Feds find, arrest fugitive hacker on the run in Mexico
U.S. government seeking extradition for mastermind behind stolen VoIP scheme
Computerworld - A Miami man, on the run for more than two years after being arrested and charged with stealing and reselling VoIP services, has been caught in Mexico.
Edwin Pena was arrested in June of 2006 on computer and wire fraud charges. The government charges that from November 2004 to May 2006 Pena and a cohort hacked into the computer networks of VoIP service providers and routed calls of Pena's customers' through them.
According to a criminal complaint filed in U.S. District Court in New Jersey, Pena and co-conspirator Robert Moore of Spokane, Wash., sold more than 10 million minutes of VoIP service stolen from 15 telecommunications providers.
Pena, who is charged with one count of computer fraud and one count of wire fraud, faces a maximum of 25 years in prison.
In the fall of 2007, Moore pleaded guilty to conspiracy to commit computer fraud. He currently is serving a two-year sentence in federal prison.
Federal investigators contend that Moore acted as the hacker and that Pena was the mastermind behind the scheme. But while Moore went to prison, Pena went on the run.
Assistant U.S. Attorney Erez Liebermann told Computerworld today that Pena was found and arrested in Mexico last Friday. He added that the U.S. is now seeking Pena's extradition.
Voice-over-IP systems route telephone calls over the Internet or other IP-based networks.
As part of the scheme, Moore's job was to scan telecommunications company networks around the world, searching for unsecured ports. It was noted in the criminal complaint that between June 2005 and October 2005, Moore ran more than 6 million scans of network ports within the AT&T network alone.
The complaint alleges that once Moore found unsecured networks, he would then e-mail Pena information about the types of routers on the vulnerable networks, along with corresponding usernames and passwords. Then, according to the government, Pena would reprogram the vulnerable networks so they would accept his rogue telephone traffic.
The government charges that Pena ran brute force attacks on VoIP providers to find the proprietary codes they used to identify and accept authorized calls coming into their networks. He allegedly would then use the codes to surreptitiously route his own calls through their systems.
Pena's scheme earned him more than $1 million, according to the government, which added that he used some of the money to buy real estate in Miami, a 40-foot Sea Ray Mercruiser boat and luxury cars, including a BMW M3 and a Cadillac Escalade.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts