Twin Brothers Guilty of Wire Fraud, Conspiring to Hack into U.S. Department of State and Private Company
ALEXANDRIA, VA—Twin brothers Muneeb and Sohaib Akhter, 23, of Springfield, Virginia, pleaded guilty today to charges of conspiracy to commit wire fraud, conspiracy to access a protected computer without authorization, and conspiracy to access a government computer without authorization. Muneeb Akhter also pleaded guilty to additional charges of accessing a protected computer without authorization, making a false statement, and obstructing justice.
According to the defendants’ statements of facts, which were filed with their plea agreements, beginning in or about March 2014, Muneeb Akhter hacked into the website of a cosmetics company and stole thousands of its customers’ credit card and personal information. The Akhter brothers and co-conspirators used the stolen information to purchase goods and services, including flights, hotel reservations, and attendance at professional conferences. Muneeb Akhter also provided stolen information to an individual he met on the “dark net,” who sold the information to other dark-net users and gave Akhter a share of the profits.
In a separate scheme, the Akhter brothers and co-conspirators engaged in a series of computer intrusions and attempted computer intrusions against the U.S. Department of State to obtain sensitive passport and visa information and other related and valuable information about State Department computer systems. In or around February 2015, Sohaib Akhter used his contract position at the State Department to access sensitive computer systems containing personally identifiable information belonging to dozens of co-workers, acquaintances, a former employer, and a federal law enforcement agent investigating his crimes.
Sohaib Akhter later devised a scheme to ensure that he could maintain perpetual access to desired State Department systems. Sohaib Akhter, with the help of Muneeb Akhter and co-conspirators, attempted to secretly install an electronic collection device inside a State Department building. Once installed, the device could have enabled Sohaib Akhter and co-conspirators to remotely access and collect data from State Department computer systems. Sohaib Akhter was forced to abandon the plan during its execution when he broke the device while attempting to install it behind a wall at a State Department facility in Washington, D.C.
Furthermore, beginning in or about November 2013, Muneeb Akhter was performing contract work for a private data aggregation company located in Rockville, Maryland. He hacked into the company’s database of federal contract information so that he and his brother could use the information to tailor successful bids to win contracts and clients for their own technology company. Muneeb Akhter also inserted codes onto the victim company’s servers that caused them to vote for Akhter in an online contest and send more than 10,000 mass e-mails to students at George Mason University, also for the purpose of garnering contest votes.
In or about October 2014, Muneeb Akhter lied about his hacking activities and employment history on a government background investigation form prior to successfully obtaining a position with a defense contractor. Furthermore, in or about March 2015, after his arrest and release pending trial, Muneeb Akhter obstructed justice by endeavoring to isolate a key co-conspirator from law enforcement officers investigating the conspirators’ crimes. Among other acts, Muneeb Akhter drove the co-conspirator to the airport and purchased a boarding pass, which the co-conspirator used to travel out of the country to the Republic of Malta. When the co-conspirator returned to the United States, Muneeb Akhter continued to encourage the co-conspirator to avoid law enforcement agents.
The Akhter twins were indicted by a federal grand jury on April 30, 2015. Muneeb Akhter faces a maximum penalty of 50 years in prison, while Sohaib Akhter faces a maximum penalty of 30 years in prison. Both men will be sentenced on Sept. 25, 2015. The maximum statutory sentence is prescribed by Congress and is provided here for informational purposes, as the sentencing of the defendant will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.
Dana J. Boente, U.S. Attorney for the Eastern District of Virginia; Gregory Marshall, Chief Security Officer, Department of Homeland Security (DHS); Gregory Starr, Assistant Secretary for the U.S. Department of State’s Bureau of Diplomatic Security; and Andrew G. McCabe, Assistant Director in Charge of the FBI’s Washington Field Office, made the announcement after the pleas were accepted by U.S. District Judge T.S. Ellis, III.
This case was investigated by the Internal Security and Investigations Division of the Office of the Chief Security Officer, DHS Headquarters; the U.S. Department of State’s Bureau of Diplomatic Security, and FBI’s Washington Field Office. Special Assistant U.S. Attorneys John Taddei and Jennifer Clarke are prosecuting the case.
A copy of this press release may be found on the website of the U.S. Attorney’s Office for the Eastern District of Virginia. Related court documents and information may be found on the website of the District Court for the Eastern District of Virginia or on PACER by searching for Case No. 1:15-cr-124.