Sunday, October 5, 2008

Fed Blotter: New Charges Filed Against Alleged Cyber Peeping Tom

By Kevin Poulsen

Federal prosecutors are going after a Florida college student who allegedly installed spyware on a woman's laptop to covertly snap nude photos of her through her webcam.

Feigin
Craig Matthew Feigin

Craig Matthew Feigin, 23, is charged (.pdf) in U.S. District Court in Gainesville with violating the federal Computer Fraud and Abuse Act. Feigin was arrested by local police last July.

The case began when the victim noticed changes in her computer's behavior after giving it to Feigin for overnight repairs, the Gainesville Sun reported at the time. Every time she got near her laptop, the light on her webcam switched on.

A friend with IT experience examined the system, and found that someone had installed the remote access program Log Me In, and software called Web Cam Spy Hacker, which Feigin himself sold online as a tool for catching cheating spouses. Over three weeks, the software allegedly uploaded some 20,000 images of the woman to an Eastern European web server before it was detected.

Feigin reportedly told police he'd pulled the same scam on eight or nine other women. A federal magistrate issued an arrest warrant for Feigin on September 23.

Two Pennsylvania men are in trouble this week for electronic snooping of a different sort. Artur Grigoryan and Artur Hurutyunyan allegedly persuaded an associate to take a job as a clerk at the local Rite Aid in Wayne, Pennsylvania. Once there, she installed a skimming device inside the debit card pad at the cash register, which began scooping up ATM card numbers and PINs from drug store customers.

Flying_j_3
A Flying J in Lordsburg, New Mexico
Courtesy Texas Hillsurfer

From January to April of last year, the two men periodically returned to the store and distracted other cashiers while downloading the captured information from the wiretapped PIN pad, according to a five-count federal information (.pdf) filed Tuesday in U.S. District Court in Philadelphia. They allegedly programmed the captured magstripe data onto other cards and used the PINs to withdraw some $351,050 from Rite Aid shoppers with accounts at Citizens Bank, PNC Bank and Wachovia.

A Texas trucker struggling with the high price of diesel fuel is accused in a similar scam, after MasterCard customer Amanda Anderson noticed mysterious charges to her card from the Flying J truck stop chain. The FBI traced the charges (.pdf) to truck driver Armenak Abulyan by way of his "Frequent Fueler" card, which offers discounts and incentives to Flying J customers. Abulyan was apparently a particularly faithful customer, who swiped his loyalty card at Flying J pumps from Knoxville to Nebraska, while using Anderson's credit card number, and at least seven others, to gulp down $20,000 in gas from May to September 2008.

Anderson told the FBI the charges began after she used her card at a convenience store. The clerks there told her that the store's card reader was broken, then briefly took her MasterCard into another room to use "the back unit."

Echouafni
Jay Echouafni

Perhaps bolstered by its success in extradition proceedings against British UFO hacker Gary McKinnon, the feds this week reopened and Europeanized a 2004 case involving a satellite TV entrepreneur who allegedly shelled out cold, hard cash to have three competitors DDoSed off the web.

Jay Echouafni, 41, allegedly paid an employee to organize crippling distributed denial-of-service attacks against competing websites selling satellite TV gear in 2003. The employee, Paul Ashley, pleaded guilty to the attacks and has already served a two-year prison term, while Echouafni skipped out on $750,000 bail and is now believed to be hiding out in Morocco, where he was born.

Alleged botmaster Lee Graham Walker, of the United Kingdom, was charged alongside Echouafni in the original federal complaint in 2004. On Thursday federal prosecutors in Los Angeles turned that into a formal indictment (.pdf), perhaps clearing the way for extradition proceedings.

At the same time, the feds added German hacker Axel Gambe to the case. Gambe last came up as the prime suspect in the Half Life 2 source code theft. He's named in the new indictment as the purported creator of the Agobot malware used in some of the attacks.

Charges filed in 2004 against three other men in the case were later dropped.

Fed Blotter is Threat Level's new weekly roundup of computer crime cases in the federal courts. If you've been indicted, or are about to be, please let us know.

Original here

No comments: