A Trio of Cybercrimes Which Resulted in Guilty Pleas

Finally, a blog post that focuses not on the increasing number of ways that cybercriminals can hurt you and your business, but on the consequences these cybercriminals faced after being apprehended! 

A Malware Strain Named Mirai
As a malware strain that forced Internet of Things devices to produce a zombified botnet and commenced Distributed Denial of Service attacks, Mirai was responsible for a significant amount of problems across the Internet. Mirai's developers were Josiah White (20 years old) and Paras Jha (21), both of whom have pled guilty to creating and leveraging Mirai for their own nefarious purposes.

White and Jha created a company called Protraf Solutions LLC, whose sole purpose was to mitigate DDoS attacks. Using this organization with their creation, the two launched DDoS attacks against companies and then sold their solutions to said companies, or would collect payments from said companies to halt the attacks. White and Jha also teamed up with an accomplice, Dalton Norman (21), to leverage Mirai as the driving force behind a fraudulent click scheme. This plot got them around 200 Bitcoin, with 30 going to Norman.

Mirai was also guily for the DDoS attack on Dyn, one of the biggest data centers east of the Mississippi River.

White, Jha and Norman were charged with click fraud conspiracy, each being sentenced to five years in prison and a $250,000 fine. Jha and White were also charged with conspiracy for developing and using Mirai; they both pled guilty and received an additional five years to their sentence as well as another $250,000 fine, along with three years of supervised release.

Retention of National Defense Data
On the 17th of December, 2017, an employee of the National Security Agency pled guilty to “willful retention of national defense information.” According to the United States Justice Department, Nghia Hoang Pho was employed as a developer for the Tailored Access Operations (TAO) unit in 2006. The TAO unit was tasked with producing hacking tools to be utilized to gather data from overseas targets and their information systems.

Between 2010 and March of 2015, Pho seized classified data and stored it on his home system, which had antivirus software from Kaspersky Lab installed on it. It is suspected that Russian hackers have exploited Kaspersky Lab to pilfer documents, possibly the ones taken home by Pho. The US Department of Homeland Security issued a directive that rejects the use of software made by Kaspersky Lab in federal agencies.

Pho will be sentenced on April 6th and could be in prison for up to 10 years.

Yahoo Hacking
In March 2017 four men faced indictment for hacking into Yahoo and exposing the personal account information of one billion users. Karim Baratov (22 years old) has been charged with cooperating with two members of the Federal Security Service of the Russian Federaion (FSB). 

Baratov hacked into 80 accounts on behalf of the FSB, along with over 11,000 webmail accounts since 2010. Using customized spear-phishing content, he also provided a service that allowed access to Google, Yahoo, and Yantex accounts.

Baratov has pled guilty plea to all nine counts he faces. The first count is for aggravated identity theft, with a mandatory sentence of two years. The other eight counts are for violating the Computer Fraud and Abuse Act; each count may carry a sentence of 10 years and a fine of $250,000. Fortunately for Baratov, the United States’ federal sentencing guidelines could shorten the amount of time spent in jail by no small measure.

Actually seeing these cybercriminals receive their comeuppance is satisfying, but it is even better to know that you’re protected from becoming a victim of similar schemes. Macro Systems can help by providing the security solutions and training to help keep your business safe. Give us a call at 703-359-9211 to get started.