Sanctuary Cities Don’t Comply Face Loss of Federal Dollars/Clawback

AG: Sanctuary Cities Face Ineligibility for Future Federal Funds, ‘Clawback’ of Funds Already Awarded

(CNSNews.com) – Attorney General Jeff Sessions said Monday that states and localities that refuse to comply with federal immigration laws will be deemed ineligible for federal grants.

“Today, I’m urging  states and local jurisdictions to comply with these federal laws, including 8 U.S.C. Section 1373. Moreover, the Department of Justice will require that jurisdictions seeking or applying for Department of Justice grants to certify compliance with 1373 as a condition of receiving those awards,” he said, adding that the policy “is entirely consistent with the Department of Justice’s Office of Justice Program’s guidance that was issued just last summer under the previous administration.

“This guidance requires state and local jurisdictions to comply and certify compliance with Section 1373 in order to be eligible for OJP grants. It also made clear that failure to remedy violations could result in withholding grants, termination of grants, and disbarment or ineligibility for future grants,” Sessions added.

“The Department of Justice will also take all lawful steps to clawback any funds awarded to a jurisdiction that willfully violates 1373. In the current fiscal year, the Department of Justice’s Office of Justice Program and Community Oriented Policing services anticipates awarding more than $4.1 billion in grants,” he said.

The attorney general said that in one week alone, “there were more than 200 instances of jurisdictions refusing to honor ICE detainer requests with respect to individuals charged or convicted of a serious crime,” according to a report released recently by the Department of Homeland Security.

“The charges and convictions against these aliens included drug-trafficking, hit-and-run, rape, sex offenses against a child, and even murder. Such policies cannot continue. They make our nation less safe by putting dangerous criminals back on the streets,” Sessions said.

He pointed to the murder of 32-year-old Kate Steinle who was killed two years ago in San Francisco as an example.

“The shooter, Francisco Sanchez, was an illegal immigrant who had already been deported five times and had seven felony convictions,” Sessions pointed out.

“Just 11 weeks before the shooting, San Francisco had released Sanchez from its custody, even though Immigration and Customs Enforcement officers had filed a detainer requesting that he be held in custody until immigration authorities could pick him up for removal. Even worse, Sanchez admitted the only reason he came to San Francisco was because it was a sanctuary city,” the attorney general said.

“A similar story unfolded just last week, when Ever Valles, an illegal immigrant and a Mexican national was charged with murder and robbery of a man at a light rail station. Valles was released from a Denver jail in late December, despite the fact that ICE has lodged a detainer for his removal,” he said.

“The American people are not happy with these results. They know that when cities and states refuse to help enforce immigration laws, our nation is less safe. Failure to deport aliens who are convicted of criminal offenses puts whole communities at risk, especially immigrant communities in the very sanctuary jurisdictions that seek to protect the perpetrators,” Sessions said.

Sessions said recent polling shows that 80 percent of Americans “believe that cities that arrest illegal immigrants for crime should be required to turn them over to immigration authorities.”

“DUIs, assaults, burglaries, drug crimes, gang rapes, crimes against children, and murderers — countless Americans would be alive today and countless loved ones would not be grieving today if these policies of sanctuary cities were ended. Not only do these policies endanger lives of every American — just last May, the Department of Justice inspector general found that these policies also violate federal law,” he said.

***

Nine Bipartisan Homeland Security-Related Bills Passed by House

What the House Committee on Homeland security described as an “unprecedented number of bipartisan [bills] aimed at keeping Americans safe,” were passed this last week by the House which deal with a variety of aspects of homeland Security.

The nine pieces of legislation, the committee said, are designed “to … also save taxpayer dollars by improving the acquisition process at the Department of Homeland Security [DHS] and make important reforms to the operations of the Transportation Security Administration [TSA].”

“It is critical that we continue to re-examine our strategy, technology and the infrastructure we currently have in place to strengthen the Department of Homeland Security and stop terrorists from reaching our shores,” said committee chairman Michael McCaul (R-TX). “The evolving threats we face demand action to address vulnerabilities in our defenses. I commend the work of my Committee—particularly the bipartisan nature in which these bills were advanced—to make our country safer.”

The nine bills out the Homeland Security Committee passed by the House included a key counterterrorism bill, the Terrorist and Foreign Fighter Travel Exercise Act of 2017 (HR 1302), which expands on the work of last Congress.

The other key pieces of legislation passed this past week include the:

DHS Multiyear Acquisition Strategy Act of 2017 (HR 1249), introduced by Rep. Brian Fitzpatrick (R-PA), and amends the Homeland Security Act of 2002 to require a multiyear acquisition strategy of DHS.

DHS Acquisition Authorities Act of 2017 (HR 1252), introduced by Rep. Clay Higgins (R-LA), amends the Homeland Security Act of 2002 to provide for certain acquisition authorities for the Under Secretary of Management of DHS.

Reducing DHS Acquisition Cost Growth Act (HR 1294), introduced by Rep. John Rutherford (R-FL), amends the Homeland Security Act of 2002 to provide for congressional notification regarding major acquisition program breaches.

TSA Administrator Modernization Act of 2017 (HR 1309), introduced by Rep. John Katko (R-NY), streamlines the office and term of the administrator of TSA.

Quadrennial Homeland Security Review Technical Corrections Act of 2017 (HR 1297), introduced by Rep. Bonnie Watson Coleman (D-NJ), amends the Homeland Security Act of 2002 to make technical corrections to the requirement that the Secretary of Homeland Security submit quadrennial homeland security reviews.

Transparency in Technological Acquisitions Act of 2017 (HR 1353), introduced by Rep. Kathleen Rice (D-NY), amends the Homeland Security Act of 2002 to require certain additional information to be submitted to Congress regarding the strategic 5-year technology investment plan of the TSA.

Read Homeland Security Today’s report on the bill here.

Securing our Agriculture and Food Act (HR 1238), introduced by Rep. David Young (R-IA), amends the Homeland Security Act of 2002 to make the Assistant Secretary of Homeland Security for Health Affairs responsible for coordinating the efforts of DHS related to food, agriculture and veterinary defense against terrorism.

Read Homeland Security Today’s report on the legislation here.

Terrorist and Foreign Fighter Travel Exercise Act of 2017 (HR 1302), introduced by Rep. Martha McSally (R-AZ), requires an exercise related to terrorist and foreign fighter travel, and for other purposes.

Department of Homeland Security Acquisition Innovation Act (HR 1365), introduced by Rep. Lou Correa (D-CA), amends the Homeland Security Act of 2002 to require certain acquisition innovation.

What you Should Know About “Las Moicas” and Why

Is there any reason why the Trump administration has not called for all drug cartels to be listed as terror organizations?

Ten Cartels are fighting for control of Guerrero with more brutality and violence

Subject Matter: Organized crime in Guerrero
Recommendation: No prior subject matter knowledge requiredGuerrero occupies the third place in terms of most poverty at 62% of the population and first place for homicides at 2884 in 2016 at the national level. It is the state most disputed among organized crime groups. There is a presence of 10 cartels, five of them top level. Its central zone has converted into a battlefield between two organizations Los Rojos and Los Ardillos and possibly others that authorities have not completely identified yet. The presence of 500 military and state police has not contained the disappearances and executions and the criminals come back each time more brutal.

In the last decade, Guerrero has converted in the land of cartels and death; the dispute between the Sinaloa cartel, CJNG, the Beltran Leyva Organization, the Knights Templar, La Familia Michoacana and no less than five local organizations have converted the state into the most violent with 18,000 executions since 2006, when the call to war against the narco was initiated.

In Guerrero, 12 of the 81 towns are considered neutral zones. The geographic location of Chilapa has converted it into a demarcation most fought over since 2012 by Los Ardillos and Los Rojos, and not only because it is an essential corridor for the transit of drugs, also its land is utilized for the growing of poppys, “that has just finished its first harvest of the year”, according to the Guerrero Coordination Group.

What has happened this year, in Chilapa, there have been 48 executions related to the war between Los Rojos and Los Ardillos, Rojos and a third group of civil organizations known as “Los Jefes” or “Gente Nueva”, different to the Gente Nueva of the Sinaloa cartel, only have a presence int he communities,  and with a population of 129,867 only has 500 soldiers and 100 Municipals to police it.

This last weekend was a violent one in the State with no less that 23 deaths, 10 of them in Chilapa, two women and three men were killed by gunfire in different events and five bodies were incinerated in the interior of a taxi.

At the Start of the month, on Tuesday the 7th, 6 dismembered bodies in a state of decomposition appeared inside 13 plastic bags. On Thursday the 9th, they found another five bodies charred inside a vehicle. The brutality with which they perpetrate the executions in the indigenous town, “is very strong” assured the Governor Hector Astudillo Flores.

The growing wave of violence in the town led to the implementation of Operation Chilapa, in January of 2016. One year after the security strategy was put in place, the Mayor Jesus Parra Garcia blamed social networks and media for “inventing facts that affect the image of the town”. With recent executions of PRI members he had to admit that the violence was aggravated during his administration.

These are times of crisis, of adversity, and are very complex. I have had to govern in the most difficult times for Chilapa, he told reporters.

Who are Los Rojos and Los Ardillos

In the period of 2012 – 2015, when the municipality was governed by PRI Francisco Javier Garcia Gonzalez, Los Rojos settled in Chilapa under the command of Zenen Nava Sanchez “El Chaparro”, alleged family of Jesus Nava Romero ” El Rojo”.

He was a Lieutenant of Arturo Beltran Leyva and who was slaughtered in June of 2013 in Puebla. During this administration, the population lived through the first mass kidnappings, huge extortion of transport and businesses and brutal executions.

Jesus Nava Romero dead in the street (Borderland Beat archive)

Los Ardillos, a gang that comes from the Quechultenango region, whose leaders Celso and Antonio Hernandez Ortega are brothers of ex PRD deputy Bernardo Ortega Jiminez, have extended into the regions of Chilapa, Zitlala, Tixtla, Totoloapan and Acapulco in only one year, 2014, during the transition of the governorships of Angel Aguirre Rivero and Rogelio Ortega Martinez bot of the PRD.

The battle for the central zone of Guerreo tainted at this moment Aguirre Rivero as well as Garcia Gonzalez and also the ex PRI Mario Moreno Arcos of Chilpancingo, and Ignacio Bacilio and Eduardo Nero all accused publicly of ties to Los Rojos.

In 2015, with the change of State Government and municipal, things had begun to escalate. The President of the organization Siempre Vivos, Jose Diaz Navarro, assured that a reduction in the violence would be felt because Zenen Nava, who in January of 2016 escaped after a two hour confrontation with the armed forces, had returned. According to the PGR, El Chaparro in one of the 13 priority objectives of Guerrero and Morelos.

In the last three years, Los Ardillos and Los Rojos, in their dispute for territory, have committed executions of extreme cruelty, torturing, decapitating, and incinerating corpses that were left in public places.

They have also been responsible for the disappearance of 130 persons, according to the Centre for Human Rights. The mass kidnappings in the towns of Zitlata and Chilapa, where the criminal groups kidnap the inhabitants, all in the presence of Military and State Police, denounce the ONG.

The confrontations between various cartels, as well as the kidnappings and executions against the inhabitants, have caused fear in Chilapa. Families prefer not to leave their houses aftern 7 at night , the schools are secured with padlocks and checkpoints that are reinforced.

Nevertheless, the organization Siempre Vivos considers that part of the violence that affects the towns of Tixtla and Zitlala, is a strategy of terror of the State and Federal Governments so that the population calls for the law of Homeland Security, that is pending for discussion at the Congress of the Union.

Totoloapan and the Tequileros

Located in the region of the Tierra Caliente, Totoloapan is, along with Ajuchitlan, Arcelio and Coyuca, the Municipality most threatened by Los Tequileros, a group that separated from La Famila Michoacana and since 2013 have occasioned the displacement of families from no less than 16 communities.

According to reports of the newspaper El Sur, Raibel Jacobo de Almonte, El Tequilero, was a plaza jefe for La Familia Michoacana. Once he had formed his own organization, he began controlling the San Miguel Totolapan and some rural populations in the border area of Rio Balsas. In 2016 his epower extended to populations of the municipalities of Ajuchitlan, Tlapehuala and Arcelia.

In the Tierra Caliente, six out of every ten homicides are attributed to Los Tequileros, who are also linked to a politician, PRI deputy Saul Beltran Orozco. Before the omission, complicity and participation of the local authorities, the local population had chosen to arm itself to the face this criminal organization.

The violence in Guerrero is generalized by the number of cartels that are disputing the third poorest State of the country, but also by the failed security strategy implemented by the Federal and State Governments, that while advising of “big changes” and advances in security the State remains the number one in the list for malicious homicides.  Translated by Otis B Fly-Wheel for Borderland Beat from a Sinembargo article

***
Not finished yet:
Image result for Las Moicas
Meet the Little-Known Mexican Cartel Operating in California

A little-known drug trafficking group in Mexico called “Las Moicas” has not only successfully defended its foothold in the US heroin market for years against Mexico‘s most powerful cartels, but recent reports suggest that it might be expanding.

In an interview with BBC Mundo published on March 15, a spokesperson for the US Drug Enforcement Administration (DEA) said that the Moicas had been expanding their territory in Mexico and that the little-known group had come into conflict with some of Mexico‘s biggest criminal organizations, including the Sinaloa Cartel and the Jalisco Cartel – New Generation (CJNG).

According to a July 2015 report from the DEA, eight major Mexican transnational criminal groups were known to be operating in the United States. Alongside prominent players like the Sinaloa Cartel and CJNG, appeared a trafficking organization called Las Moicas.

According to the report, the Moicas are based in the Mexican state of Michoacán and have ties to the Familia Michoacána, an organization largely displaced by its splinter group, the Knights Templar. Despite the decline of the Familia Michoacána after the death of its top leader in 2014, the Moicas group “remains a regional supplier in California and operate[s] on a smaller scale relative to other major Mexican” criminal organizations.

The Moicas’ first reported run-in with the DEA dates back to 2009, when US authorities seized 50 kilograms of heroin and $250,000 in cash, in addition to arresting several of the 21 suspects from the group later charged in connection with the seizure.

The DEA’s press release concerning the operation asserts that a total of 200 kilograms of heroin, with an estimated retail value of $17.5 million, were smuggled during the run. The group allegedly hid both drugs heading north and drug profits heading south “in elaborate vehicle engine compartments” that allowed them to cross the border undetected.

At the time, the Moicas operated solely in California, but the group has since reportedly expanded to Reno, Nevada, and it operates in some areas of California dominated by the Sinaloa Cartel, according to the DEA’s 2015 report.

As of March 2016, VICE News reported, Mexican authorities had no record of Las Moicas.

InSight Crime Analysis

Mexico’s criminal landscape has become increasingly fragmented as larger cartels continue to rely heavily on smaller groups for specialized criminal tasks and as the government continues to take down top leaders of major criminal organization. In an illustration of this dynamic, Mexican authorities stated that nine cartels — not including the Moicas — operated throughout the country as of July 2016, relying on a total of 37 criminal cells.

Within this context, it appears that the Moicas may have succeeded in quietly growing by maintaining a low profile, as suggested by the absence of official acknowledgement of the group by the Mexican government as well as the scant public information available about the organization. According to the DEA spokesperson contacted by BBC Mundo, the US anti-drug agency does not even know the composition of the Moicas’ hierarchy.

It is possible that the Moicas have followed the blueprint of earlier Mexican drug trafficking organizations, such as the Xalisco Boys who achieved a striking expansion across the United States in the 1990s by investing in the heroin market while maintaining a low profile.

And it is likely that the Moicas’ rise and reported expansion has been fueled by the booming US demand for heroin. The US consumption market for this particularly addictive drug is believed to have tripled over the past decade, boosted by over-prescription of legal opioid drugs and even allegedly criminal activity by executives of some companies in the US pharmaceutical industry.

Dark $$ Behind ‘NO’ on Gorsuch, Liz Warren’s Daughter too

Van Jones,  President and Co-Founder of  Rebuild the Dream is on the Board of Trustees.

Anti-Gorsuch Activist’s ‘Dark Money’ Hypocrisy

Demos does not disclose its donors

McMorris/FB: The head of a liberal dark money group criticized Supreme Court nominee Judge Neil Gorsuch because of his stance on political disclosures and Citizens United.

Heather McGhee, the president of Demos, told members of the Senate Judiciary Committee that confirming Judge Gorsuch would lead to “big money corrupting our politics completely.”

“The Supreme Court’s activism in striking down safeguards is what has brought us to this perilous place in our history,” she said. “It’s hard to imagine things getting worse and yet the prospect of a lifetime seat for Judge Gorsuch has given us a glimpse.”

McGhee condemned the outsized influence wealthy donors play in the political process and criticized the idea that forcing organizations to disclose their donors could lead to political intimidation from activists.

“[Gorsuch] was quite evasive—in fact, to my dismay [he] raised the idea that disclosure chills speech,” McGhee said. “Requiring people to stand up in public for their political acts fosters civic courage without which democracy is doomed.”

Image result for neil gorsuch National Law Journal

Demos does not disclose its donors and was cited by the Center for Public Integrity as a dark money group in January. A review of the 501(c)3 non-profit group’s most recent tax forms shows that Demos garnered more than $7 million in contributions in 2014. Seven individuals accounted for more than half of those donations. The group highlighted those seven donations—ranging from $250,000 to $1.425 million—in its documents, but left the identities of those donors blank. The group paid more than $3 million in salaries and wages in 2014, including McGhee’s $240,000 compensation.

Demos did not respond to multiple requests for comment about whether it planned on adopting disclosure policies in line with the ideology it was promoting. Citizen Audit, a group that tracks non-profit disclosures by examining group expenditures, has identified 13 groups that have contributed to Demos in the past. The group has benefitted from the largesse of major liberal donors, including the Rockefeller and Tides foundation, as well as organized labor groups, including the American Federation of State, County, & Municipal Workers and United Food and Commercial Workers.

Gorsuch clashed with Sen. Sheldon Whitehouse (D., R.I.) over the donation disclosures at Tuesday’s confirmation hearing. When Whitehouse asked him about whether he favored enhanced disclosure, Gorsuch said the legislature should address disclosure requirements, adding, “Senator, with all due respect, the ball’s in your court.” Whitehouse introduced McGhee to the committee on Thursday by condemning the “dark money” campaign that conservative activists have used to back the nomination.

“We have seen reports of a $10 million political campaign to try to influence the Senate in Judge Gorsuch’s favor through a front group,” Whitehouse said in his introduction of McGhee. “We don’t know who the real donors are. It’s dark money that is behind that entire operation.”

Whitehouse was referring to the $10 million campaign led by the Judicial Crisis Network, a conservative judicial watchdog that has spent millions on ads urging Democratic senators up for re-election in states that Trump won to support Gorsuch. Carrie Severino, the group’s leader, said the group follows the federal government’s disclosure requirements and does not disclose its donors to protect their privacy.

“We fully comply with all disclosure requirements. We are also ethically bound to protect the privacy rights of our supporters, and will continue to do so,” she said in a statement.

Demos is not the first group to accuse Gorsuch of siding with political mega-donors at the expense of the rest of the country. In February, Sen. Elizabeth Warren announced she would oppose Gorsuch’s nomination because of his record on campaign finance and religious liberty issues.

“For years, powerful interests have executed a full-scale assault on the integrity of our federal judiciary, trying to turn the Supreme Court into one more rigged game that works only for the rich and the powerful,” she said in a statement. “We don’t need another justice who spends his time looking out for those with money and influence. Based on the long and well-established record of Judge Gorsuch, I will oppose his nomination.”

Sen. Warren’s daughter, Amelia Warren Tyagi, serves as the chairman of Demos’ board of trustees.

After a visit to their website, they don’t have any use for ‘whiteness’ either.

Fired, Preet Bharara and $100 Million Dollars

With the approval of President Trump, Attorney General Jeff Sessions fired several attorneys general including the United States Attorney General for the Southern District of New York, Preet Bharara. In many instances, this may have been a prudent decision, however, Bharara did in fact perform some stellar legal work and credit must be offered where it is due.

This post is not so much about the Attorney General being fired as it is about the matter of hacking and phishing and costing two domestic internet tech companies $100 million dollars. These schemes are a very common daily event and few if any companies ever talk about it publically as they reveal cyber protection vulnerabilities and how employees are duped to the schemes. To be more clear, this is how Hillary Clinton’s campaign architect, John Podesta had his emails scooped up such that WikiLeaks got them, posted them for global access during the United States campaign and election cycle.

Further, to those out there that are angry with the FBI, this case in some fairness illustrates the work rank and file agents are tasked to investigate. When it comes to cyber/hacking cases, they are among the hardest to solve especially with international operatives.

Image result for preet bharara  BusinessInsider

Now enter Preet Bharara and the case he prosecuted against EVALDAS RIMASAUSKAS. The indictment is found here.

In an additional disclosure, Bharara is also being sued by a hedge-fund.

The summary of the case:

Department of Justice

U.S. Attorney’s Office

Southern District of New York

FOR IMMEDIATE RELEASE

 

Lithuanian Man Arrested For Theft Of Over $100 Million In Fraudulent Email Compromise Scheme Against Multinational Internet Companies

Joon H. Kim, the Acting United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced criminal charges against EVALDAS RIMASAUSKAS for orchestrating a fraudulent business email compromise scheme that induced two U.S.-based internet companies (the “Victim Companies”) to wire a total of over $100 million to bank accounts controlled by RIMASAUSKAS. RIMASAUSKAS was arrested late last week by authorities in Lithuania on the basis of a provisional arrest warrant.  The case has been assigned to U.S. District George B. Daniels.

Acting U.S. Attorney Joon H. Kim said:  “From half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals. And this arrest should serve as a warning to all cyber criminals that we will work to track them down, wherever they are, to hold them accountable. The charges and arrest in this case were made possible thanks to the terrific work of the FBI and the cooperation of the victim companies and their financial institutions. We thank the companies and their banks for acting quickly, coming forward promptly, and cooperating with law enforcement; it led not only to the charges announced today, but also the recovery of much of the stolen funds.”

FBI Assistant Director William F. Sweeney Jr. said:  “As alleged, Evaldas Rimasauskas carried out a business email compromise scheme creatively targeting two very specific victim companies. He was initially successful, acquiring over $100 million in proceeds that he wired to various bank accounts worldwide. But his footprint would eventually lead investigators to the truth, and today we expose his lies. Criminals continue to commit a wide variety of crimes online, and significant cyber data breaches have had a negative impact across a variety of industries. The FBI will continue to work with our domestic and international partners to pursue criminals who engage in this type of activity, wherever they may be hiding.”

According to the allegations contained in the Indictment unsealed today[1]:

From at least in or around 2013 through in or about 2015, RIMASAUSKAS orchestrated a fraudulent scheme designed to deceive the Victim Companies, including a multinational technology company and a multinational online social media company, into wiring funds to bank accounts controlled by RIMASAUSKAS.  Specifically, RIMASAUSKAS registered and incorporated a company in Latvia (“Company-2”) which bore the same name as an Asian-based computer hardware manufacturer (“Company-1”), and opened, maintained, and controlled various accounts at banks located in Latvia and Cyprus in the name of Company-2.  Thereafter, fraudulent phishing emails were sent to employees and agents of the Victim Companies, which regularly conducted multimillion-dollar transactions with Company-1, directing that money the Victim Companies owed Company-1 for legitimate goods and services be sent to Company-2’s bank accounts in Latvia and Cyprus, which were controlled by RIMASAUSKAS.  These emails purported to be from employees and agents of Company-1, and were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents of Company-1, but in truth and in fact, were neither sent nor authorized by Company-1.  This scheme succeeded in deceiving the Victim Companies into complying with the fraudulent wiring instructions.

After the Victim Companies wired funds intended for Company-1 to Company-2’s bank accounts in Latvia and Cyprus, RIMASAUSKAS caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.  RIMASAUSKAS also caused forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer.

Through these false and deceptive representations over the course of the scheme, RIMASAUSKAS, the defendant, caused the Victim Companies to transfer a total of over $100,000,000 in U.S. currency from the Victim Companies’ bank accounts to Company-2’s bank accounts.

*                *                *

RIMASAUSKAS, 48, of Vilnius, Lithuania, is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison, and one count of aggravated identity theft, which carries a mandatory minimum sentence of two years in prison.

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

Mr. Kim praised the outstanding investigative work of the FBI, and thanked the Prosecutor General’s Office of the Republic of Lithuania, the Lithuanian Criminal Police Bureau, the Vilnius District Prosecutor’s Office and the Economic Crime Investigation Board of Vilnius County Police Headquarters for their assistance in the investigation and arrests, as well as the Department of Justice’s Office of International Affairs.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorney Eun Young Choi is in charge of the prosecution.  Assistant U.S. Attorney Edward Diskant is handling the forfeiture aspects of the prosecution.

The charges contained in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.

 

[1] As the introductory phrase signifies, the entirety of the text of the Indictment, and the description of the Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.

About that Trump Server with Pings from Alfa Bank

A matter of note: Alfa Bank has FIFA as a customer. Under Loretta Lynch at DoJ, she prosecuted the FIFA fraud, Further, that pesky Trump dossier that was crafted by Christopher Steele is the same person that broke the case on FIFA. (Note the end of this press release).

Image result for alfa bank  Image result for alfa bank russia

Press Statement: Alfa Bank confirms it has sought help from U.S. authorities, and discloses new cyberattacks linked to Trump hoax  —

Alfa Bank, a privately owned Russian bank, confirmed today that it has contacted U.S. law enforcement authorities for assistance and offered U.S. agencies its complete co-operation in finding the people behind attempted cyberattacks on its servers that have made it appear falsely that it has been communicating with the Trump Organization.

Alfa Bank confirmed a story in Circa News that it had been subjected to three new attempted domain name server (DNS) cyberattacks of increasing intensity over the last few weeks. In the attacks, multiple DNS requests were made by unidentified individuals, mostly using U.S. server providers, to a Trump Organization server. The DNS requests were made to appear as if they originated from Alfa Bank. The DNS responses from the Trump server were then erroneously returned to Alfa Bank, activating Alfa Bank’s automated security systems on February 18 and again on March 11 and 13. Alfa Bank has engaged the U.S.-based cyber forensics firm Stroz Friedberg to investigate these new attacks.

Alfa Bank believes that these malicious attacks are designed to create the false impression that Alfa Bank has a secretive relationship with the Trump Organization. In fact, there is not and never has been such a relationship.

New February 2017 attack on Alfa Bank server

On February 18, 2017, Alfa Bank experienced suspicious cyber-activity from an unidentified third-party. Specifically, the unidentified third-party repeatedly sent suspicious DNS queries from servers in the U.S. to a Trump Organization server. The unidentified individuals made it look as though these queries originated from variants of MOSCow.ALFAintRa.nET. As a result, the DNS responses from the Trump server were returned incorrectly to Alfa Bank’s server, which triggered Alfa Bank’s automated security system.

Alfa Bank believes that unknown individuals — using an identified U.S.-based service provider — are behind this recent attack, and that they are attempting to trigger verification signals between Alfa Bank and a server associated with the Trump Organization.

It believes that someone or some group manufactured this deceit by «spoofing» or falsifying DNS lookups to create the impression of communication between Alfa Bank and the Trump Organization. However, Alfa Bank’s DNS servers neither send nor receive email. Instead, they react when contacted by unwanted and unsolicited messages by sending out DNS verification signals asking, in effect, who is the server contacting Alfa Bank.

An Alfa Bank spokesperson said:

“The cyberattacks are an attempt by unknown parties to manufacture the illusion of contact between Alfa Bank’s DNS servers and ’Trump servers’.

«A simple analogy would be someone in the U.S. sending an empty envelope (in this case a DNS signal) to a Trump office (server) addressed to Trump, but on the back of the envelope the return address is Russia (Alfa Bank) instead of its own real address. The Trump office, recognizing there is nothing in the empty envelope to deal with, returns it as undelivered to Russia instead of to the U.S.-based sender. So, on cursory examination, Alfa Bank appears to have been receiving responses to queries it never actually sent.

«We have gone to the U.S. Justice Department and offered our complete co-operation to get to the bottom of this sham and fraud.»

Other indications of human intervention include the fact that the queries occurring in these logs included mixed uppercased and lowercased letters. The majority of DNS queries are machine based queries (for example, browsers and email clients), which would send lowercased queries to the DNS servers.

A few days after the February 18 DNS attack, Alfa Bank again started to receive inquiries from U.S. media outlets, including CNN, about allegations of cyber links with Donald Trump. No such link exists or, in fact, has ever existed between Alfa Bank and Mr. Trump or his organization.

An anonymous group has been trying for months to persuade news organizations to publish stories that such a link is real. Alfa Bank has asked reporters who have contacted it about the traffic to assist by letting the bank know if someone is trying to create the false impression that Alfa Bank has business or other dealings with Mr. Trump.

Two new confirmed March 2017 attacks on Alfa Bank server

On March 11 and 13, Alfa Bank was subjected to two new DNS attacks using similar methods. These attacks appear to have been orchestrated from multiple servers primarily in the U.S.

Between 02:00 and 07:00 (Moscow Time) on March 11 and at 21:00 on March 13, Alfa Bank experienced suspicious cyber activity from an unidentified third party or parties. The unidentified third parties or party repeatedly sent unusual DNS queries to a Trump server, the responses to which again ultimately triggered Alfa Bank’s automated security system.

Over a five-hour period on Saturday — and again on Monday — Alfa Bank received more than 1,340 DNS responses containing mail.trump-email.com.moscow.alfaintra.net.

These malicious and seemingly co-ordinated DNS attacks are coming from unidentified users using a variety of predominantly U.S. servers, including Google and Amazon web services. These IP service providers are inadvertently allowing their infrastructure to be used to attack Alfa Bank.

Alfa Bank suspects the unidentified parties are attempting to cover their tracks by using cloud services from these providers.

Given the frequency of the attacks and the variety of Internet service providers used in the attacks, Alfa Bank’s working hypothesis is that these new attacks are being launched from a botnet.

Possible third new attack In March 2017

Alfa Bank has now started to monitor all incoming messages to its servers containing the word «trump.» This monitoring has revealed that Alfa Bank also is receiving unsolicited marketing emails from «[email protected].» These incoming spam marketing emails also trigger Alfa Bank’s security system, which automatically sends multiple DNS verification requests back to the originating server — here, the Trump server — in order to ascertain the identity of the sender.

Alfa Bank does not know whether these marketing emails are legitimate, or whether a third-party is orchestrating the campaign in another attempt to create the false impression of inappropriate communications between Alfa Bank and the Trump Organization.

In response to media questions that started last September, Alfa Bank asked Mandiant, one of the world’s leading cyber experts, to investigate allegations suggested by an anonymous cyber group of a link between Alfa Bank and Trump, based on unverified DNS logs.

Mandiant completed its independent investigation late last year. After examining Alfa Bank’s system both remotely and on the ground in Moscow, and the unverified DNS data presented to the media by the anonymous cyber group, Mandiant concluded that there is no evidence of substantive contact, such as emails or financial links, between Alfa Bank and the Trump Campaign or the Trump Organization.

Mandiant investigated (1) the DNS data given to the media, which journalists had shared with independent DNS experts, and (2) Alfa Bank servers for any evidence of links.

Mandiant concluded:

DNS data — There is no information that indicates where the list (obtained by reporters) has come from. The list contains approximately 2,800 look ups of a Domain Name over a period of 90 days. The information is inconclusive and is not evidence of substantive contact or a direct email or financial link between Alfa Bank and the Trump Campaign or Organization.

Alfa Bank servers — Nothing we have or have found alters our view as described above that there is no evidence of substantive contact or a direct email or financial link between Alfa Bank and the Trump Campaign or Organization.

Mandiant’s working hypothesis is that the activity the reporters’ sources alleged last year was caused by an email marketing/spam campaign possibly targeted at Alfa Bank employees by a marketing server, which triggered security software.

Earlier this year, Alfa Bank launched another investigation to find out who was — and maybe still is — behind this elaborate hoax.

Access to other’s DNS data is highly privileged and is usually independently examined for academic purposes and cyber security research. Therefore, the examination and sharing of DNS data by the people involved in these fraudulent activities brings into question whether these data were acquired lawfully and whether it was ethical to misuse privileged access in order to manufacture a deceit.

Alfa Bank’s working hypothesis is that an individual — possibly well known in internet research circles — may have fed selected DNS data to an anonymous cyber group to ensure they reached a specific (and erroneous) conclusion. Alternatively, the cyber group may have been complicit in the deceit. In the most recent cases, unknown individuals demonstrably attempted to insert falsified records onto Alfa Bank’s computer systems designed to create the same impression.

An Alfa Bank spokesperson said: «The anonymous cyber group, which is led according to news accounts by ‘Tea Leaves,’ cannot produce evidence of a link because there never has been one. Alfa Bank believes that it is under attack and has pledged its complete cooperation to U.S. authorities to find out who is behind these malicious attacks and false stories.»