PatrickPretty.com

Tag: Operation Trident Tribunal

  • Payment Processor For Cybercrime Ring Sentenced To 48 Months In Federal Prison; ‘Operation Trident Tribunal’ Is Ongoing

    recommendedreading1Mikael Patrick Sallnert has been sentenced to 48 months in federal prison for his role in processing payments for a cybercrime ring, the U.S. Justice Department announced.

    Sallnert, 37, is a citizen of Sweden. As part of “Operation Trident Tribunal,” Sallnert was arrested in Denmark on Jan. 19, 2012, and extradited to the United States in March 2012. He pleaded guilty on Aug. 17, 2012, to one count of conspiracy to commit wire fraud and one count of accessing a protected computer in furtherance of fraud, the Justice Department said.

    “Payment processors like this defendant are the backbone of the cybercrime underworld,” said U.S. Attorney Jenny A. Durkan of the Western District of Washington.  “As an established businessman, this defendant put a stamp of legitimacy on cyber criminals.  He was involved in defrauding thousands of victims, and his actions contributed to insecurities in e-commerce that stifle the development of legitimate enterprises and increase the costs of e-commerce for everyone.”

    If Durkan’s name rings familiar to PP Blog readers, it’s because her office is involved in an investigation into the activities of a group of “sovereign citizens” operating in the Pacific Northwest. Kenneth Wayne Leaming, a figure in the AdSurfDaily Ponzi scheme story, is being prosecuted by Durkan’s office amid allegations he filed false liens against at least five public officials in the ASD Ponzi scheme case.

    Sallnert, prosecutors said, provided payment-processing services for “scareware” vendors.

    “Mikael Patrick Sallnert played an instrumental role in carrying out a massive cybercrime ring that victimized approximately 960,000 innocent victims,” said Assistant Attorney General Lanny A. Breuer. “By facilitating payment processing, Sallnert allowed the cybercrime ring to collect millions of dollars from victims who were duped into believing their computers were compromised and could be fixed by the bogus software created by Sallnert’s co-conspirators.  Cybercrime poses a real threat to American consumers and businesses, and the Justice Department is committed to pursuing cybercriminals across the globe.”

    Operation Trident Tribunal is an “ongoing, coordinated enforcement action targeting international cybercrime,” prosecutors said.

    “This cyber crime ring spanned multiple countries—increasing the threat it posed and complicating the necessary law enforcement response,” said Laura M. Laughlin, special agent in charge of the FBI’s Seattle Division.  “Thanks to the commitment of many foreign partners and FBI entities across the nation, we were able to dismantle that threat and ensure Mr. Sallnert faced justice.”

    Scams often rely on international payments processors to fleece their victims.

     

  • Star Tribune, Minnesota’s Largest Newspaper, Targeted In International ‘Scareware’ Cyberattack; 2 Suspects Arrested In Latvia; Bogus Ad Agency Purportedly Based In Miami Allegedly Used To Dupe Famous American Publishing Company

    EDITOR’S NOTE: This is one of those stories that can cause people to scream. The U.S. publishing industry has been deeply affected by the Internet. Print advertisers — the people who pay the bills — now can communicate directly and immediately with readers, a development that is sucking the life out of traditional print publishers. Publishers large and small are seeking ways to monetize electronic versions of print publications because that’s what much of the audience prefers.

    But switching in whole or in part to electronic publications has exposed the industry to a whole new set of problems, including wanton theft of entire editorial wells, theft of other intellectual property and trademark infringement. The story below details another new threat: the targeting of a famous journalism brand to drive traffic to an electronic fraud scheme.

    In 2009, the PP Blog suspended publication of a companion Blog on Ponzi schemes and securities fraud because of the theft of its entire editorial well. Earlier this year, the Blog suspended the publication of ads provided by Google because of chronic harassment directed at the Blog and some of its readers by a cyberstalker on YouTube. The PP Blog also has experienced sustained DDoS attacks, threats of “war” and threats believed to have originated with people sympathetic to online criminals.

    On April 6, the PP Blog reported such an incident to a federal law-enforcement agency.

    One of the most prominent publishing companies in America’s heartland was duped in a scheme  in which international criminals fabricated an “advertising agency” purportedly based in Miami and placed an ad by posing as media buyers for a major hotel chain, federal prosecutors said.

    When the Star Tribune newspaper tested the ad, the criminals initially covered their tracks by causing the ad to appear to be a normal ad for the Best Western hotel chain, the purported client of the purported advertising agency.

    Within two days of the Feb. 19, 2010, placement of the “ad,” however, Star Tribune readers interested in what they believed was a Best Western offering were subjected to a browser hijack in the Netherlands and Latvia that caused their computers to freeze and display pop-up messages for a purported “antivirus” software product.

    Such “scareware” attacks have been responsible for tens of millions of dollars in losses globally by duping computer-users into believing their machines have been infected with a virus or malware and making purchases of software to eliminate the problem.

    After the Star Tribune realized it had been duped, the newspaper pulled all of its online ads, isolated the problem, contacted law enforcement “immediately” and let its readers know about the infected ad.

    Federal prosecutors now say “RevolTech Marketing,” the purported  “advertising agency” in Miami, was bogus. The ad allegedly was placed by a media buyer who identified herself as “Lisa Polowski.”

    Moreover, Best Western “had not retained RevolTech to place online advertisments on its behalf,” according to prosecutors. They added that losses from the scam targeted at the Star Tribune and its readers totaled “at least” $2 million.

    Two people — Peteris Sahurovs, 22, and Marina Maslobojeva, 23 — were arrested yesterday in Rezekne, Latvia, federal prosecutors said. They are charged with wire fraud, conspiracy and computer fraud for creating the phony agency, falsely claiming they represented Best Western, duping the Star Tribune and causing scareware to load on the personal computers of its readers.

    The Star Tribune is Minnesota’s largest newspaper. It covers news in multiple categories across the Minneapolis/St. Paul region, state, nation and world, and in recent years has been covering spectacular local Ponzi scheme cases with wide readership interest, including the Tom Petters’ and Trevor Cook cases.

    Prosecutors did not say why the Star Tribune had been targeted in the cyberattack. Scammers, spammers and online criminals, however, are known to monitor publications for cultural references and specific “keywords” — and then seek ways to use the publications to drive traffic to fraud schemes.

    The PP Blog, for instance, has received 2,859 unwanted communications in June 2011 alone, mostly from keyword spammers trying to publish ads on the Blog and leech off its traffic. In the Internet Age, criminal networks monitor coverage of any number of topics and seek ways to piggyback off the topics to create illegal profits.

    “The global reach of the Internet makes every computer user in the world a potential victim of cybercrime,” said U.S. Attorney B. Todd Jones of the District of Minnesota. “Addressing cybercrime requires international cooperation; and in this case, the FBI, collaborating with our international law enforcement and prosecution partners, has worked tirelessly to disrupt two significant cybercriminal networks. Their efforts demonstrate that no matter the country, Internet criminals will be pursued, caught and prosecuted.”

    Jones’ reference to a second disruption of international cybercrime was in the context of a case brought in Washington state in which the United States seized 22 domestic computers and servers and arranged to have 25 international computers and servers disabled in a scareware probe known as “Operation Trident Tribunal.”

    Federal prosecutors said a scareware network had racked up $72 million in sales over three years by duping people into buying fake antivirus software.

    At least 960,000 computer users were duped in the scareware fraud, prosecutors said. Latvian authorities seized at least five bank accounts linked to the scheme.

    “This case shows that strong national and global partners can ensure there is no sanctuary
    for cyber-crooks,” said U.S. Attorney Jenny A. Durkan of the Western District of Washington.

    Read the Minnesota indictment.