Fugitive hacker headed back to U.S. for arraignment

Computerworld - A Miami man who for three years had evaded prosecution in connection with the theft and reselling of VoIP services is being extradited to Newark from Mexico today and is set to be arraigned in a New Jersey federal courthouse on Friday.

Edwin Pena, 26, had been arrested in June, 2006, on multiple computer and wire fraud charges, and then allegedly fled the country about two months later. He had been free on $100,000 bail. Pena was apprehended in Mexico in February and federal prosecutors have been working to get him extradited back to the U.S. since then, according to Assistant U.S. Attorney Erez Liebermann.

"He's been a fugitive for over three years," said Liebermann, who is prosecuting the case. "We're looking forward to proceeding with the prosecution."

Pena faces 20 charges that include conspiracy to commit computer intrusion and conspiracy to commit wire fraud charge. The U.S. alleges that from November 2004 to May 2006 Pena and a cohort hacked into the computer networks of VoIP service providers and routed calls made by customers of Pena's VoIP service through them.

According to a criminal complaint filed in U.S. District Court in New Jersey, Pena and co-conspirator Robert Moore of Spokane, Wash., sold more than 10 million minutes of VoIP service that had been stolen from 15 telecommunications providers. Prosecutors have contended that the lost minutes were valed at $1.4 million to the providers victimized in the alleged scam. Federal investigators contend that Pena was the mastermind behind the scheme and Moore hacked the systems.

In the fall of 2007, Moore pleaded guilty to conspiracy to commit computer fraud and began a two-year prison sentence.

Voice-over-IP systems route telephone calls over the Internet or other IP-based networks.

Moore scanned telecommunications company networks around the world, searching for unsecured ports -- the criminal complaint said that between June 2005 and October 2005, Moore ran more than 6 million scans of network ports within the AT&T network alone.

The complaint alleges that once Moore found unsecured networks, he would then e-mail Pena the key information needed to access vulnerable networks.

Once the networks were accessed, prosecutors allege that Pena ran brute force attacks to find the proprietary codes needed to identify and accept authorized calls coming into the networks. He allegedly would used the codes to surreptitiously route his clients' calls through the systems.

According to court documents, Pena gained more than $1 million from the scheme. Some was spent to buy real estate in Miami, a 40-foot boat and luxury cars, including a BMW M3 and a Cadillac Escalade.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Knowledge Center.