DEBRA W. YANG United States Attorney Central District of California

Thom Mrozek, Public Affairs Officer (213) 894-6947 thom.mrozek@usdoj.gov

Release No. 04-110 August 26, 2004 OPERATION WEB SNARE LEADS TO CHARGES IN LOS ANGELES AGAINST HIGH-TECH, INTELLECTUAL PROPERTY OFFENDERS             As part of a nationwide initiative dubbed Operation Web Snare, federal authorities in Los Angeles have brought 12 cases against alleged cyber criminals and intellectual property offenders who have been charged with committing Internet auction fraud and movie piracy, trafficking in counterfeit pharmaceuticals, launching sophisticated computer attacks and violating the CAN SPAM Act of 2003.             Following an announcement in Washington D.C. where Attorney General John Ashcroft highlighted the efforts of law enforcement officials in Southern California (see: http://www.usdoj.gov/opa/pr/2004/August/04_crm_583.htm), some of those officials gathered at the FBI building in Westwood to announce a series of cases that have been recently filed in United States District Court in Los Angeles.             “These cases demonstrate our commitment to protect users of the Internet and those who produce the intellectual capital that drives America’s economic engine,” said United States Attorney Debra W. Yang. “The Internet is the bold new frontier of crime, but we’re the new sheriff in town. For cyber criminals who operate out of Los Angeles or any location around the globe, this posse will bring you to justice.”             James M. Sheehan, Special Agent in Charge, Criminal Division, FBI Los Angeles, stated: “What we in law enforcement must confront today is an entirely new breed of criminal – one that transcends geographic boundaries or borders with a high degree of stealth and anonymity. We have witnessed the emergence of the professional Cybercriminal, a foe at home and abroad that continuously probes our critical infrastructure for weakness and vulnerability, in order to victimize the American public in a multitude of ways, and profit from our loss.”             U.S. Secret Service Special Agent in Charge Anthony M. Chapa said: "The potential for cyber crime and network intrusion is an ever-expanding globe crime, one that highlights the importance of law enforcement investigators to work with our public and private partners.”             ATTACKS ON COMPUTER SYSTEMS             In the first successful investigation of a large-scale distributed denial of service (DDOS) attack used for a commercial purpose in the United States, a total of six individuals, have been charged with conspiracy and causing damage to protected computers after they launched a series of relentless distributed denial of service attacks against three retail satellite companies who rely on their online presence to conduct business. A DDOS attack is launched when a multitude of compromised computers attack a single target, causing a sustained denial of service for users of the targeted system. This type of attack, once the domain of teenagers vying for online reputation and control of chat channels, has become the tool of choice for cyber extortionists and unscrupulous business owners attempting to sabotage competitors.             In October 2003, Weaknees.com, a Los Angeles-based online retailer, reported a series of DDOS attacks that effectively halted its business for nearly two weeks and caused more than $200,000 in losses. Online retailer Rapid Satellite in Miami Beach, Florida and Expert Satellite in Worcester, Massachussetts, were similarly attacked and suffered significant losses. One of the Internet service providers that hosted the web sites suffered more than $1 million in losses from the targeted attacks. The ISP had also hosted the web sites of the Department of Homeland Security and Amazon.com which were temporarily disrupted by the DDOS attacks. Yesterday, a federal grand jury returned a five-count indictment against Jay Echouafni, 37, the chief executive officer of Orbit Communication Corp. in Sudbury, Massachusetts, a competitor of Weaknees, Expert Satellite and Rapid Satellite. The indictment alleges that Echouafni and his business partner, Paul Ashley, 30, of Powell, Ohio, hired computer hackers to launch the DDOS attacks against Orbit’s online competitors in California, Florida and Massachussetts. Ashley, who owned an ISP in Powell, Ohio known as Creative Internet Techniques and FOONET, was charged in a felony criminal complaint filed yesterday. The indictment and complaint allege that Echouafni and Ashley used the services of four hackers known for their skill in launching DDOS attacks. The four hackers were also charged in the criminal complaint with conspiracy and causing damage to protected computers. Through the cooperation of the victims, ISPs and international authorities, U.S. agents were able to trace the digital evidence back to the computers of offenders in the United States and the United Kingdom. This case was investigated by the FBI and the United States Secret Service with the assistance of the London Metropolitan Police Service and the FBI’s Legal Attache in the United Kingdom. On Monday of this week, Raul James Ramirez pled guilty to unlawfully accessing computer systems to download credit histories and personal information as part of an identity theft scheme. Ramirez had first gained access to the computer systems of NowCom, a company based in Los Angeles, while working at an Arizona automobile dealership and then at his home in Bellflower, California where he downloaded credit histories and personal information for numerous customers. The NowCom computers provided car dealerships with online access to credit histories to determine whether consumers qualify for automobile financing. Ramirez was arrested by federal authorities on November 12 when the FBI executed a search warrant at his residence and found unauthorized credit cards containing the names of individuals whose credit reports Ramirez had illegally accessed online. Ramirez was also wanted by authorities in Arizona because he allegedly escaped from a jail in Kingman, Arizona where he was serving a sentence for assault with a deadly weapon.             In a separate computer intrusion case involving a disgruntled employee, Cynthia Noel Larsen, 33, of Corona, was convicted by jury in Los Angeles of computer intrusion. Larsen, a former employee of Calvada, a Corona engineering and surveying firm, was terminated for poor performance and then hired by the company that administered the company’s information systems. Larsen combined her knowledge about Calvada with her access to its computer system in order to exact revenge for being fired. Over a period of several months, Larsen monitored and destroyed e-mail, created and deleted accounts, in addition to changing passwords. The intrusion resulted in what is estimated to be thousands of dollars in system damage and lost business. This case was investigated by the FBI in Los Angeles and prosecuted by the United States Attorney’s Office in Los Angeles.             WIRELESS SPAMMING             The United States Attorney's Office in Los Angeles has also filed charges against a “wireless spammer” under the recently enacted CAN SPAM Act, which regulates interstate commerce by imposting limitations and penalties for transmitting unsolicited e-mail. Charges have been filed against Nicholas Tombros, 37, of Marina Del Rey, for sending spam e-mail messages advertising pornographic websites from his laptop computer while driving through Venice. Tombros used a wireless antennae attached to his laptop and drove around Venice to find open and unencrypted wireless access points for computer networks in the area. Tombros then gained access to the wireless networks and sent thousands of spam messages with advertising for pornography sites. Tombros is expected to appear in U.S. District Court on Monday, August 30 to face the federal charges. This case was investigated by the Los Angeles Office of the FBI.             INTERNET AUCTION FRAUD             In a seperate case announced today, charges were filed on August 20 in the largest PayPal and eBay fraud scheme in history. Jie Dong, 40, formerly of Diamond Bar, is charged with engaging in a sophisticated mail and wire fraud scheme that cost victims nearly $800,000. Dong conducted more than 5,000 fraudulent sales to eBay customers from September to December 2003 after establishing accounts with eBay and PayPal under the username "quainfangcompany." As part of his scheme, Dong established a positive feedback rating to lure auction fraud victims by selling more than $150,000 in low-cost merchandise. In November 2003, however, Dong began selling more expensive items, such as computer hard drives, digital cameras and DVD players. During the holiday season, Dong sold approximately $380,000 in merchandise every week and collected the money through his online PayPal account or by cashing money orders sent directly by the customers. Dong then withdrew the money, sometimes in increments as high as $60,000, or transferred the money to bank accounts in China and Hong Kong. Dong's eBay and PayPal accounts were terminated after eBay received a flood of complaints. Dong never sent any of the merchandise purchased by the approximately 5,000 victims. Dong subsequently fled the country and is currently being sought by federal authorities. Through the assistance of authorities in China and Hong Kong, as well as eBay investigators in the United States and Hong Kong, more than $280,000 in stolen funds have been frozen and criminal forfeiture proceedings have been filed. This case was investigated by the Electronics Crimes Task Force comprised of the FBI, the United States Secret Service, the Los Angeles Police Department, the Los Angeles Sheriff’s Department, the California Highway Patrol, investigators with the Los Angeles County District Attorney’s Office and the Department of Motor Vehicles. The charges were also the result of the assistance of investigators of PayPal and eBay as well as law enforcement authorities in China and Hong Kong. In another case of alleged fraud on eBay, Vicki Crawford, 48, of Los Angeles, California, was named in a criminal complaint filed August 18 that accuses her of offering electronics for sale on eBay's online auction, instructing the auction "winner" to send her funds, receiving and cashing the purchase price, and then failing to mail the agreed-upon item to the buyer. In conducting these transactions, Crawford used at least 25 eBay auction accounts, 20 e-mail accounts, 20 aliases and 15 addresses. Between July 2000 and February 2004, Crawford allegedly defrauded more than 30 victims out of more than $30,000. Crawford made here initial court appearance on Monday. If she is convicted on the charges in the complaint, she faces up to 100 years in federal prison. This case was investigated by the FBI.             INTELLECTUAL PROPERTY OFFENSES             In a case involving piracy on the Internet, a Cincinnati man has agreed to plead guilty to criminal copyright charges for the manufacture, Internet distribution and sale of the television show Stargate SG-1. Adam McGaughey, 35, was the administrator of www.SG1archive.com and www.SG1archive.net, which provided free downloading of five seasons of Stargate SG-1, a popular science fiction television show whose rights are owned by Metro Goldwyn Mayer (MGM). McGaughey is scheduled to make his first court appearance on August 30. This case was investigated by the FBI.             In two intellectual property cases filed earlier this week, two men were charged with trafficking in counterfeit goods and selling counterfeit pharmaceuticals, specifically fake Viagra tablets. Frank Fu Jen Huang, 58, of Upland, and David Srulevitch, 55, of Walnut, allegedly manufactured as many as 700,000 fake Viagra tablets at an Azuza laboratory partially owned by Srulevitch in late 2002 and early 2003. Huong also allegedly imported $70,000 worth of counterfeit Viagra tablets from China, pills that Srulevitch allegedly sold in 2000 and 2001. Huong was arrested on Monday and is currently in federal custody. Srulevitch has agreed to plead guilty and is scheduled to make his first court appearance on September. 13. This case was investigated by Food and Drug Administration’s Office of Criminal Investigation and the United States Immigration and Customs Enforcement agency.             "We have no control over how drugs made outside the United States are made, or what potentially harmful ingredients and fillers and are used to make them," said Loraine Brown, Special Agent-in-Charge, Immigration and Customs Enforcement, Los Angeles. "ICE is committed to combating this serious threat to public health and safety."             Acting Commissioner of the Food and Drug Administration, Dr. Lester M. Crawford, stated: "Today's action shows that FDA and the Department of Justice are aggressively moving against those who engage in drug counterfeiting. Drug counterfeiting is a particularly nefarious crime because it can jeopardize lives and undermine public confidence in the safety of the American drug supply. FDA will take every measure it can to combat this scourge."             ADDITIONAL CASES             Several other cases that fall under Operation Web Snare have been announced previously by the United States Attorney’s Office in Los Angeles. They include an FBI Los Angeles investigation into members of a “warez” group that used a computer server at Fox Cable Network to maintain copyrighted works. Four of the defendants in this case have agreed to plead guilty and the two remaining defendants are scheduled to go to trial on October 5. Additional information on this case can be viewed at: http://www.usdoj.gov/usao/cac/pr2004/104.html.             In a second case previously announced, a federal grand jury earlier this month indicted a Romanian computer hacker and five Americans on charges of conspiracy to steal more than $10 million in computer equipment from Ingram Micro. The Romanian, Calin Mateias, is alleged to have hacked into Ingram Micro’s online ordering system and placed fraudulent orders for computers and equipment. He directed that the orders be sent to dozens of addresses throughout the U.S. to individuals involved in the fraud ring. For additional information on this investigation, please see: http://www.usdoj.gov/usao/cac/pr2004/103.html.             An indictment or criminal complaint contains only allegations of criminal activity and that the defendants are presumed innocent until and unless proven guilty.