Feds find, arrest fugitive hacker on the run in Mexico
U.S. government seeking extradition for mastermind behind stolen VoIP scheme
Computerworld - A Miami man, on the run for more than two years after being arrested and charged with stealing and reselling VoIP services, has been caught in Mexico.
Edwin Pena was arrested in June of 2006 on computer and wire fraud charges. The government charges that from November 2004 to May 2006 Pena and a cohort hacked into the computer networks of VoIP service providers and routed calls of Pena's customers' through them.
According to a criminal complaint filed in U.S. District Court in New Jersey, Pena and co-conspirator Robert Moore of Spokane, Wash., sold more than 10 million minutes of VoIP service stolen from 15 telecommunications providers.
Pena, who is charged with one count of computer fraud and one count of wire fraud, faces a maximum of 25 years in prison.
In the fall of 2007, Moore pleaded guilty to conspiracy to commit computer fraud. He currently is serving a two-year sentence in federal prison.
Federal investigators contend that Moore acted as the hacker and that Pena was the mastermind behind the scheme. But while Moore went to prison, Pena went on the run.
Assistant U.S. Attorney Erez Liebermann told Computerworld today that Pena was found and arrested in Mexico last Friday. He added that the U.S. is now seeking Pena's extradition.
Voice-over-IP systems route telephone calls over the Internet or other IP-based networks.
As part of the scheme, Moore's job was to scan telecommunications company networks around the world, searching for unsecured ports. It was noted in the criminal complaint that between June 2005 and October 2005, Moore ran more than 6 million scans of network ports within the AT&T network alone.
The complaint alleges that once Moore found unsecured networks, he would then e-mail Pena information about the types of routers on the vulnerable networks, along with corresponding usernames and passwords. Then, according to the government, Pena would reprogram the vulnerable networks so they would accept his rogue telephone traffic.
The government charges that Pena ran brute force attacks on VoIP providers to find the proprietary codes they used to identify and accept authorized calls coming into their networks. He allegedly would then use the codes to surreptitiously route his own calls through their systems.
Pena's scheme earned him more than $1 million, according to the government, which added that he used some of the money to buy real estate in Miami, a 40-foot Sea Ray Mercruiser boat and luxury cars, including a BMW M3 and a Cadillac Escalade.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts