The F.B.I. scored two major victories, recovering a Bitcoin ransom and tricking lawbreakers with an encryption app. But criminals may still have the upper hand.
The Federal Bureau of Investigation created a company that sold encrypted devices to hundreds of organized crime syndicates, resulting in 800 arrests in 16 countries, law-enforcement authorities announced today. The FBI and agencies in other countries intercepted 27 million messages over 18 months before making the arrests in recent days, and more arrests are planned.
The FBI teamed up with Australian Federal Police to target drug trafficking and money laundering. They “strategically developed and covertly operated an encrypted device company, called ANOM, which grew to service more than 12,000 encrypted devices to over 300 criminal syndicates operating in more than 100 countries, including Italian organized crime, outlaw motorcycle gangs, and international drug trafficking organizations,” Europol said today.
Distribution of the devices began in October 2018. The cellphones sold by the FBI-run company were “procured on the black market” and “performed a single function hidden behind a calculator app: sending encrypted messages and photos,” The New York Times wrote today. The cellphones were “stripped of all normal functions,” with the faux calculator being the only working app. Once users entered a code, they could use the app to send messages that they thought were protected by end-to-end encryption.
Global law enforcement officials revealed a three-year operation in which they said they had intercepted over 20 million messages. Hundreds of arrests were made in more than a dozen countries.
Giovanni Brusca completed 25 years in prison for murder, including the killings of Giovanni Falcone, an anti-mafia crusader, and a 14-year-old boy he dissolved in acid. He later became an informant.
President Recep Tayyip Erdogan, already hampered by an economic crisis and a surge in coronavirus cases, is now battling allegations of corruption in his ranks.
Investigators in a small southern Italian city say they discovered a criminal network that expanded all the way to a cafe at the judicial building.
An agricultural movement in Italy grows on land confiscated from organized crime.
A reputed gangster and leader of an “ultras” fan group, who also reportedly had ties to the government, has been arrested following a series of gruesome murders connected to a Belgrade soccer stadium.
More than 60 prisoners were killed in gruesome violence, some of it videotaped and posted online, that the authorities tied to the drug trade.
The Biden administration has an opportunity to stem illegal gun trafficking to Mexico and beyond.
Michael Shnayerson’s “Bugsy Siegel: The Dark Side of the American Dream” is a rise-and-fall story of the bootlegger and murderer who practically invented Las Vegas.
The remarkable story of one mother’s implausible quest to bring a cartel to justice for the murder of her child.
The crime series is so popular in its native Italy that it has filtered into language and culture. Some critics decry its portrayal of Naples, while others praise its realism and universal themes.
Prosecutors in the southern region of Calabria opened a trial of 325 defendants linked to the ‘Ndrangheta crime syndicate accused of murder, corruption, drug trafficking and other crimes.
Leaders of the neo-fascist Golden Dawn party were convicted of running a criminal group. But one is living free in Brussels, immune from extradition as a European Parliament member.
A man who was dating a former New Jersey “housewife” was beaten up. Her ex-husband asked a Lucchese crime family member to commit the assault, prosecutors say.
Armada con una pistola, tarjetas de identificación falsas y disfraces, Miriam Rodríguez se convirtió en un escuadrón de detectives que desafiaba a un sistema en el que suele prevalecer la impunidad criminal.
Armed with a handgun, a fake ID card and disguises, Miriam Rodríguez was a one-woman detective squad, defying a system where criminal impunity often prevails.
He was a prominent prosecutor in the 1970s. A blunder by hit men left his father dead.
An organized “crime gang” besieged the coastal city of Criciúma early Tuesday, robbing several bank branches, according to a police official.
Distilleries are trendy in rural New York. But this one was open 88 years ago, during Prohibition.
A court spokesman said the judge had not been aware of accusations linking the fugitive to organized crime.
The neo-fascist party’s leaders were convicted of running a criminal organization, and some of its members were found guilty of acts of violence.
The court tied the far-right party to a string of attacks, including the fatal stabbing of a left-wing rapper.
Law enforcement agents documented the harvest of more than six tons of shark fins, officials said.
Marian Kocner was acquitted of ordering the 2018 killing of an investigative journalist that set off anticorruption protests in Slovakia.
While the arrest of José Antonio Yépez delivers a major blow to a cartel, analysts say officials lack a cohesive strategy against debilitating crime.
A court has granted a bid by Microsoft to seize and take control of malicious web domains used in a large-scale cyberattack targeting victims in 62 countries with spoofed emails in an effort to defraud unsuspecting businesses.
The technology giant announced the takedown of the business email compromise operation in a Tuesday blog post.
Tom Burt, Microsoft’s consumer security chief, said the attackers tried to gain access to victims’ email inboxes, contacts and other sensitive files in order to send emails to businesses that look like they came from a trusted source. The end goal of the attack is to steal information or redirect wire transfers.
Last year, the FBI said businesses lost more than $1.7 billion as a result of business email compromise attacks.
Microsoft said it first detected and scuppered the operation in December, but that the attackers returned, using the COVID-19 pandemic as a fresh lure to open malicious emails. In one week alone, the attackers sent malicious emails to millions of users, Microsoft said.
Last month, the company secretly sought legal action by asking a federal court to allow it to take control and “sinkhole” the attacker’s domains, effectively shutting down the operation. The court granted Microsoft’s request shortly after but under seal, preventing the attackers from learning of the imminent shutdown of their operation.
Details of the case were unsealed Monday after Microsoft secured control of the domains.
It shows a growing trend of using the U.S. courts system to shut down cyberattacks when time is of the essence, without having to involve the federal authorities, a process that’s frequently cumbersome, bureaucratic, and seldom quick.
“This unique civil case against COVID-19-themed [business email compromise] attacks has allowed us to proactively disable key domains that are part of the criminals’ malicious infrastructure, which is a critical step in protecting our customers,” said Burt.
Microsoft declined to say who, or if it knew, who was behind the attack but a spokesperson confirmed it was not a nation state-backed operation.
The attack worked by tricking victims into turning over access to their email accounts. Court filings seen by TechCrunch describe how the attackers used “phishing emails are designed to look like they come from an employer or other trusted source,” while designed to look like they are legitimate emails from Microsoft.
Once clicked, the phishing email opens a legitimate Microsoft login page. But once the victim enters their username and password, the victim is redirected to a malicious web app that was built and controlled by the attackers. If the user is tricked into approving the web app access to their accounts, the web app siphons off and sends the victim’s account access tokens to the attackers. Account access tokens are designed to keep users logged in without having to re-enter their passwords, but if stolen and abused, can grant full access to a victim’s account.
Burt said the malicious operation allowed the attackers to trick victims into giving over access to their accounts “without explicitly” requiring the victim to turn over their username and password, “as they would in a more traditional phishing campaign.”
With access to those accounts, the attackers would have full control of the accounts to send spoofed messages designed to trick companies into turning over sensitive information or carry out fraud, a common tactic for financially-driven attackers.
By taking out the attackers’ domains used in the attack, Burt said the civil case against the attackers let the company “to proactively disable key domains that are part of the criminals’ malicious infrastructure.”
It’s not the first time Microsoft has asked a court to grant it ownership of malicious domains. In the past two years, Microsoft took control of domains belonging to hackers backed by both Russia and Iran.
After dominating the global methamphetamine trade, crime syndicates in Myanmar are starting to make fentanyl, the drug that has fueled the U.S. opioid crisis.
John Gleeson, a retired federal judge and former mob prosecutor, will oppose the Justice Department’s move to drop a charge against President Trump’s former national security adviser.
Hundreds of maximum-security inmates, including three mob bosses, were granted house arrest because of health concerns. The backlash forced the government to scramble.
Elected as a transformative leader who would propel the country forward, Nayib Bukele is now reminding critics of the country’s past autocrats, with his reliance on the military.
As it confronts the ravages of the virus, Italy’s less developed south also faces economic carnage not seen since just after World War II, with the poor turning to handouts.