Excellent work! Thank you, John! John Curran <jcur...@arin.net> wrote:
> FYI - As a reminder, please do not hijack the use of address blocks issued > to other parties. > > Thanks, > /John > > John Curran > President and CEO > American Registry for Internet Numbers > > > Begin forwarded message: > > *Spammers Plead Guilty, Company Forfeits $4.9 Million* > > > > *NEWS RELEASE SUMMARYgg** – June 10, 2022* > > SAN DIEGO – Three employees of the affiliate marketing platform Amobee > pleaded guilty in federal court today to hijacking Internet Protocol (IP) > addresses to send unsolicited commercial email messages, commonly known as > “spam.” > > > > The three employees, Jacob Bychak, Mark Manoogian, and Abdul Mohammed > Qayyum, joined Daniel Dye and Vincent Tarney in pleading guilty to > violating the federal CAN-SPAM statute for their involvement in misusing > the stolen IP addresses to send spam. > > > > The defendants’ employer, formerly known as both Adconion Direct Inc. and > Frontline Direct (hereafter, “Adconion”), previously agreed to forfeit > $4,939,526 as the fraudulent proceeds of a wire fraud conspiracy in which > its employees hijacked more than 500,000 IP addresses to send over 10 > billion commercial emails to people in the United States and elsewhere. > > > > IP addresses are the beginning and ending points for sending data via the > internet. A discrete bundle of IP addresses in numeric order is known as a > range or block. In this case, the defendants pleaded guilty to using > fraudulent Letters of Authorization (“LOAs”) to take control of large > blocks of IP addresses registered to eleven different entities without the > registrants’ knowledge or consent. As part of the fraudulent scheme, the > defendants used email accounts set up to impersonate the IP blocks’ true > registrants. In particular, the defendants used and created email addresses > with the true registrants’ domain name (e.g., ect.net) to impersonate > real and fictitious employees. They then emailed the fraudulent LOAs, which > were written on fake letterheads and included forged signatures, from these > imposter email accounts to various Internet hosting companies to falsely > represent to the hosting companies that the true registrants authorized > them to use the IP addresses. > > > > All the IP blocks hijacked by the defendants were IPv4 addresses. Demand > for a finite number of IPv4 addresses available has driven up their value > over time. Between December 2010 and September 2014, when the defendants’ > conduct occurred, a block of 65,534 IP addresses, referred to as a Class B > block, was worth approximately $650,000. Today, it is worth as much as $3.3 > million. Internet Service Providers like Yahoo and Google routinely employ > filters to block spam from reaching a recipient’s inbox. Once an IP address > is associated with spam, the filters typically block messages sent from > that IP address. Spammers need a constant supply of fresh unblocked IP > addresses to deliver the unwanted commercial email. > > > > The defendants’ jobs with Adconion were to acquire fresh IP addresses and > employ other measures to circumvent the spam filters. To conceal Adconion’s > ties to the stolen IP addresses and the spam sent from these IP addresses, > the defendants used a host of DBAs, virtual addresses, and fake names > provided by the company. While defendants touted ties to well-known name > brands, the email marketing campaigns associated with the hijacked IP > addresses included advertisements such as “BigBeautifulWomen,” “iPhone4S > Promos,” and “LatinLove[Cost-per-Click].” > > > > Today’s guilty pleas arise from an October 2018 indictment for which trial > began on May 23, 2022. Following opening statements, the trial was > interrupted by the recent COVID surge and had yet to resume. In exchange > for misdemeanor pleas, the defendants have each agreed to admit their > involvement in the scheme, to undertake 100 hours of community service, and > to pay a maximum $100,000 fine. > > > > This case was investigated by the Federal Bureau of Investigation with > assistance provided by the Internal Revenue Service and the Department of > Justice’s Computer Crime and Intellectual Property Section. > > > > “The defendants generated millions of dollars for their company by > high-jacking hundreds of thousands of IP addresses, enabling them to > illegally inundate consumers with over 10 billion email ads,” said U.S. > Attorney Randy Grossman. ““This case was the first in the nation to charge > violations of the CAN-SPAM Act’s provision against using hijacked IP > addresses to send spam. We are committed to using all the tools at our > disposal to protect the internet and everyone who depends on it.” Grossman > thanked the prosecution team as well as the investigating agencies, the > American Registry of Internet Numbers, Yahoo, The Spamhaus Project, and The > National Cyber-Forensics and Training Alliance. > > > > “These defendants spent years illegally sending billions of spam emails > nationwide which made millions of dollars,” said FBI Special Agent in > Charge Stacey Moy. “The FBI remains committed to pursuing these criminal > conspiracies, no matter how long it takes, and holding them accountable in > a court of law. I want to thank the United States Attorney’s Office for > their ongoing support and partnership in bringing this case to an end.” > > > > The defendants are scheduled to be sentenced on October 3, 2022, at 10:30 > a.m. before U.S. District Judge Gonzalo P. Curiel. > > > > *DEFENDANTS** Case Number > 18cr4683-GPC * > > Jacob Bychak Age: > 36 Carlsbad, CA > > Mark Manoogian Age: > 39 Carlsbad, CA > > Abdul Mohammed Qayyum Age: 40 > Oceanside, CA > > > > *SUMMARY OF CHARGES* > > > > CAN-SPAM – Title 18, U.S.C., Section 1037(a)(5) and (b)(3) > > Maximum penalty: One year in custody and $100,000 fine > > > > *AGENCIES* > > > > Federal Bureau of Investigation > > Internal Revenue Service > > > > > > Kelly Thornton > > Director of Media Relations > > U.S. Attorney’s Office > > Southern District of California > > 619.546.9726 > > Follow us on Twitter @SDCAnews > > > _______________________________________________ > ARIN-PPML > You are receiving this message because you are subscribed to > the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). > Unsubscribe or manage your mailing list subscription at: > https://lists.arin.net/mailman/listinfo/arin-ppml > Please contact i...@arin.net if you experience any issues. > -- Sent from Gmail Mobile
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net if you experience any issues.