International Telephone Hacking Conspiracy Busted; Indictment in the United States, Arrests and Searches in Italy, and Continued Operations in the Philippines
|U.S. Attorney’s Office June 12, 2009|
NEWARK, N.J.—An Indictment was unsealed today against three individuals who allegedly hacked into the telephone systems of large corporations and entities in the United States and abroad and sold information about the compromised telephone systems to Pakistani nationals residing in Italy, Acting U.S. Attorney Ralph J. Marra, Jr. announced.
In conjunction with the unsealing of the Indictment, Italian law enforcement conducted searches of approximately 10 locations in four regions of Italy and arrested the financiers of the hacking activity. Those financiers allegedly used the information to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone.
“This was an extensive and well-organized criminal network that worked across continents,” said Marra. “The hackers we’ve charged enabled their conspirators in Italy and elsewhere to steal large amounts of telecommunications capacity, which could then be used to further or finance just about any sort of nefarious activity here or overseas.”
“We are extremely grateful to the FBI and authorities abroad with which we worked closely in developing this case,” Marra said.
Charged in the New Jersey indictment are Mahmoud Nusier, 40, Paul Michael Kwan, 27, and Nancy Gomez, 24, all currently residing in the Philippines, with conspiracy to commit wire fraud and unauthorized access to computer systems and other counts, described below. In connection with this international investigation, each of the defendants were previously arrested on March 10, 2007, by authorities in the Philippines, where they remain. The Department of Justice will work cooperatively with the Philippine authorities to hold the defendants accountable in the United States for their alleged criminal conduct. (Nusier is a Jordanian national; Kwan and Gomez are Philippine nationals.)
Operations unfolded earlier today in Italy, where at least five individuals, all Pakistanis, were arrested during early-morning raids. Searches occurred at at least 10 telephone call centers and other premises. A news conference announcing the details was held by the chief of Brescia Police, the Brescia prosecutor, head of the Italian national police counterterrorism division from Rome and officials from the Divisione Investigazioni Generali e Operazioni Speciali.
The names and other information on those arrested in the Italian operation are appended at the bottom of this news release.
The investigation has been ongoing since 2006 and relates to conduct ranging from October 2005 through December 2008.
As described in the Indictment, M.Z and S.K, residing in Italy, were among the financiers of the hacking and owned and operated call center operations in Italy from which their customers would make calls throughout the world. To increase their profits, M.Z. and S.K. made efforts to incur as little costs as possible in routing their customers’ telephone calls to the intended call-recipient.
M.Z. and S.K. recruited Nusier, Kwan, Gomez and others to hack into the telephone networks of unsuspecting large corporations and entities so that telephone calls from the call centers could be transmitted over the hacked networks. To accomplish their mission, the hackers gained an intimate familiarity with the programming of the public branch exchange (PBX) telephone systems.
As the hackers dialed into the systems, they were able to identify the type of PBX system by the prompts and were thereby able to begin a process, known as a brute force attack, by which they sought to attack vulnerable points of the PBX systems. Often, the vulnerable points consisted of telephone extensions with default passwords still in place. After using a couple of methods to exploit the information they gained regarding the hacked PBX systems (described in greater detail in the Indictment) , the hackers transmitted the information about the hacked system back to the financiers. The hackers—Nusier, Kwan, Gomez and others—were then paid approximately $100 per hacked telephone system.
In March 2007, the Philippines National Police executed search warrants and arrested seven individuals, including Nusier, Kwan and Gomez, in connection with the present investigation. As part of the Philippines investigation, it was revealed that the PBX systems of over 2,500 victim corporations in the United States, Canada, Australia and Europe were infiltrated. The searches yielded dozens of notebooks full of the telephone numbers and access codes to the victim PBX systems.
“We will continue to work with law enforcement officials overseas in Italy, the Philippines and elsewhere to prosecute those individuals currently charged and to identify others involved in this international conspiracy,” said Weysan Dun, Special Agent in Charge of the FBI Newark Division. “The recent cooperation and coordination illustrates law enforcement’s ability to adapt to the ever-changing landscape of international cybercrime.”
The losses in this case, which exceeded $55 million, were borne by the victim corporations and entities, and AT&T and other long distance carriers, which provided the long-distance telephone service for the victims. (AT&T was not hacked but was among the companies that carried the long-distance calls.)
The U.S. Attorney’s Office and FBI thanked AT&T and the victim corporations for their extensive and critical cooperation in the investigation.
In addition to the conspiracy count, each of the defendants is charged with two counts of unauthorized access to a computer system for purposes of committing fraud, and with the possession of unauthorized access devices, including passcodes to U.S. telephone systems. The defendants face maximum prison sentences of five years on the conspiracy count, five years on each of the two respective unauthorized computer access counts, and 10 additional years on the access device count. In addition, each is subject to a maximum fine of $250,000 on each count for which they are named, or twice the gain resulting from the offense, whichever is greater.
The Indictment has been assigned to U.S. District Judge Mary L. Cooper in Trenton. No hearings are currently scheduled before the court, as defendants Nusier, Kwan and Gomez are residing in the Philippines and would only make an appearance in the United States subject to their self-reporting or extradition. The individuals arrested in Italy will be prosecuted in Italy.
Marra credited the Special Agents of the FBI, under the direction of Special Agent in Charge Weysan Dun, for their work in the investigation.
The case is being prosecuted by Assistant U.S. Attorney Erez Liebermann of the U.S. Attorney’s Office Computer Hacking and Intellectual Property Section, part of the Commercial Crimes Unit in Newark.
The following individuals were arrested during operations in Italy:
- Mohammad, Zamir, 40, place of birth, Jhelum, Pakistan, residing in Brescia, Italy.
- Kanwal, Shabina, 38, place of birth, Jhelum, Pakistan, residing in Brescia, Italy.
- Waseem, Ahmed, 40, place of birth, Kharabad, Pakistan, residing in Mogliano,
- Shah, Zahir, 39, place of birth Swat, Pakistan, residing in Civitanova Marche
- Iqbal Khurram, 29, place of birth, Pakistan, residing in Corridonia (Macerata-Marche),