This affidavit is a laugh riot so far. Guy has a background in infosec, an holds a CISSP cert, among others. The FBI sends him crypto and what does he do?!
(1) immediately opens a KYC custodial account
(2) xfers the crypto there
(3) converts it to USD and sends it to his KYC bank in Colorado.
You can't make this stuff up. Also I love how (ostensibly either proton or tutanota) is referred to "Foreign Email Provider". They should buy ForeignEmailProvider.com and make it another email domain for their users. I would love hackerman69420@foreignemailprovider.com
One of my deep background worries is how many criminals aren't caught because they don't make amateur mistakes. You always read these indictments and the perpetrator served themselves up on a silver platter. But what about all of those unsolved crimes that might simply be unsolvable!
This is FUD, but don't discount the fact that the 'easy' path to catching this criminal could be fabricated in order to hide the real, more intense, methods used by the authorities to uncover Jareh.
I'm more worried about all the criminals that are out there not being caught because we won't crack down on what they're doing, not really because they're some kind of masterminds.
> Notwithstanding these measures, MTIC fraud remains a problem for the EU. As at November 2018, calculations estimating the annual costs of the fraud range from €20 billion up to more than €100 billion (depending on methodology adopted).[21] An EU Parliament study in October 2018 found that MTIC/carousel fraud is the most damaging type of cross-border VAT fraud with an estimated €50 billion losses on average per year.
France is also hemorrhaging billions through social benefits fraud, they don't even attempt to recover most of it as they don't have the manpower
Most criminals are never caught. There is lots more crime going on than you might think. A lot of academics and journalists present crime as 100% captured by official statistics. Prosecutors do a lot of prioritizing.
Drug crime gets a lot of attention because the statutes are written in a way that makes the crimes very easy to prove. It’s far easier to prove the elements of a drug possession charge than it is to prosecute something like fraud.
Authorities go after the lowest hanging fruit or the most visible. Targeting the most visible feeds back into peoples perception that if they commit a crime they will get caught.
The authorities are strategic in their approach but at the end of the day they are operating on finite resources.
The advantage the authorities have though is that they are playing offence. They can make plenty of mistakes and still achieve their objective.
Criminals just have to make one mistake and it can undo all the she effort they have made to mitigate risk.
Only explanation I can think of is dude planned to leave the country shortly and figured he'd be gone by the time he got caught so there was no point in covering it up.
Also based on the value the crypto was Monero (and he use Kraken, which is only big US exchange that converts XMR/USD pair), so he probably didn't realize even though it is difficult to directly trace where it came via the blockchain the exact unique amount deposited on KYC exchange fucked him. A naive Monero user would probably think "impossible to find where monero came or went from, so I'm safe" not realizing they're leaking out the side-channel by depositing a unique amount on a centralized exchange.
"His resume also states that
he has specialized training with federal law enforcement related to digital forensics and incident
response, dark web investigations..."
Lol, I suppose he's guilty of lying on his resume too!
I'm guessing he fell for some internal honeypot, and that led to his immediate termination and subsequent monitoring. Then he also transmitted the honeydocs and the rest.
Sure they traced the crypto but that's not how they got him.
I find it hilarious that he got hired to a security oversight position, started trying to sell his employers' property off the back of a truck, and became the target of a FBI sting operation all in the space of 3 weeks. How naive do you have to be to think that you're not being closely scrutinized, both because it's the freaking NSA and because you're within the normal probation period for a new job?
Perhaps a worse punishment than the inevitable long prison term is the fact that this guys entire trip through the alimentary canal of our criminal justice system is going to have a continuous laugh track.
Damn, this guy speedrunned getting fired with maximal consequences.
I don't even know if any of us could ever pull this off unless one works for a defense contractor. Even if I did something horrendously malicious like selling trade secrets from my current company to some foreign competitor (e.g. Huawei, Tencent, or whatever Chinese cloud companies are these days?), I don't know if I could wrack up 3 counts of violating a law with the death penalty as consequences in as many weeks.
Does FBI catch actual criminals anymore? It seems that every success of theirs consists of finding a weak minded individual, talking him into doing something illegal, maybe even supplying him with weapons or some other incriminating evidence, then arresting him a couple of weeks later.
Do they have some sort of quota of how many terrorist they need to catch a year in order to get a bonus?
That's exactly it. I wouldn't be surprised if EVERY NSA employee - especially new hires - frequently get their integrity tested like this.
I mean a lot of corporates hire companies to send fake phishing mails to employees - I got caught out a few times by that because I clicked a link on emails thinking "wtf is this about". The issue there of course is that the enterprise I'm working for at the moment sends tons of "wtf is this about" emails. Currently I've got about two dozen emails from some guy updating all 100+ people in the IT organization on their deployment process, every hitch they run into, plus fixed timed updates.
The guy only worked there for three months, and there was an FBI sting operation against him. Is this something they routinely do to new employees, or maybe they found out something right after his hiring? It isn't strange that an employee was doing something wrong, they got wind, and set up a sting, but the timetable is crazy short.
Let me put it to you another way. New guy turns up, starts printing off a whole bunch of highly classified docs that don’t relate to his actual job and then suddenly has to leave due to a vague “family illness”.
He is basically a walking profile of insider threat behaviour modeling.
I don’t think it was anything other than his stupidity that put him on the radar so quickly. Reading the indictment it’s clear he was a bit of an idiot.
Yeah, but... why does a new guy even have access to a bunch of highly classified docs that don't relate to his actual job? That's an epic fail by the NSA. I mean, good job catching him. Now close the door that he walked through when he found it open.
Thought the same myself. There was a skunkworks documentary a long time ago with engineers who worked on the program. Their cover was TV technicians or something else bland. He said one time he was approached by a women at a bar who was way out of his league. She was pushy and questioned about his work for a while. The engineer always thought it was a test by the government.
Sounds like a pretty reasonable test. I've heard from multiple people who worked in the nuclear weapons industry that said that the random, way out of their league women stopped hitting on them once their clearances expired.
It's strange that they would give a security clearance to someone in a bad financial situation. I would think it's quite rare for the FBI to run a sting against an NSA employee... perhaps he wasn't targeted at all, but went out looking for someone to sell information to.
Agencies are well known to not pay competitively, even in IT roles, but when I think about the obvious solution which is to pay more, I immediately think of the uproar and accusations that would come with a government official getting what some might consider a 'lavish' wage even if it is industry standard for the skillset.
I'm looking at this to be possible more like when you have company wide phishing tests going through the emails, and it catches Brenda the new person in accounting who's still on their probationary period.
When going through the security clearance background check for NSA, it's the FBI who investigates. It used to be the previous 7 years, neighbors and pretty much all acquaintances. It's extremely tedious figuring all that out when just out of grad school, for example.
Yeah I found this a little confusing as well. They surely knew about the previous bankruptcy mentioned, and the current debt during their security clearance check. That'd surely be a big red flag for high level clearance.
If I was going to work in that sector I would kind of assume that any delightful surprises or exciting new people I met outside of work had strings attached for at least the first year or two.
It sounds like the FBI has an website/email account set up like "I_AM_A_RUSSIAN_SPY@gmail.com".
People email that account with offers of providing information to the russian government, and then the FBI goes and sees who had access to the documents which get sent over. In this case, only one person accessed all the documents, so even if he doesn't identify himself to I_AM_A_RUSSIAN_SPY@gmail.com, they still get him.
It doesn't seem like this person was specifically targeted or had an operation against him. He just fell into the honey pot.
It was the other way around. They reached out to him using a foreign email service provider and mentioning something vague about mutual benefits. He took the bait.
Everyone subject to a background investigation in this sphere has their 4A rights suspended by executive order. They can and will apply all forms of domestic surveillance on such people.
Say you are the CTO or engineering security staff of say Google.
What is the first 3 months of employment called behind the scenes?
Probation.
It's not just a nickname, as one would track all accesses to anything and
higher access rights would obvious follow proven trust. And one might even set up
honey pot traps to weed out the bad actors even.
How does this persons name have no google footprint before today? I searched "Jareh Dalke" and limited searches to before September 22nd, and the only thing that popped up were stories from today that bypass Google's date feature. Not even the endless spam personal information sites popped up for the name. Nothing else pops up.
Has there ever been a case where two undercover agents are trying to play the other one? Not knowing each other are agents.
Or a situation where the guy who an undercover agent approaches tells his superiors? Who then want him to go undercover to find out who the suspected foreign agent works for.
I want to see a movie where a major criminal organization is completely overrun by undercover agents of various governments/agencies, but none of them know it so they keep the organization running for fear of being found out. The true criminals have long since retired.
There is a real example when a government spy actually led a terrorist organization: "Azef, a double-agent in the employ of the Tsarist secret police Okhrana, changed the Terrorist Brigade's mode of attack from firearms to dynamite" https://en.wikipedia.org/wiki/SR_Combat_Organization
Part of the reason they never tried Ross Ulbricht for the hit jobs is because a rogue FBI office in Baltimore was staging the hits in a studio (the evidence to show Ross, to get the rest of the payment), and the FBI office in Chicago also investigating Silk Road was like "why are you guys roleplaying, this can't be as cringy as it looks, what is going on in Maryland", and the Secret Service and DEA agents were roleplaying as moderators on Silk Road and creating fake controversy to both Ross Ulbricht and the FBI offices investigating, just so the Secret Service and DEA could extort Ross (for the fake hits) and ride off into the sunset with the money, landing a movie deal with Fox. They're in jail now. And the hitman stuff was dropped under equally fake pretexts just to save face.
The Secret Service and DEA agent were being tried at the same time as Ross Ulbricht was, this information and evidence was kept from Ross and his trial and only came to light afterwards. Wasn't accepted in the appeal. Sentencing didn't factor any of this in either. Embarrassing case.
I recall a news story from a few years ago (can't find it now)...
There was once a bank that looked the other way when lots of shady cash came in, allowed transfers of those amounts to to foreign banks, basically ignored KYC rules, etc. Word got around, and lots of criminals all over started using this bank for all of their money laundering purposes.
Some banking authority started noticing a lot of suspicious transactions, and was preparing to shut the whole thing down, disconnect the bank from all transfers, raid offices, arrest employees, trumpet press releases about how they're protecting the American financial system, etc... (ie, exactly what they are supposed to do).
The bank was, of course, a honeypot run by some other 3-letter agency, who was actively facilitating money laundering in order to collect enormous amounts of info about who was involved.
(basically the banking version of that 'encrypted phone' scheme).
The raids were mere hours away when someone put two and two together, and managed to get it called off.
Happens with attempted infiltration of activists groups. I recall one case where undercover agents from two separate agencies started showing up at meetings of some local environmental or anti-nuclear group and they started writing profiles about each other noting how the other person didn’t really seem to fit.
Interesting to think that, with a little information, you could pull up the cryptocurrency transaction (assuming it's not a secret ledger like zcash) and trace how the FBI funded the wallet.
I tried that exercise after reading the affidavit, and determined they were using Monero (XMR) which makes this task much more difficult if not impossible.
Readit News
(1) immediately opens a KYC custodial account (2) xfers the crypto there (3) converts it to USD and sends it to his KYC bank in Colorado.
You can't make this stuff up. Also I love how (ostensibly either proton or tutanota) is referred to "Foreign Email Provider". They should buy ForeignEmailProvider.com and make it another email domain for their users. I would love hackerman69420@foreignemailprovider.com
Look at the VAT fraud in Europe, billions lost, virtually nobody arrested
https://en.wikipedia.org/wiki/Missing_trader_fraud
> Notwithstanding these measures, MTIC fraud remains a problem for the EU. As at November 2018, calculations estimating the annual costs of the fraud range from €20 billion up to more than €100 billion (depending on methodology adopted).[21] An EU Parliament study in October 2018 found that MTIC/carousel fraud is the most damaging type of cross-border VAT fraud with an estimated €50 billion losses on average per year.
France is also hemorrhaging billions through social benefits fraud, they don't even attempt to recover most of it as they don't have the manpower
https://fr.wikipedia.org/wiki/Fraude_sociale_en_France
Drug crime gets a lot of attention because the statutes are written in a way that makes the crimes very easy to prove. It’s far easier to prove the elements of a drug possession charge than it is to prosecute something like fraud.
The authorities are strategic in their approach but at the end of the day they are operating on finite resources.
The advantage the authorities have though is that they are playing offence. They can make plenty of mistakes and still achieve their objective.
Criminals just have to make one mistake and it can undo all the she effort they have made to mitigate risk.
https://www.vox.com/2018/9/24/17896034/murder-crime-clearanc...
But if you are going to do a crime do it once and done and you may very well get away with it.
Also based on the value the crypto was Monero (and he use Kraken, which is only big US exchange that converts XMR/USD pair), so he probably didn't realize even though it is difficult to directly trace where it came via the blockchain the exact unique amount deposited on KYC exchange fucked him. A naive Monero user would probably think "impossible to find where monero came or went from, so I'm safe" not realizing they're leaking out the side-channel by depositing a unique amount on a centralized exchange.
Lol, I suppose he's guilty of lying on his resume too!
SmallPPDomainRegisterBot.com
Monero was worth $154 on August 24th, is a privacy crypto and .64 of that would be $99
Sure they traced the crypto but that's not how they got him.
Deleted Comment
Perhaps a worse punishment than the inevitable long prison term is the fact that this guys entire trip through the alimentary canal of our criminal justice system is going to have a continuous laugh track.
I don't even know if any of us could ever pull this off unless one works for a defense contractor. Even if I did something horrendously malicious like selling trade secrets from my current company to some foreign competitor (e.g. Huawei, Tencent, or whatever Chinese cloud companies are these days?), I don't know if I could wrack up 3 counts of violating a law with the death penalty as consequences in as many weeks.
Do they have some sort of quota of how many terrorist they need to catch a year in order to get a bonus?
Dead Comment
I mean a lot of corporates hire companies to send fake phishing mails to employees - I got caught out a few times by that because I clicked a link on emails thinking "wtf is this about". The issue there of course is that the enterprise I'm working for at the moment sends tons of "wtf is this about" emails. Currently I've got about two dozen emails from some guy updating all 100+ people in the IT organization on their deployment process, every hitch they run into, plus fixed timed updates.
He is basically a walking profile of insider threat behaviour modeling.
I don’t think it was anything other than his stupidity that put him on the radar so quickly. Reading the indictment it’s clear he was a bit of an idiot.
I'm looking at this to be possible more like when you have company wide phishing tests going through the emails, and it catches Brenda the new person in accounting who's still on their probationary period.
People email that account with offers of providing information to the russian government, and then the FBI goes and sees who had access to the documents which get sent over. In this case, only one person accessed all the documents, so even if he doesn't identify himself to I_AM_A_RUSSIAN_SPY@gmail.com, they still get him.
It doesn't seem like this person was specifically targeted or had an operation against him. He just fell into the honey pot.
Deleted Comment
Say you are the CTO or engineering security staff of say Google.
What is the first 3 months of employment called behind the scenes?
Probation.
It's not just a nickname, as one would track all accesses to anything and higher access rights would obvious follow proven trust. And one might even set up honey pot traps to weed out the bad actors even.
Or a situation where the guy who an undercover agent approaches tells his superiors? Who then want him to go undercover to find out who the suspected foreign agent works for.
I’m sure this can happen in government.
Also the Book "A Scanner Darkly" by Philip K Dick which (no spoiler) explores the consequences of deep undercover.
There's a subplot vaguely along the lines of everyone being an undercover, although saying more would be a bit too much of a spoiler.
Part of the reason they never tried Ross Ulbricht for the hit jobs is because a rogue FBI office in Baltimore was staging the hits in a studio (the evidence to show Ross, to get the rest of the payment), and the FBI office in Chicago also investigating Silk Road was like "why are you guys roleplaying, this can't be as cringy as it looks, what is going on in Maryland", and the Secret Service and DEA agents were roleplaying as moderators on Silk Road and creating fake controversy to both Ross Ulbricht and the FBI offices investigating, just so the Secret Service and DEA could extort Ross (for the fake hits) and ride off into the sunset with the money, landing a movie deal with Fox. They're in jail now. And the hitman stuff was dropped under equally fake pretexts just to save face.
The Secret Service and DEA agent were being tried at the same time as Ross Ulbricht was, this information and evidence was kept from Ross and his trial and only came to light afterwards. Wasn't accepted in the appeal. Sentencing didn't factor any of this in either. Embarrassing case.
https://www.vice.com/en/article/8q845p/dea-agent-who-faked-a...
There was once a bank that looked the other way when lots of shady cash came in, allowed transfers of those amounts to to foreign banks, basically ignored KYC rules, etc. Word got around, and lots of criminals all over started using this bank for all of their money laundering purposes.
Some banking authority started noticing a lot of suspicious transactions, and was preparing to shut the whole thing down, disconnect the bank from all transfers, raid offices, arrest employees, trumpet press releases about how they're protecting the American financial system, etc... (ie, exactly what they are supposed to do).
The bank was, of course, a honeypot run by some other 3-letter agency, who was actively facilitating money laundering in order to collect enormous amounts of info about who was involved.
(basically the banking version of that 'encrypted phone' scheme).
The raids were mere hours away when someone put two and two together, and managed to get it called off.
https://en.wikipedia.org/wiki/Monica_Witt
It has happened several times with cops.
Feds are a bit more professional I believe.
https://rmx.news/germany/german-domestic-intelligence-agents...
Hackers were at the cutting edge in 1983 when War Games came out. That era has come and gone, and we live in a different paradigm now.