A hacking group is donating stolen money to charity in what is seen as a mysterious first for cyber-crime that's puzzling experts. smooth wombat writes: Darkside hackers claim to have extorted millions of dollars from companies, but say they now want to "make the world a better place." In a post on the dark web, the gang posted receipts for $10,000 in Bitcoin donations to two charities. One of them, Children International, says it will not be keeping the money. The move is being seen as a strange and troubling development, both morally and legally. In the blog post on 13 October, the hackers claim they only target large profitable companies with their ransomware attacks. The attacks hold organisations' IT systems hostage until a ransom is paid. They wrote: "We think that it's fair that some of the money the companies have paid will go to charity. No matter how bad you think our work is, we are pleased to know that we helped changed someone's life. Today we sended (sic) the first donations." The cyber-criminals posted the donation along with tax receipts they received in exchange for the 0.88 Bitcoin they had sent to two charities, The Water Project and Children International.

The billionaire chief executive of Ohio-based Reynolds and Reynolds Co, Robert Brockman, has been indicted on charges of tax evasion and wire fraud conducted over "decades." ZDNet reports: The scheme, in which roughly $2 billion was hidden away in offshore accounts and through money laundering, took place between 1999 and 2019, the US Department of Justice (DoJ) said on Thursday. According to the indictment (.PDF), the resident of both Houston, Texas, and Pitkin County, Colorado allegedly used a "web" of offshore organizations in Bermuda and Nevis to hide the profits he made from investments in private equity funds.

Brockman squirreled away his capital gains and also tampered with the evidence of his alleged activities, prosecutors say, by methods including backdating records and using "encrypted communications and code words" to communicate with co-conspirators, including the phrases "Permit," "King," and "Redfish." A ranch, luxury home, and yacht were among the purchases apparently made with non-taxed income. US prosecutors also say that between 2008 and 2010, Brockman used a third-party entity to purchase $67.8 million in debt securities from the software company. As CEO, the executive is not permitted to do so without full disclosure as it can have an impact on share prices and trading; however, Brockman allegedly did so without informing sellers.

As a result, approximately $2 billion in income was kept hidden from the US Internal Revenue Service (IRS). In addition, US prosecutors allege that investors in the software firm's debt securities were also defrauded. A federal grand jury in San Francisco, California has issued a 39-count indictment, including seven counts of tax evasion, 20 counts of wire fraud, money laundering, evidence tampering, and destruction of evidence.

Members of the intelligence-sharing alliance Five Eyes, along with government representatives for Japan and India, have published a statement over the weekend calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted communications. From a report: The statement is the alliance's latest effort to get tech companies to agree to encryption backdoors. The Five Eyes alliance, comprised of the US, the UK, Canada, Australia, and New Zealand, have made similar calls to tech giants in 2018 and 2019, respectively. Just like before, government officials claim tech companies have put themselves in a corner by incorporating end-to-end encryption (E2EE) into their products. If properly implemented, E2EE lets users have secure conversations -- may them be chat, audio, or video -- without sharing the encryption key with the tech companies. Representatives from the seven governments argue that the way E2EE encryption is currently supported on today's major tech platforms prohibits law enforcement from investigating crime rings, but also the tech platforms themselves from enforcing their own terms of service. Signatories argue that "particular implementations of encryption technology" are currently posing challenges to law enforcement investigations, as the tech platforms themselves can't access some communications and provide needed data to investigators.

Europe's top court has delivered another slap-down to indiscriminate government mass surveillance regimes. From a report: In a ruling today the CJEU has made it clear that national security concerns do not exclude EU Member States from the need to comply with general principles of EU law such as proportionality and respect for fundamental rights to privacy, data protection and freedom of expression. However the court has also allowed for derogations, saying that a pressing national security threat can justify limited and temporary bulk data collection and retention -- capped to 'what is strictly necessary.' While threats to public security or the need to combat serious crime may also allow for targeted retention of data provided it's accompanied by 'effective safeguards' and reviewed by a court or independent authority.

Aighearach shares a report from Reuters: The U.S. Securities and Exchange Commission (SEC) on Monday sued John McAfee, creator of the eponymous anti-virus software, alleging that he made over $23.1 million in undisclosed compensation from recommending seven cryptocurrency offerings on Twitter that were materially false and misleading. The regulator, which is seeking a trial by jury, alleged that from at least November 2017 through February 2018, McAfee recommended cryptocurrencies that he was paid to promote, while falsely denying "he was being paid by the issuers." The SEC is seeking to impose on McAfee a civil penalty as well as disgorgement of ill-gotten gains, with interest. The agency also wants to ban him permanently from serving as an officer or director of any listed company or any company that files reports to the agency. "Poor John, surely he's misunderstood," writes Slashdot reader Aighearach. "John, come talk to us, do another Slashdot interview and tell your side! We're here for you, and we have people who can do your taxes while you..."

Slashdot reader Aighearach adds that McAfee is also facing charges for evading taxes and willfully failing to file tax returns. "John McAfee might not be able to give an interview about his SEC troubles after all, now that he's on his way to the Big House," writes Aighearach.

On Friday America's Department of Justice announced: Two leaders of one of the world's most notorious videogame piracy groups, Team Xecuter, have been arrested and are in custody facing charges filed in U.S. District Court in Seattle... The indictment alleges the defendants were leaders of a criminal enterprise that developed and sold illegal devices that hacked popular videogame consoles so they could be used to play unauthorized, or pirated, copies of videogames. The enterprise targeted popular consoles such as the Nintendo Switch, the Nintendo 3DS, the Nintendo Entertainment System Classic Edition, the Sony PlayStation Classic, and the Microsoft Xbox.

"These defendants were allegedly leaders of a notorious international criminal group that reaped illegal profits for years by pirating video game technology of U.S. companies," said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department's Criminal Division. "These arrests show that the department will hold accountable hackers who seek to commandeer and exploit the intellectual property of American companies for financial gain, no matter where they may be located."

"These defendants lined their pockets by stealing and selling the work of other video-game developers — even going so far as to make customers pay a licensing fee to play stolen games," said U.S. Attorney Brian Moran for the Western District of Washington. "This conduct doesn't just harm billion dollar companies, it hijacks the hard work of individuals working to advance in the video-game industry."

"Theft of intellectual property hurts U.S. industry, game developers and exploits legitimate gaming customers, all of which threaten the legitimacy of the commercial video game industry," said Acting Special Agent in Charge Eben Roberts of U.S. Immigration and Customs Enforcement's Homeland Security Investigations, Seattle. "We are committed to working with our international partners to find criminals like these who steal copyrighted material and bring cyber criminals to justice...."

According to the indictment, Team Xecuter at times cloaked its illegal activity with a purported desire to support gaming enthusiasts who wanted to design their own videogames for noncommercial use. However, the overwhelming demand and use for the enterprise's devices was to play pirated videogames.

An anonymous reader quotes a report from The New York Times: American authorities brought criminal charges on Thursday against the owners of one of the world's biggest cryptocurrency trading exchanges, BitMEX, accusing them of allowing the Hong Kong-based company to launder money and engage in other illegal transactions. Federal prosecutors in Manhattan indicted the chief executive of BitMEX, Arthur Hayes, and three co-owners: Benjamin Delo, Samuel Reed and Gregory Dwyer. Mr. Dwyer was arrested in Massachusetts on Thursday, while the other three men remained at large, authorities said.

Prosecutors said BitMEX had taken few steps to limit customers even after being informed that the exchange was being used by hackers to launder stolen money, and by people in countries under sanctions, like Iran. "BitMEX made itself available as a vehicle for money laundering and sanctions violations," the indictment released on Thursday said. BitMEX has handled more than $1.5 billion of trades each day recently, making it one of the five biggest exchanges on most days. BitMEX and Mr. Hayes have been known for pushing the limits in the unregulated cryptocurrency industry.

After it was founded in 2014, BitMEX grew popular by allowing traders to buy and sell contracts tied to the value of Bitcoin -- known as derivatives, or futures -- with few of the restrictions and rules that were in place in other exchanges. That allowed investors to take out enormous loans and make risky trades. The relaxed attitude also made it possible for people all over the world to easily move money in and out of BitMEX without the basic identity checks that can prevent money laundering. In August, BitMEX put in place some of those verification checks.

Krebs on Security: Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. In its advisory, the Treasury's Office of Foreign Assets Control (OFAC) said "companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations." As financial losses from cybercrime activity and ransomware attacks in particular have skyrocketed in recent years, the Treasury Department has imposed economic sanctions on several cybercriminals and cybercrime groups, effectively freezing all property and interests of these persons (subject to U.S. jurisdiction) and making it a crime to transact with them. A number of those sanctioned have been closely tied with ransomware and malware attacks, including the North Korean Lazarus Group; two Iranians thought to be tied to the SamSam ransomware attacks; Evgeniy Bogachev, the developer of Cryptolocker; and Evil Corp, a Russian cybercriminal syndicate that has used malware to extract more than $100 million from victim businesses.

The San Diego Police Foundation, an organization that receives donations from corporations, purchased iPhone unlocking technology for the city's police department, according to emails obtained by Motherboard. From the report: The finding comes as activist groups place renewed focus on police foundations, which are privately run charities that raise funds from Wall Street banks and other companies, purchase items, and then give those to their respective police departments. Because of their private nature, they are often less subject to public transparency laws, except for when they officially interact with a department. "The GrayKey was purchased by the Police Foundation and donated to the lab," an official from the San Diego Police Department's Crime Laboratory wrote in a 2018 email to a contracting officer, referring to the iPhone unlocking technology GrayKey.

"The EULA I sent you [is] for a software upgrade that will allow us to get into the latest generation of Apple phones. Our original license was a 1 year license agreement paid for by the Police Foundation," the email adds. In a 2019 email, two other officials discussed purchasing the GrayKey for the following year. "This is the phone unlocking technique that the Police Foundation purchased for us (for 15k). Apparently the software 'upgrade' costs the same as the initial purchase each year. :/ They are the only ones that offer a tool that can crack iPhones, so they charge A LOT!," the email reads. Because police foundations act as private entities, they also do not directly fall under public records laws, meaning their expenditure or other activity may be more opaque than that of a police department itself. "Our end goal is to have an intervention on the funneling of private money into police forces and into policing," Scott Roberts, senior director of criminal justice campaigns at Color of Change, told Politico recently. "If the police foundations existed to raise money for the families of fallen police officers, we wouldn't say we need to abolish police foundations. It's the specific type of work that they're doing that we object to."

Reuters reports: Thailand launched legal action on Thursday against tech giants Facebook and Twitter for ignoring requests to take down content, in its first such move against major internet firms... "Unless the companies send their representatives to negotiate, police can bring criminal cases against them," the Ministry of Digital Economy and Society, Puttipong Punnakanta, told reporters. "But if they do, and acknowledge the wrongdoing, we can settle on fines...."

The complaints were against the U.S. parent companies and not their Thai subsidiaries, Puttipong said. Cybercrime police at a news conference said they would need to look at existing laws to determine whether they had jurisdiction to take up cases against firms based outside of Thailand.

Emilie Pradichit, executive director of Manushya Foundation, a digital freedom advocate, said the complaints were "a tactic to scare these companies...." Thailand has a tough lese majeste law prohibiting insulting the monarchy and a Computer Crime Act that outlaws information that is false or affects national security has also been used to prosecute criticism of the royal family.

Ring's latest home security camera is an autonomous drone, called the Always Home Cam, that can fly around inside your home to give you a perspective of any room you want when you're not home. "Once it's done flying, the Always Home Cam returns to its dock to charge its battery," reports The Verge. "It is expected to cost $249.99 when it starts shipping next year." From the report: Jamie Siminoff, Ring's founder and "chief inventor," says the idea behind the Always Home Cam is to provide multiple viewpoints throughout the home without requiring the use of multiple cameras. In an interview ahead of the announcement, he said the company has spent the past two years on focused development of the device, and that it is an "obvious product that is very hard to build." Thanks to advancements in drone technology, the company is able to make a product like this and have it work as desired.

The Always Home Cam is fully autonomous, but owners can tell it what path it can take and where it can go. When you first get the device, you build a map of your home for it to follow, which allows you to ask it for specific viewpoints such as the kitchen or bedroom. The drone can be commanded to fly on demand or programmed to fly when a disturbance is detected by a linked Ring Alarm system. The charging dock blocks the camera's view, and the camera only records when it is in flight. Ring says the drone makes an audible noise when flying so it is obvious when footage is being recorded. Ring also rolled out new hardware for the automotive market with three different devices focused on car owners: Ring Car Alarm, Car Cam, and Car Connect.

The company also said they've added opt-in end-to-end video encryption, as well as the option to completely disable the "Neighbors" feed, which allows users to view local crime in real time and discuss it with people nearby.

The European Commission will team up with the European Blockchain Partnership (EBP) to launch a new regulatory sandbox focused on cryptocurrencies and blockchain by 2022, according to an announcement published today. From a report: The commission is the executive branch of the European Union and the initiative is part of its newly adopted Digital Finance Package that aims to provide greater clarity for cryptocurrency companies. "By making rules safer and more digital friendly for consumers, the Commission aims to boost responsible innovation in the EU's financial sector, especially for highly innovative digital start-ups, while mitigating any potential risks related to investor protection, money laundering and cyber-crime," the commission stated. According to the commission, some digital assets already fall under EU legislation, however, these rules "most often predate the emergence of crypto-assets and DLT." This could result in various roadblocks on the way of innovations and make it difficult to apply existing frameworks to blockchain and cryptocurrencies in the financial sector.

Police forces around the world have seized more than $6.5 million in cash and virtual currencies, as well as drugs and guns in a co-ordinated raid on dark web marketplaces. The BBC reports: Some 179 people were arrested across Europe and the U.S., and 500kg (1,102lb) of drugs and 64 guns confiscated. It ends the "golden age" of these underground marketplaces, Europol said. "The hidden internet is no longer hidden", said Edvardas Sileris, head of Europol's cyber-crime centre.

The operation, known as DisrupTor, was a joint effort between the Department of Justice and Europol. It is believed that the criminals engaged in tens of thousands of sales of illicit goods and services across the U.S. and Europe. Drugs seized including fentanyl, oxycodone, methamphetamine, heroin, cocaine, ecstasy and MDMA. Of those arrested 119 were based in the U.S., two in Canada, 42 in Germany, eight in the Netherlands, four in the UK, three in Austria and one in Sweden.

CBS News reports: Six people allegedly conspired to bribe Amazon employees and contractors in order to gain a competitive advantage on the retailer's marketplace, federal prosecutors announced Friday.

According to the U.S. Department of Justice, those charged posed as consultants and worked with third-party sellers whose products had previously been removed from Amazon Marketplace get the items back on the platform. The six then paid a total of more than $100,000 in bribes to least 10 Amazon employees in exchange for their restoring the banned products or services, the indictment alleges. The products included household goods, consumer electronics and dietary supplements, prosecutors said.

"The ultimate victim from this criminal conduct is the buying public, who get inferior or even dangerous goods that should have been removed from the marketplace," U.S. Attorney Brian Moran said in a statement. "As the world moves increasingly to online commerce, we must ensure that the marketplace is not corrupted with unfair advantages obtained by bribes and kickbacks...."

The six accused face up to five years in prison for commercial bribery and up to 20 years for wire fraud.
One of the six actually worked for Amazon at the beginning of the scheme, according to the article, which notes that their tactics included temporarily suspending the accounts of competitors.

One FBI agent in Seattle tells CBS, "What's equally concerning is that, not only did they attempt to increase sales of their own products, but they sought to damage and discredit their competitors."

An anonymous reader quotes a report from Forbes: The CEO of a startup that sold fraud prevention software is facing fraud charges after he was arrested Thursday by the FBI in Las Vegas. Adam Rogas, who abruptly resigned from NS8 earlier this month, is accused of misleading investors who poured in $123 million to his company earlier this year, a deal in which he allegedly pocketed more than $17 million. "Adam Rogas was the proverbial fox guarding the henhouse," acting Manhattan U.S. Attorney Audrey Strauss said in a press statement. "While raising over $100 million from investors for his fraud prevention company, Rogas himself allegedly was engaging in a brazen fraud."

NS8 launched in 2016 to provide online fraud detection and prevention software for small businesses. More than 200 NS8 employees were laid off last week after executives told them the company was under investigation by the SEC for fraud. The news was startling for many, considering the company had announced a $123 million Series A funding round in June, led by global VC firm Lightspeed Venture Partners. In a statement, NS8 said that its board "has learned that much of the company's revenue and customer information had been fabricated by Mr. Rogas." The company added that no other employees or stakeholders had been charged and that it is cooperating with federal investigators. In its complaint, filed in the Southern District of New York, the Justice Department alleged that from January 2019 to February 2020, between 40% and 95% of NS8's assets were made up. During that period, the agency alleged, Rogas presented doctored bank statements to reflect over $40 million in fictitious revenue. Charges by the Justice Department carry penalties up to 20 years in prison. Rogas is expected to face a judge in Nevada on Friday.

An anonymous reader quotes a report from Motherboard: After searching through some of the tens of millions of encrypted messages pulled from Encrochat devices, Dutch police have launched a new investigation team that will look specifically into corruption, the police force announced on Wednesday. In some cases authorities are looking to identify police who leaked information to organized criminals. The news broadens the scope of the Encrochat investigations, which have focused heavily on drug trafficking and organized crime more generally. Earlier this year, French authorities hacked into Encrochat phones en masse to retrieve message content, and then shared those communications with various other law enforcement agencies.

"Criminal investigations into possible corruption are currently underway and there are likely to be more in the near future. In addition to investigations into drug trafficking and money laundering, investigations into corruption are also given top priority," Chief of Police Henk van Essen said in a Politie press release.

Encrochat was an encrypted phone company that took base Android units, made physical alterations to them, and added its own software. Encrochat devices sent messages with end-to-end encryption, meaning only the intended recipient was supposed to be able to read them. The phones also had a remote wipe feature, letting users destroy communications if they lost physical control of the device, as well as a dual-boot system that let users open an innocuous looking operating system, or the second one containing their more sensitive information. The phones were particularly popular with criminals, including drug traffickers and hitmen. There are indications Encrochat may have had legitimate users too, however. Other Encrochat customers are allegedly those involved in corruption, including police themselves, the press release suggests.

schwit1 shares a report from NewsNation Now: The Justice Department has charged five Chinese citizens with hacks targeting more than 100 companies and institutions in the United States and elsewhere, including social media and video game companies as well as universities and telecommunications providers, officials said Wednesday. The five defendants remain fugitives, but prosecutors say two Malaysian businessmen accused of conspiring with the alleged hackers to profit off the attacks on video game companies were arrested in that country this week and face extradition proceedings. The indictments announced Wednesday are part of a broader effort by the Trump administration to call out cybercrimes by China.

The malware that French law enforcement deployed en masse onto Encrochat devices, a large encrypted phone network using Android phones, had the capability to harvest "all data stored within the device," and was expected to include chat messages, geolocation data, usernames, passwords, and more, according to a document obtained by Motherboard. From the report: The document adds more specifics around the law enforcement hack and subsequent takedown of Encrochat earlier this year. Organized crime groups across Europe and the rest of the world heavily used the network before its seizure, in many cases to facilitate large scale drug trafficking. The operation is one of, if not the, largest law enforcement mass hacking operation to date, with investigators obtaining more than a hundred million encrypted messages. "The NCA has been collaborating with the Gendarmerie on Encrochat for over 18 months, as the servers are hosted in France. The ultimate objective of this collaboration has been to identify and exploit any vulnerability in the service to obtain content," the document reads, referring to both the UK's National Crime Agency and one of the national police forces of France. As well as the geolocation, chat messages, and passwords, the law enforcement malware also told infected Encrochat devices to provide a list of WiFi access points near the device, the document reads.

Long-time Slashdot reader PuceBaboon tipped us off to a story in Japan Times: About 18 million yen ($169,563) has been stolen from bank accounts linked to NTT Docomo Inc.'s e-money service, the company said Thursday, prompting police to begin an investigation into a suspected scam. As of Thursday, 66 cases of improper withdrawals from bank accounts linked to the mobile carrier's e-money service had been confirmed, NTT Docomo Vice President Seiji Maruyama told a news conference in Tokyo.

"We apologize to the victims" of the improper withdrawals, Maruyama said at the news conference, which was also attended by other company executives.

Maruyama acknowledged that checks on user identification had been "insufficient." NTT Docomo, which has stopped allowing customers to create new links between its e-money service and accounts at 35 partner banks, has said it will try to compensate victims for the full amounts stolen through negotiations with the banks.... In May last year, there were similar cases of improper withdrawals from Resona Bank accounts linked to NTT Docomo's e-money service. Docomo acknowledged it had failed to boost user identity checks to prevent a recurrence...

In the recent cases, third parties are believed to have obtained the victims' bank account numbers and passwords, and used them to register with the e-money service to transfer funds.

If you've ever received a parcel from a shopping platform that you didn't order, and nobody you know seems to have bought it for you, you might have been caught up in a "brushing" scam. From a report: It has hit the headlines after thousands of Americans received unsolicited packets of seeds in the mail, but it is not new. It's an illicit way for sellers to get reviews for their products. And it doesn't mean your account has been hacked. Here's an example of how it works: let's say I set myself up as a seller on Amazon, for my product, Kleinman Candles, which cost $3 each. I then set up a load of fake accounts, and I find random names and addresses either from publicly available information or from a leaked database that's doing the rounds from a previous data breach. I order Kleinman Candles from my fake accounts and have them delivered to the addresses I have found, with no information about where they have been sent from. I then leave positive reviews for Kleinman Candles from each fake account -- which has genuinely made a purchase.

This way my candle shop page gets filled with glowing reviews (sorry), my sales figures give me an algorithmic popularity boost as a credible merchant -- and nobody knows that the only person buying and reviewing my candles is myself. It tends to happen with low-cost products, including cheap electronics. It's more a case of fake marketing than cyber-crime, but "brushing" and fake reviews are against Amazon's policies. Campaign group Which? advises that you inform the platform they are sent by of any unsolicited goods.