Hacker Gets Home Confinement For Sabotaging US Water Treatment Facility
Read also: MIT brothers charged with a $25M crypto theft, BreachForums hacking forum seized, and more.
Thursday, May 16, 2024
A hacker sentenced for a cyber-attack on the US water treatment facility
Rambler Gallo, a former employee at the US water treatment facility, has been sentenced to six months of home confinement and 36 months of probation for a compromise of the computer network of the Discovery Bay Water Treatment Facility.
Gallo was responsible for maintaining the computer systems crucial for the operation of Discovery Bay's wastewater treatment facility. He installed software on both his personal computer and the company's internal network, providing him with remote access to Discovery Bay's Water Treatment Facility computer network.
After resigning from his position on November 25, 2020, Gallo abused his previous access, nearly five weeks later, to send a command that uninstalled an automated monitoring system, overseeing vital functions such as water pressure, filtration, and chemical levels. The attacker’s actions disrupted the monitoring software, which remained offline until the breach was discovered by facility employees the following day.
Gallo was indicted in June 2023, on one felony count of transmitting a program to cause damage to a protected computer. As part of his sentence, he is ordered to forfeit his computer and pay $44,250 in restitution.
Request your free demo now and talk to our experts.
BreachForums hacking forum known for selling stolen data seized by law enforcement (again)
Law enforcement agencies, including the FBI and the Department of Justice (DoJ), have seized control of BreachForums, a notorious online marketplace for buying and selling stolen data and other illicit services.
BreachForums, previously hosted at breachforums[.]st, now displays a seizure banner indicating that it is under the control of the FBI. The operation involved collaboration between enforcement agencies from the United States, the United Kingdom, Australia, New Zealand, Switzerland, Ukraine, and Iceland.
It appears that authorities have also seized BreachForums' Telegram channel, as well as the channel operated by Baphomet, an administrator who took over the platform after the arrest of its creator, Conor Fitzpatrick, also known as ‘Pompompurin’, in March 2023. Fitzpatrick's arrest led to the initial takedown of BreachForums in June 2023. However, the forum resurfaced under new management shortly after.
The FBI has also set up a reporting form for victims or individuals that have information that could help in investigations against BreachForums in any of its iterations. As the details of the takedown are scarce at the moment, there’s been no official announcement of any arrests made in connection with the BreachForums case. That said, the cybercriminal community reported that BreachForums’ admin, Baphomet, was allegedly apprehended, “leading to the seizure of pretty much all of our infrastructure by the FBI.”
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Two brothers arrested and charged for a novel $25 million crypto heist
Two brothers, Anton Peraire-Bueno and James Peraire-Bueno, have been apprehended on charges of orchestrating a sophisticated cybercrime operation targeting the Ethereum blockchain that saw them pilfer approximately $25 million in cryptocurrency within a mere 12 seconds.
Anton and James Peraire-Bueno, both alumni of the Massachusetts Institute of Technology (MIT), face charges of conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering.
According to officials, the duo devised an exploit that allowed them to tamper with the transaction validation processes in the Ethereum blockchain and gain unauthorized access to pending private transactions. Using this access, they altered certain transactions to siphon off victims' cryptocurrency holdings and then hid their tracks through obfuscation techniques.
On the same note, Alexey Pertsev, a 31-year-old Russian developer behind the Tornado Cash cryptocurrency mixer, has been sentenced to five years and four months in prison by a Dutch court. Pertsev was accused of laundering $1.2 billion in crypto through Tornado Cash between 2019 and 2022.
Seven indicted for running sophisticated gas pump skimming operation
Seven members of a cybercrime gang have been charged by US authorities for their involvement in a sophisticated gas pump skimming operation across the United States aimed at stealing credit and debit card information from customers.
As part of the scheme, which ran between 2014 and April 2024, the accused, led by Eduardo Rodriguez, aka Ogbe Bara, allegedly used the stolen card data to produce fraudulent credit and debit cards. These fake cards were then used to purchase high-value items such as gift cards and electronics, ATM withdrawals, and cashback transactions at retail stores.
Additionally, members and associates of the organization were purportedly involved in the sale of illegally obtained goods through intermediaries known as “fences,” converting the ill-gotten gains into cash.
Each of the defendants faces one count of RICO (racketeer influenced and corrupt organizations) conspiracy and one count of money laundering conspiracy. If convicted, they could be sentenced to a maximum of 20 years in prison for each count.
Six scammers extradited from Ukraine to Czechia over fraudulent call center scheme
Ukrainian authorities have extradited six individuals to the Czech Republic in connection with a fraudulent scheme operated from a call center in Ukraine. The suspects, wanted for defrauding victims of approximately 5.5 million hryvnias (~128,000 euros), were all on the international wanted list for other crimes as part of a criminal organization. The seventh perpetrator is slated for extradition in the near future.
The fraudsters made calls to their fellow countrymen in the Czech Republic, utilizing virtual telephony with number spoofing. Posing as employees of a state banking regulatory body, they coerced victims into providing remote access to their phones or computers. In some cases, they obtained bank card details and even convinced victims to withdraw cash and hand it over to a bogus courier, who purportedly would deliver it to a safe location.
Proceeds from these illicit activities were converted into cryptocurrency or laundered to purchase luxury vehicles and real estate, registered under the names of friends and relatives. Thus far, the scammers duped at least sixteen Czech citizens out of 5.5 million hryvnias before cyber police identified the culprits and their whereabouts upon the request of Czech authorities.
The scammers were apprehended at the end of April in Odessa, and on May 10th, they were handed over to Czech law enforcement. According to Czech investigations, the scammers defrauded Czech citizens of 30 million Czech crowns in total.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
