Skip Navigation

ITMG Insider Threat Cases – August 3, 2020

Three Individuals Charged for Alleged Roles in Twitter Hack

Three individuals have been charged today for their alleged roles in the Twitter hack that occurred on July 15, 2020. The announcement was made by United States Attorney David L. Anderson; Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division; FBI Special Agent in Charge John L. Bennett; Kelly R. Jackson, IRS Criminal Investigation, Special Agent in Charge of the Washington D.C. Field Office; U.S. Secret Service Special Agent in Charge of the San Francisco Field Office Thomas Edwards and U.S. Secret Service Special Agent in Charge of the Orlando Field Office Caroline O’Brien Buster.  Additional facts regarding the investigation and charges can be found here: https://youtu.be/z80K3-q3Kqg. Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom, was charged in a criminal complaint in the Northern District of California with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer. Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida, was charged in a criminal complaint in the Northern District of California with aiding and abetting the intentional access of a protected computer. The third defendant is a juvenile.  With exceptions that do not apply to this case, juvenile proceedings in federal court are sealed to protect the identity of the juvenile.  Pursuant to the Federal Juvenile Delinquency Act, the Justice Department has referred the individual to the State Attorney for the 13th Judicial District in Tampa, Florida.

Researcher Pleaded Guilty to Conspiring to Steal Scientific Trade Secrets from Ohio Children’s Hospital to Sell in China

Former Ohio woman Li Chen, 46, pleaded guilty today via video conference in U.S. District Court today to conspiring to steal scientific trade secrets and conspiring to commit wire fraud concerning the research, identification and treatment of a range of pediatric medical conditions. “Once again we see the People’s Republic of China (PRC) facilitating the theft of our nation’s ingenuity and hard work as part of their quest to rob, replicate and replace any product they don’t have the ability to develop themselves,” said John C. Demers, Assistant Attorney General for National Security.  “Far from being an isolated incident, we see the PRC implicated in around 60 percent of all trade secret theft cases.  This continued economic belligerence runs contrary to the values and norms that facilitate the success of our industries and countering it remains among our highest priorities.”

Over 1000 Twitter Staff and Contractors Had Access to Internal Tools that Helped Hackers Hijack Accounts

As Twitter and law enforcement agencies investigate the high profile attack that saw a number of public figures’ accounts hacked to spew out a cryptocurrency scam, there is a clear lesson for other businesses to learn. As Reuters reports, as of earlier this year, in excess of 1000 Twitter staff and external contractors had access to an internal system that allows access to any account, and passwords to be reset. It was this system that hackers abused to break into accounts belonging to the likes of presumptive US Presidential Candidate Joe Biden, former US President Barack Obama, Elon Musk, Jeff Bezos, Kanye West, and scores of others, as well as Twitter accounts owned by firms such as Apple, Coinbase, and Uber. According to Reuters, former Twitter employees claim that “too many people”, including some at contracting firms such as Cognizant, had access to the internal tool – and even if those 1000+ people didn’t abuse it themselves, they were potentially targets for social engineering attacks by hackers eager to exploit the access.

Twitter Contractors Reportedly Used Internal Tools to Spy on Celebrities

Former Twitter security employees have alleged that some of the company’s contractors have used tricks to spy on some of the social media giant’s biggest users, including Beyoncé. That’s according to a report from Bloomberg, which spoke with four former Twitter security employees. The allegations come just weeks after Twitter suffered a major security breach that saw dozens of high-profile accounts taken over by scammers. According to Bloomberg, two of the former Twitter security employees revealed that in 2017 and 2018 some Twitter contractors “made a kind of game out of creating bogus help-desk inquiries” that enabled them to spy on the accounts of celebrities. By doing this, the contractors were able to access the celebrities’ personal data, including their approximate location. One of the celebrity accounts that were reportedly accessed was of superstar Beyoncé. The former Twitter security employees told Bloomberg that contractors found workarounds using Twitter’s internal tools and processes to glean information about politicians, brands, and even former lovers, in addition to celebrities. The former employees allege that Twitter’s board of directors was informed about the unauthorized insider access to accounts repeatedly between 2015 to 2019, yet their concerns were “deferred for other priorities,” Bloomberg says.

Former Twitter Employees Hit with Expanded Espionage Charges

The US government has charged two former employees and one other person with seven offenses for allegedly spying on Twitter users critical of the Saudi Arabian royal family. Two former Twitter employees are charged with allegedly spying on users critical of the Saudi Arabian royal family. The US government filed expanded charges on Tuesday against two former Twitter employees and a third individual for allegedly spying on Twitter users on behalf of Saudi Arabia, according to an indictment. The two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, and a third person named Ahmed Almutairi, were first charged with two offenses in 2019 for allegedly using their work at the social media platform to provide non-public information about Twitter accounts critical of the Saudi royal family to the Saudi government.

San Jose Police Officer Charged as Mastermind of Multi-Million-Dollar Fraud Scheme

San Jose police officer Robert Foster has been charged with using his off-duty private security company to commit insurance fraud, tax evasion, wage theft and illegally laundering about $18 million, prosecutors announced Friday. The Santa Clara County District Attorney’s Office said the 47-year-old Foster, 47, owner of Morgan-Hill based Atlas Private Security, self-surrendered and will be arraigned on November 30th. Foster’s wife and eight other company employees were also being charged with four counts of felony conspiracy to commit insurance fraud, unemployment insurance fraud, money laundering, wage theft and 39 additional felonies including extortion and a white-collar crime enhancement.

Staffing Firm in Southern Tier Alleges Corporate Espionage by Former Employees

Two Southern Tier staffing agencies are locked in a bitter dispute alleging corporate espionage, payroll sabotage, the breaching of non-compete and non-disclosure agreements, and the hijacking of a company Facebook page. In a 54-page filing with the Federal District Court in Northern District earlier this month, Adecco accuses the upstart Staffworks of raiding its Corning, Elmira, Utica and Syracuse staff to steal proprietary account information and using it to steal long-established business. Named in the suit are seven former Adecco employees and the Staffworks founder, all of whom are accused of a concerted scheme to aid a competitor at Adecco’s expense. Adecco, one of the world’s largest staffing firms, says it “has and will continue to suffer damages, irreparable harm” from the actions of the defendants and asks the court to prevent those named in the suit from working at Staffworks and for financial damages, the lawsuit states.ty does not disqualify a technology company from obtaining a legal victory under the “unclean hands” doctrine. San Francisco-based Rearden LLC accused a former employee of its subsidiary Rearden MOVA of illegally selling its MOVA Countour “facial performance motion capture” technology to a Chinese company in 2012. Years later in February 2015, another Chinese corporation called Shenzhenshi Haitiecheng sued Rearden in San Francisco federal court, claiming it legally acquired the MOVA assets from that employee, Greg LaSalle, in May 2013. Shenzhenshi later granted a China and India-owned company, Digital Domain 3.0, or DD3, an exclusive license to use the patents.

Bank of San Antonio Seeks to Recover $13M Lost in Alleged Fraud Scheme

The Bank of San Antonio and a subsidiary are accusing a former top-level employee of forging documents, arranging kickbacks, and swindling the company out of millions of dollars. Officials of the bank and subsidiary Texas Express Funding (TEF) said they discovered what they called a “Ponzi-style fraud scheme” in May, resulting in losses of $13.2 million. After learning of the alleged fraudulent activity, bank officials notified the FBI and banking regulators. The Bank of San Antonio formed TEF last year as a subsidiary specializing in receivables financing. But in a lawsuit filed Tuesday, the bank alleges TEF’s former president, Wayne Schroeder, fraudulently induced the bank to purchase millions of dollars of worthless accounts receivables from various businesses.

Former West Virginia University Professor Sentenced for Fraud That Enabled Him to Participate in the People’s Republic of China’s “Thousand Talents Plan”

Dr. James Patrick Lewis, of Fairview, West Virginia, was sentenced today to three months incarceration for a fraud charge involving West Virginia University, the Department of Justice announced. Lewis was also fined $9,363 for the cost of the incarceration and ordered to pay $20,189 in restitution to WVU, which is paid in full. Lewis, age 54, pleaded guilty to a one-count information charging him with “Federal Program Fraud.” From 2006 to August 2019, Lewis was a tenured professor at West Virginia University in the physics department, specializing in molecular reactions used in coal conversion technologies. In July 2017, Lewis entered into a contract of employment with the People’s Republic of China through its “Global Experts 1000 Talents Plan.” China’s Thousand Talents Plan is one of the most prominent Chinese Talent recruit plans that are designed to attract, recruit, and cultivate high-level scientific talent in furtherance of China’s scientific development, economic prosperity and national security. These talent programs seek to lure overseas talent and foreign experts to bring their knowledge and experience to China and reward individuals for stealing proprietary information.

Former Schertz Business Manager Pleads Guilty to Stealing over $470,000 from Company

Today, 47-year-old Deanna Bates Wehde of San Antonio admitted to stealing over $470,000 from the company she managed, announced U.S. Attorney John F. Bash and FBI Special Agent in Charge Christopher Combs, San Antonio Division. Appearing before U.S. Magistrate Judge Henry Bemporad, Wehde pleaded guilty to one count of wire fraud and one count of aggravated identity theft.  By pleading guilty, Wehde admitted that while employed by Stone Care of Texas between May 2016 and September 2018, she defrauded the company by using company credit cards issued in the names of former employees for business-related travel to make unauthorized purchases and cash withdrawals for her own personal use and benefit.

This entry was posted on Monday, August 3rd, 2020 at 11:29 am. Both comments and pings are currently closed.