantly changing the associated IP addresses throughout the investigation.
Additional malicious uses
Fast flux is not only used for maintaining C2 communications, it also can play a significant role in phishing campaigns to make social engineering websites harder to block or take down. Phishing is often the first step in a larger and more complex cyber compromise. Phishing is typically used to trick victims into revealing sensitive information (such as login passwords, credit card numbers, and personal data), but can also be used to distribute malware or exploit system vulnerabilities. Similarly, fast flux is used for maintaining high availability for cybercriminal forums and marketplaces, making them resilient against law enforcement takedown efforts.
Some BPH providers promote fast flux as a service differentiator that increases the effectiveness of their clients’ malicious activities. For example, one BPH provider posted on a dark web forum that it protects clients from being added to Spamhaus blocklists by easily enabling the fast flux capability through the service management panel (See Figure 3). A customer just needs to add a “dummy server interface,” which redirects incoming queries to the host server automatically. By doing so, only the dummy server interfaces are reported for abuse and added to the Spamhaus blocklist, while the servers of the BPH customers remain “clean” and unblocked.
Figure 3: Example dark web fast flux advertisement.
The BPH provider further explained that numerous malicious activities beyond C2, including botnet managers, fake shops, credential stealers, viruses, spam mailers, and others, could use fast flux to avoid identification and blocking.
As another example, a BPH provider that offers fast flux as a service advertised that it automatically updates name servers to prevent the blocking of customer domains. Additionally, this provider further promoted its use of separate pools of IP addresses for each customer, offering globally dispersed domain registrations for increased reliability.
Detection techniques
The authoring agencies recommend that ISPs and cybersecurity service providers, especially PDNS providers, implement a multi-layered approach, in coordination with customers, using the following techniques to aid in detecting fast flux activity [CISA CPG 3.A]. However, quickly detecting malicious fast flux activity and differentiating it from legitimate activity remains an ongoing challenge to developing accurate, reliable, and timely fast flux detection analytics.
1. Leverage threat intelligence feeds and reputation services to identify known fast flux domains and associated IP addresses, such as in boundary firewalls, DNS resolvers, and/or SIEM solutions.
2. Implement anomaly detection systems for DNS query logs to identify domains exhibiting high entropy or IP diversity in DNS responses and frequent IP address rotations. Fast flux domains will frequently cycle though tens or hundreds of IP addresses per day.
3. Analyze the time-to-live (TTL) values in DNS records. Fast flux domains often have unusually low TTL values. A typical fast flux domain may change its IP address every 3 to 5 minutes.
4. Review DNS resolution for inconsistent geolocation. Malicious domains associated with fast flux typically generate high volumes of traffic with inconsistent IP-geolocation information.
5. Use flow data to identify large-scale communications with numerous different IP addresses over short periods.
6. Develop fast flux detection algorithms to identify anomalous traffic patterns that deviate from usual network DNS behavior.
7. Monitor for signs of phishing activities, such as suspicious emails, websites, or links, and correlate these with fast flux activity. Fast flux may be used to rapidly spread phishing campaigns and to keep phishing websites online despite blocking attempts.
8. Implement customer transparency and share information about detected fast flux activity, ensuring to alert customers promptly after confirmed presence of malicious activity.
Mitigations
All organizations
To defend against fast flux, government and critical infrastructure organizations should coordinate with their Internet service providers, cybersecurity service providers, and/or their Protective DNS services to implement the following mitigations utilizing accurate, reliable, and timely fast flux detection analytics.
Note: Some legitimate activity, such as common content delivery network (CDN) behaviors, may look like malicious fast flux activity. Protective DNS services, service providers, and network defenders should make reasonable efforts, such as allowlisting expected CDN services, to avoid blocking or impeding legitimate content.
1. DNS and IP blocking and sinkholing of malicious fast flux domains and IP addresses
Block access to domains identified as using fast flux through non-routable DNS responses or firewall rules.
Consider sinkholing the malicious domains, redirecting traffic from those domains to a controlled server to capture and analyze the traffic, helping to identify compromised hosts within the network.
Block IP addresses known to be associated with malicious fast flux networks.
2. Reputational filtering of fast flux enabled malicious activity
Block traffic to and from domains or IP addresses with poor reputations, especially ones identified as participating in malicious fast flux activity.
3. Enhanced monitoring and logging
Increase logging and monitoring of DNS traffic and network communications to identify new or ongoing fast flux activities.
Implement automated alerting mechanisms to respond swiftly to detected fast flux patterns.
Share detected fast flux indicators (e.g., domains, IP addresses) with trusted partners and threat intelligence communities to enhance collective defense efforts. Examples of indicator sharing initiatives include CISA’s Automated Indicator Sharing or sector-based Information Sharing and Analysis Centers (ISACs) and ASD’s Cyber Threat Intelligence Sharing Platform (CTIS) in Australia.
Participate in public and private information-sharing programs to stay informed about emerging fast flux tactics, techniques, and procedures (TTPs). Regular collaboration is particularly important because most malicious activity by these domains occurs within just a few days of their initial use; therefore, early discovery and information sharing by the cybersecurity community is crucial to minimizing such malicious activity. [8]
5. Phishing awareness and training
Implement employee awareness and training programs to help personnel identify and respond appropriately to phishing attempts.
Develop policies and procedures to manage and contain phishing incidents, particularly those facilitated by fast flux networks.
The authoring agencies encourage organizations to use cybersecurity and PDNS services that detect and block fast flux. By leveraging providers that detect fast flux and implement capabilities for DNS and IP blocking, sinkholing, reputational filtering, enhanced monitoring, logging, and collaborative defense of malicious fast flux domains and IP addresses, organizations can mitigate many risks associated with fast flux and maintain a more secure environment.
However, some PDNS providers may not detect and block malicious fast flux activities. Organizations should not assume that their PDNS providers block malicious fast flux activity automatically and should contact their PDNS providers to validate coverage of this specific cyber threat.
For more information on PDNS services, see the 2021 joint cybersecurity information sheet from NSA and CISA about Selecting a Protective DNS Service. [9] In addition, NSA offers no-cost cybersecurity services to Defense Industrial Base (DIB) companies, including a PDNS service. For more information, see NSA’s DIB Cybersecurity Services and factsheet. CISA also offers a Protective DNS service for federal civilian executive branch (FCEB) agencies. See CISA’s Protective Domain Name System Resolver page and factsheet for more information.
Conclusion
Fast flux represents a persistent threat to network security, leveraging rapidly changing infrastructure to obfuscate malicious activity. By implementing robust detection and mitigation strategies, organizations can significantly reduce their risk of compromise by fast flux-enabled threats.
The authoring agencies strongly recommend organizations engage their cybersecurity providers on developing a multi-layered approach to detect and mitigate malicious fast flux operations. Utilizing services that detect and block fast flux enabled malicious cyber activity can significantly bolster an organization’s cyber defenses.
The information and opinions contained in this document are provided “as is” and without any warranties or guarantees. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this guidance shall not be used for advertising or product endorsement purposes.
Purpose
This document was developed in furtherance of the authoring cybersecurity agencies’ missions, including their responsibilities to identify and disseminate threats, and develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders.
Contact
National Security Agency (NSA):
Cybersecurity and Infrastructure Security Agency (CISA):
All organizations should report incidents and anomalous activity to CISA via the agency’s Incident Reporting System, its 24/7 Operations Center at report@cisa.gov, or by calling 1-844-Say-CISA (1-844-729-2472). When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment user for the activity; the name of the submitting company or organization; and a designated point of contact.
Federal Bureau of Investigation (FBI):
To report suspicious or criminal activity related to information found in this advisory, contact your local FBI field office or the FBI’s Internet Crime Complaint Center (IC3). When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact.
Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC):
For inquiries, visit ASD’s website at www.cyber.gov.au or call the Australian Cyber Security Hotline at 1300 CYBER1 (1300 292 371).
Canadian Centre for Cyber Security (CCCS):
New Zealand National Cyber Security Centre (NCSC-NZ):
Two men have been arrested on suspicion of terrorism offences as part of a proactive investigation by the Met’s Counter Terrorism Command.
Detectives arrested a 39-year-old man [A] on Tuesday, 1 April at an address in north west London on suspicion of being a member of a proscribed organisation, preparation for acts of terrorism and being involved in a funding arrangement for the purposes of terrorism.
Officers also arrested a 35-year-old man [B] at an address in west London on suspicion of being a member of a proscribed organisation.
The investigation relates to Hezbollah, a proscribed organisation under UK counter terrorism legislation. The investigation is largely focused on activity overseas, as well as activity within the UK. At this time, there is not believed to be any imminent threat to the public .
Commander Dominic Murphy, head of the Met’s Counter Terrorism Command said: “Terrorism and terrorists have a global reach and impact and the activities of terrorist groups overseas can harm communities here in the UK as well as causing devastation to those abroad.
“Our investigation remains ongoing, but I hope that these arrests show we will take robust action against anyone here whom we suspect as being involved in terrorist activity regardless of whether their activity is focused here in the UK or elsewhere.”
The two men were taken to a London police station, and have since been released on bail until a date in mid-July.
Searches were carried out at five addresses – two in North West London, one in West London, one in South West London and one in Essex – and these are now complete.
Enquiries continue
+ Communities defeat terrorism, and information from the public is vital to counter terrorism investigations. If you see or hear something that doesn’t feel right, then trust your instincts and ACT by reporting it in confidence at www.gov.uk/ACT or call police in confidence on 0800 789 321.
NATO Foreign Ministers will meet in Brussels on Thursday and Friday (3 and 4 April) to continue planning for the forthcoming Summit in The Hague and discuss urgent security issues.
Addressing media ahead of the meeting, NATO Secretary General Mark Rutte highlighted increased defence investment as a key agenda item and critical to the Alliance’s future success. “We will focus on strengthening our collective defence” he said, emphasising that “it is the foundation on which NATO was built, and it remains our number one priority.”
On the third anniversary of Russia’s brutal actions in Bucha and ahead of the NATO-Ukraine Council meeting on Thursday evening, Mr Rutte paid tribute to the victims and survivors. He commended Allied efforts to bring a just and lasting end to the war and underscored NATO’s enduring commitment to Ukraine with the announcement of more than 20 billion euros in security assistance – pledged by Allies – so far this year.
The Secretary General also acknowledged that global threats are creating a more dangerous world. “In the face of these and other challenges, we must build a stronger, a fairer and more lethal NATO,” he affirmed, going on to praise NATO’s partners for making essential contributions to our shared security. Mr Rutte noted that NATO Ministers would meet with NATO’s Indo-Pacific partners on Thursday afternoon, with Ukraine’s Foreign Minister Andrii Sybiha and the EU High Representative Kaja Kallas in the NATO-Ukraine Council Thursday evening, and in a dedicated session with the EU High Representative on Friday.
A man has been jailed after being found guilty of raping two teenagers he met at a central London train station.
Abdul-Majed Saif, 30 (13.11.94) of Great West Road, Hounslow was sentenced to 19 years’ imprisonment at Isleworth Crown Court on Tuesday, 1 April – he was also ordered to serve a further six-and-a-half years on licence. Saif had been found guilty of nine counts of rape in relation to two 14-year-olds following the conclusion of a trial at the same court on 31 January.
The court had heard how Saif had met the two teenagers in Victoria train station on 28 April 2024. He offered them cannabis and convinced them to go back to his house in Osterley where he raped them.
After the teenagers reported the incident to police and identified Saif’s address, Saif was quickly arrested on 2 May 2024. He denied the offences and was released on bail while an investigation was undertaken. Forensic evidence, coupled with the testimonies of the two teenagers, built a compelling body of evidence and Saif was subsequently charged and convicted of multiple offences.
Both teenagers were supported by specially trained officers throughout the investigation.
Detective Constable Stephen Gayfer from the West Area Command Unit who led the investigation said: “I want to thank both survivors in this case for coming forward and helping to get a dangerous predator like Saif off the streets. The abuse he has put these children through is absolutely sickening and is something which will undoubtedly affect them for the rest of their lives.
“I don’t underestimate the immense courage it took for them to come forward and speak to police and I’d like to commend them on their strength throughout our investigation.
“It is possible that Saif has preyed on others and I’d encourage anyone who has been abused by this man to reach out and get in touch with us. You will be supported and you will be listened to.”
Detective Superintendent Rebecca Reeves, Head of Public Protection at West Area, said: “Saif is a dangerous predator. The lengthy term of imprisonment he has been given reflects the very serious nature of the harm that he has caused to these young people. They have been incredibly courageous in coming forward.
“Officers in our dedicated Rape and Serious Sexual Offences teams work tirelessly to pursue the offenders who target vulnerable children. We are determined to secure justice for child victims of sexual exploitation.”
Counter Terrorism officers from the Met Police are urging parents across London to be aware of the signs that might indicate that their child could be vulnerable to radicalisation or being drawn into dangerous forms of violent extremism.
The call comes after heightened public and media focus on how schoolchildren are increasingly being drawn into extreme and radical ideologies after a similar storyline was featured in current TV drama Adolescence where a young schoolboy was drawn into a violent form ‘incel’ ideology online.
Detective Superintendent Jane Corrigan, who is the Met’s London Prevent Co-ordinator said: “The themes and storyline in Adolescence have sparked some incredibly important debate about dangerous rhetoric and ideologies that young schoolchildren can be exposed to through online and social media platforms.
“While it’s a fictitious drama, the story is grounded in a reality that we are seeing more and more in our work within Counter Terrorism Policing. Young people are being referred into us, and in almost every instance, a big part of their vulnerability is coming from what they are doing, seeing and consuming online.
“But it’s actually those who aren’t being referred to us who most concern us. That’s why it is so important that parents and carers are taking an active interest in what their child is doing online – to have those conversations and be aware of the potential warning signs. And if following that, they are still concerned or worried about their child, then it’s really important they reach out for more help as quickly as possible.
“The Act Early website is an excellent starting place, with tips and guidance on how to have those conversations and some of the warning signs to look out for. And there is also a support line they can call to get advice direct from one of our specialist officers.”
If you are worried about someone, then visit the ACT Early website –actearly.uk – or call the Act Early Support Line on 0800 011 3764, in confidence, to speak with specially trained officers.
Although public attention has been particularly drawn to this issue as a result of the Adolescence drama, Counter Terrorism officers have been concerned for some time over the increasing numbers of young people being radicalised.
Both 2023 and 2024 were the highest two years on record in terms of the number of children aged 17 or under being arrested for terrorism related offences, with 43 and 39 such arrests respectively. In 2002, there were only three such arrests and even as recently as 2019, the equivalent figure was as low as 12.
Prevent referral figures paint a similar picture, with almost six out of every ten Prevent referrals in 2023/24 now relating to those aged 17 and under, up from around five in every ten back in 2016/17.
Detective Superintendent Corrigan added: “I appreciate that this might seem quite daunting or unsettling for some parents or carers. And while it is still only a very small proportion of young people who may actually be affected, parents must not be fooled into thinking that this is something that only happens to others. We’ve had referrals and provided support through Prevent to a whole range of children, relating to a whole mix of different ideologies.
“So please, visit the ACT Early website, speak to your child and if you have any concerns at all then trust your instincts and get in touch with us so that we can help – before it might become too late.”
Prevent is the government-led programme which aims to stop vulnerable people from being drawn into terrorism, with police working with other safeguarding agencies to provide the necessary support.
The public can also take an active role in reporting any terrorist or extremist online content that they come across via gov.uk/ACT.
MADISON, WIS. – A federal grand jury in the Western District of Wisconsin, sitting in Madison, returned the following indictment today. You are advised that a charge is merely an accusation and a person named as defendant in an indictment is presumed innocent unless and until proven guilty.
Madison Man Charged With Distributing Methamphetamine
Rumont Kirkpatrick, 47, Madison, Wisconsin, is charged with distributing methamphetamine. The indictment alleges that on January 9, 2024, Kirkpatrick distributed 500 grams or more of methamphetamine.
If convicted, Kirkpatrick faces a mandatory minimum penalty of 10 years and a maximum penalty of life in prison.
The charge against him is the result of an investigation conducted by the U.S. Drug Enforcement Administration, Wisconsin Department of Justice Division of Criminal Investigation, and the United States Postal Inspection Service. Assistant U.S. Attorneys Chad Elgersma and Louis Glinzak are handling the case.
Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
SINGAPORE (April, 01 2025) Capt. John-Paul Tomez, Deputy Commander, Logistics Group Western Pacific/Task Force 73 (COMLOGWESTPAC/CTF 73), addresses the Singapore Chief’s Mess and guests during a celebration commemorating the 132nd Navy Chief Birthday at Sembawang Naval Installation (SNI), Apr. 01, 2025. COMLOGWESTPAC supports deployed maritime forces, along with regional Allies and partners, to sustain Western Pacific operations. (U.S. Navy photo by Mass Communication Specialist 2nd Class Jordan Jennings/Released)
LUAR, Philippines — Philippine Army Soldiers from C Battery 9th Field Artillery Battalion and U.S. Army Soldiers from 2nd Battalion, 11th Field Artillery Regiment, 25th Infantry Division, conducted artillery live-fire training during Salaknib 25 in Luar, Philippines, April 1, 2025.
FORT MAGSAYSAY, Philippines — Soldiers from the Philippine Army’s 5th and 7th Infantry Division and U.S. Army’s 25th Infantry Division engaged in a Subject Matter Expert Exchange (SMEE) focusing on Short-Range Reconnaissance (SRR) and Medium-Range Reconnaissance (MRR) Unmanned Aircraft Systems (UAS) during Salaknib 25 at Fort Magsaysay, Philippines, March 26, 2025.