Hacker Pleads Guilty to Infiltrating VOIP Networks and Reselling Services for Profit
|U.S. Attorney’s Office February 03, 2010|
NEWARK—The first individual ever charged with hacking into the networks of Voice Over Internet Protocol (VOIP) providers and reselling hacked VOIP services for a profit pleaded guilty today, U.S. Attorney Paul J. Fishman, announced.
Edwin Pena, 27, a Venezuelan citizen, pleaded guilty before U.S. District Judge Susan D. Wigenton to one count of conspiracy to commit computer hacking and wire fraud and one count of wire fraud. Judge Wigenton continued Pena’s detention without bond pending his sentencing, which is scheduled for May 14.
Pena was returned to the United States from Mexico following a three-year manhunt which led authorities to South America. Pena was eventually arrested in Mexico on Feb. 6, 2009.
“This investigation highlights law enforcement’s ability to undercover cutting edge technology crimes and reach perpetrators of such activity outside our borders to bring them to justice,” said Fishman.
Pena was arrested in Florida on June 7, 2006, on a criminal Complaint that was filed in the District of New Jersey a day earlier. Pena appeared in federal court in New Jersey on June 29, 2006, and subsequently fled the country to avoid prosecution after being released on bail.
In February 2009, Pena was indicted for conspiracy to secretly hack into the computer networks of unsuspecting VOIP phone service providers; conspiracy to commit wire fraud by transmitting telephone calls over the victims’ networks; and individual hacking and wire fraud counts.
At his plea hearing, Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, admitted that he sold discounted service plans to his unsuspecting customers. Pena admitted that he was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VOIP providers, including one Newark-based company, to route his customers’ calls.
Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VOIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates.
Pena admitted that he enlisted the help of others, including a professional “hacker” in Spokane, Washington. The hacker, Robert Moore, 24, pleaded guilty before Judge Wigenton in March 2007 to federal hacking charges for assisting Pena in his scheme. Judge Wigenton sentenced Moore to 24 months in prison on July 24, 2007. At his plea hearing, Moore admitted to conspiring with Pena and to performing an exhaustive scan of computer networks of unsuspecting companies and other entities in the United States and around the world, searching for vulnerable ports to infiltrate their computer networks to use them to route calls.
Pena admitted that rather than purchase VOIP telephone routes for resale, Pena—unbeknownst to his customers—created what amounted to “free” routes by surreptitiously hacking into the computer networks of unwitting, legitimate VOIP telephone service providers and routing his customers’ calls in such a way as to avoid detection.
After receiving information from Moore, Pena reprogrammed the vulnerable computer networks to accept VOIP telephone call traffic. He then routed the VOIP calls of his customers over those networks. In this way, Pena made it appear to the VOIP telephone service providers that the calls were coming from a third party’s network.
By sending calls to the VOIP telephone service providers through the unsuspecting third parties’ networks, the VOIP telephone service providers were unable to identify the true sender of the calls for billing purposes. Consequently, individual VOIP Telecom providers incurred aggregate routing costs of up to approximately $300,000 per provider, without being able to identify and bill Pena.
According to the Complaint, in order to hide the huge profits from his hacking scheme, Pena purchased real estate, new cars, and a 40-foot motor boat, and put all of that property except for one car in the name of another individual identified in the Complaint as “A.G.”
The conspiracy charge carries a maximum statutory penalty of five years in prison and a fine of $250,000. Wire fraud carries a maximum penalty of 20 years in prison and a $250,000 fine.
Fishman credited the Special Agents of the FBI, under the direction of Acting Special Agent in Charge Kevin B. Cruise in Newark, with the investigation.
The government is represented by Assistant U.S. Attorney Erez Liebermann in the U.S. Attorney’s Office Computer Hacking and Intellectual Property group, within the Commercial Crimes Unit.