A California man was hit with an extortion charge this week for allegedly threatening to send out millions of e-mails criticizing his insurance company, if the firm didn’t pay him as much as $3 million.

Anthony Digati, 52, faces a maximum two-year prison term if convicted of charges the Federal Bureau of Investigation is calling “cyber-extortion” (.pdf).

The authorities said Digati erected a website to damage the reputation of New York Life unless it returned his $50,000 premium, and an extra $150,000 for good measure, by a certain date. If the deadline was not meant, the price would climb to $3 million, according to the indictment unsealed late Thursday.

The bureau’s statement said that Digati threatened on his website to “make false public statements and transmit millions of spam e-mails in an effort to damage the reputation of New York Life and cost the company millions of dollars of revenue.”

The authorities declined comment. Digati, of Chino, California, declined to be interviewed when reached by telephone, as did his attorney.

Digati, who is being charged in New York, remains free on bond in connection with the charge of extortion through interstate communications.

According to Thursday’s indictment, Digati became upset with New York Life after having a claim denied. He registered the domain newyorklifeproducts.com, and sent an e-mail to more than 1,000 employees of the insurer demanding payment, adding that if he didn’t get his money by March 8, “the price will then be $3,000,000.”

He told the company through his website that he has “6 million e-mails going out to couples with children age 25-40, this email campaign is ordered and paid for,” according to the indictment.

“I think you get the idea, I’m going to drag your company name and reputation through the muddiest waters imaginable,” he wrote, according to the indictment. “This will cost you millions in lost revenues, trust and credibility not to mention the advertising you will be buying to counter mine.”

“By the way: Yes, I am crazy. Yes, I am vindictive. Yes, I am extremely upset,” Digati allegedly wrote the company. “Yes, I will do everything that I said. I have absolutely nothing to lose or any fear of retaliation, no judge in the world is going to rule for a $200-billion company when there is a lonely customer that you stole from!”

Photo: chotda

See Also:

• Yelp Accused of Extortion
• Wisconsin Teen Gets 15 Years for Facebook Sex-Extortion Scam
• Convicted Hacker Charged With Extortion After Attack on Model’s MySpace Account
• Extortion Plot Threatens to Divulge Millions of Patients’ Prescriptions
• Netscape Dodges Bug, ‘Extortion’ Bullet
• Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years

Readers of Richard Clarke’s new book Cyberwar who want to jump to the steamy parts should start at page 64 in the chapter “Cyber Warriors.” It’s there you’ll find the Book of Revelation re-written for the internet age, with the end-times heralded by the Four Trojan Horses of the Apocalypse.

Chinese hackers take down the Pentagon’s classified and unclassified networks, trigger explosions at oil refineries, release chlorine gas from chemical plants, disable air traffic control, cause trains to crash into each other, delete all data — including offsite backups — held by the federal reserve and major banks, then plunge the country into darkness by taking down the power grid from coast-to-coast. Thousands die immediately. Cities run out of food, ATMs shut down, looters take to the streets.

That electronic Judgment Day is not the stuff of bad movies or sci-fi novels, according to Clarke, who writes, “A sophisticated cyber war attack by one of several nation-states could do that today, in fifteen minutes.”

That’s right. In less time than it takes to download Live Free or Die Hard, foreign hackers could make it real.

A former top counter-terrorism advisor under President Clinton, who later served as President Bush’s cybersecurity czar, Richard Clarke has been sounding the alarm on cyberwar for more than a decade, rarely letting up, even through two real wars and one massive domestic terrorist attack. Now Chairman of Good Harbor Consulting, Clarke is going full-out Jerry Bruckheimer in an effort to get America to take seriously what he clearly sees as a (perennially) looming existential threat to the nation.

And it turns out that in Cyberwar, like in real war, truth is the first casualty.

It’s not just Clarke’s 15-minutes-to-doomsday scenario that stretches credulity. Like most cyberwar pundits, Clarke puts a shine on his fear mongering by regurgitating long-ago debunked hacker horror stories. In his world, the Slammer worm was partially responsible for the Northeast blackout of 2003 — the Energy Department concluded otherwise. A power outage in Brazil is similarly attributed to a hacker, when the real-life evidence points to sooty insulators. Clarke describes the Russian denial-of-service attacks against Estonian servers in 2007 as the “largest ever seen” (not even close). He claims that foreign hackers stole the plans to the F-35 Joint Strike Fighter fighter, when they actually nabbed unclassified information on the plane’s self-diagnostic system.

So much of Clarke’s evidence is either easily debunked with a Google search, or so defies common sense, that you’d think reviewers of the book would dismiss it outright. Instead, they seem content to quote the book liberally and accept his premise that cyberwar could flatten the United States, and no one in power cares at all. Of course, the debunking would be easier if the book had footnotes or endnotes, but neither are included — Revelation doesn’t need sources.

Clarke returns over and over to the security of the power grid, focusing on the systems known as SCADA that allow utilities to remotely monitor and control electric generation and transmission equipment. Here, he starts reasonably enough: Good security practices dictate that these systems should be unreachable from the public net, and, unfortunately, that’s not always the case. But from there, he quickly moves back to fantasy. He suggests darkly throughout the book that the nation’s power and chemical plants are all shot through with secret backdoors implanted by the Russian, North Korean and Chinese governments, even though there’s never been a single publicly documented case, outside of a vague and anonymously sourced article in the Wall Street Journal

Clarke’s prescriptions are manyfold. First, the nation’s backbone carriers — the ones with fiber optic networks crisscrossing the country — should be required to inspect all packets, and delete the ones that match known signatures of viruses and other malware. While that might seem like a fine idea, the security industry is already moving away from signature-based strategies, since malware-makers have taken to testing their payloads against anti-virus software before deploying it.

ISPs already have the ability, and the legal right, to filter out known bad packets, but requiring it — as Clarke would do — would not only be ineffective, but it would inevitably lead to other demands to filter content, first child pornography, then perceived copyright violations, and finally unwanted speech of all sorts. Clarke fails to consider the contents of the Pandora’s box he seeks to open.

More persuasively, Clarke argues the feds need to set some real, auditable and binding rules for companies that run critical infrastructure, such as the electrical grid. The current policy is driven by the rationale that private-sector companies have enough financial incentive to protect their network, and the government’s role should be limited to helping share information about threats among the stakeholders. That policy works well when it comes to companies like Google and Chase, which could lose customers if their networks are routinely hacked, but isn’t as effective for your energy company, which likely has no real competition.

So, even if you don’t accept Clarke’s doomsday predictions, there’s a good case to be made that the feds ought to have strong rules governing these systems, and, as he suggests, a crew of white hat hackers tasked with trying to bust into the grid on a daily basis.

And there’s something to be gained by thinking about the consequences and morality of militaries infiltrating other country’s power grids, or whether the government ought to be able to take down Al Qaeda websites, or whether the military should ever hack into the financial system. These are fun and not unimportant debates to have.

But the Chinese can’t blunt the power of 15 carrier groups with some fancypants, unheard of ninja cybercoding tricks. Live Free or Die Hard was a bad movie, not a prescient one (it’s one of many Hollywood references Clarke makes to bolster his case). The Chinese and Russians don’t have secret backdoors into the transformer outside your house, and if it blows up, it’s more likely a rodent chewing through the casing than a cyberwarrior sitting in an internet cafe in Shanghai.

The cyberwar rhetoric is dangerous. Its practitioners are artists of exaggeration, who seem to think spinning tall tales is the only way to make bureaucracies move in the right direction. But yelling “Cyberwar” in a crowded internet is not without consequence. Not only does it promote unnecessary fear, it feeds the forces of parochial nationalism and militarism — undermining a communications system that has arguably done more to connect the world’s citizens than the last 50 years of diplomacy.

And, let’s be honest, your photocopier will never, ever catch on fire due to a hacker, like it does in Cyberwar.

Except, of course, in the movie version of this book, which undoubtedly, will star Bruce Willis or Keifer Sutherland.

See Also:

• Cyberwar Hype Intended to Destroy the Open Internet
• Cyberwar Commander Survives Senate Hearing
• White House Cyber Czar: ‘There Is No Cyberwar’
• Cyberwar Doomsayer Lands $34 Million in Government Cyberwar
• It’s Cyberwar! Let’s Play Bingo!
• Urban Legend Watch: Cyberwar Attack on U.S. Central Command
• ‘Cyberwar’ and Estonia’s Panic Attack
• Brazilian Blackout Traced to Sooty Insulators, Not Hackers
• Feds’ Smart Grid Race Leaves Cybersecurity in the Dust
• U.S. Cybersecurity Czar to Resign
• Wired 10.03: Two Lines of Defense

McAfee said Thursday it was trying to determine how it bungled a security update that crashed perhaps tens of thousands of PCs across the globe.

Computers from Australia and Kentucky to the United Kingdom began freezing up late Wednesday after the Santa Clara, California, security firm released an updated definition file for its corporate antivirus software. The update mistakenly identified a critical Windows file — svchost.exe — as a worm and quarantined it, crashing computers running Windows XP Service Pack 3.

While the update has been removed, McAfee said it was “investigating how the incorrect detection made it into our DAT files and will take measures to prevent this from reoccurring.” Scammers began seizing on the debacle, marketing fake antivirus services.

McAfee’s snafu was the second black eye for the company in as many weeks. McAfee, a household name for computer virus-protection, on April 8 was hit with accusations it dupes online customers into purchasing third-party services, and hands over consumer banking information to enable those transactions.

Researchers said Thursday that affected computers had to be manually corrected one by one, a process that could take 30 minutes per machine.

On Thursday, Coles, an Australian supermarket chain, said 1,100 checkout terminals crashed because of the McAfee update, so it temporarily closed several stores in that country. An Intel spokesman in California acknowledged the problem at its headquarters was “significant.” Kentucky State Police lost use of their their entire IT infrastructure, and hospitals in Rhode Island postponed elective surgeries.

“We sincerely apologize for the inconvenience this has caused our customers,” McAfee said Thursday,  declining to say how many computers it believed were affected.

Photo: Associated Press

See Also:

• Lawsuit Says McAfee Plays Loose With Customer Data
• Google Hack Attack Was Ultra Sophisticated, New Details Show
• ‘Google’ Hackers Had Ability to Alter Source Code
• McAfee Threats Report: Second Quarter 2009
• McAfee Warns Spam, Trojans and Botnets Skyrocketing
• Viral Video Hoax, or Proof of Impending Cyber Apocalypse?
• Former McAfee CEO Takes on P2P

A proposed global intellectual-property treaty no longer nudges the international community to develop “three strikes” protocols to suspend internet connections of customers caught downloading copyrighted works, according to a draft of the Anti-Counterfeiting Trade Agreement released Tuesday.

The official draft of the proposed intellectual property accord was released after months of leaks and assertions by the Obama administration that it was a classified national security secret.

Still, critics of the proposal said Tuesday that a controversial theme in the draft (.pdf) remains: that the United States was “attempting to export a regulatory regime that favors big media companies at the expense of consumers and innovators,” according to Public Knowledge, a Washington, D.C., digital rights group.

The group and others were, in part, referring to the U.S. Digital Millennium Copyright Act. Under the DMCA, internet service providers are responsible for the infringing material hosted on their networks if they fail to remove the content at the rights holder’s request.

That is a sea change to Canadian copyright statutes, for example. “That is inconsistent with Canadian law, which has no such requirement,” said Michael Geist, an ACTA expert at the University of Ottawa.

A biggest surprise in the official draft, which is being hammered out by the United States, Canada, the European Union, Japan and dozens of others, is the removal of a controversial U.S.-backed footnote that appeared in an unofficial, yet previously leaked version. The footnote provided for “the termination in appropriate circumstances of subscriptions and accounts on the service provider’s system or network of repeat infringers.”

Last month, the European Parliament voted not to approve ACTA if it contained these so-called “three strikes” or graduated response” termination requirements.

Those policies are the holy grail of internet-IP enforcement, staunchly backed by the Motion Picture Association of America and the Recording Industry Association of America.

Negotiating entities include Australia, Canada, Japan, South Korea, Mexico, Morocco, New Zealand, Singapore and Switzerland the United States and the European Union.

The ACTA negotiators concluded meetings last week in New Zealand and are expected to meet in Switzerland in June. The accord is expected to be completed by year’s end.

Congressional authorization is not required.

See Also:

• ACTA Draft: No Internet for Copyright Scofflaws
• Europe Worries U.S. Bowing to ‘Industry’ in ACTA Talks
• Obama Administration Declares Proposed IP Treaty a ‘National Security Secret
• Copyright Treaty Is Policy Laundering at Its Finest
• Here’s That Leaked Copyright Treaty Document
• Report: U.S. Fears Public Scrutiny Would Scuttle IP Treaty Talks
• MPAA Says Copyright-Treaty Critics Hate Hollywood

It was only a matter of time before another banker, lured by the prospects of riches, would get busted on allegations of stealing source code connected to a high-frequency, stock-and-commodities trading platform.

The latest arrest concerns a former Societe Generale trader who was being detained Tuesday on New York federal court charges of stealing the computer code of the Paris-based banking concern’s high-frequency trading software.

Monday’s arrest of Samarth Agrawal, 26, came nine months after a Goldman Sachs programmer was arrested on similar charges that he, too, stole his employer’s source code for software his employer used to make sophisticated, high-speed, high-volume stock and commodities trades.

The Securities and Exchange Commission is investigating the use of these programs that many believe give their users an unfair advantage over other traders. Nevertheless, stealing the code to these suspect programs remains illegal.

When Sergey Aleynikov, the Goldman Sachs computer programmer, was arrested in July, the authorities said the software at issue could “manipulate markets in unfair ways.”

And on Monday, Manhattan federal prosecutors wrote in Agrawal’s complaint that Societe Generale “believes that, if competing firms were to obtain the code and use its features, the financial institution’s ability to profit from trades using the code would be significantly diminished” (.pdf).

According to Agrawal’s complaint, the code at issue “uses a number of sophisticated mathematical formulas, or algorithms, to make decisions about, among other things, the volume, price and timing of trades that are made by the trading system. The trades made using the trading system typically generate millions of dollars of profits per year for the financial institution.”

In both prosecutions, the authorities said the defendants had wanted the code for their own financial benefit. When Agrawal resigned from the Paris-based bank’s New York offices, he allegedly told his employer he wanted to move back to India and begin his own high-frequency trading fund.

Photo: AP

See Also:

• San Francisco Admin Coughs Up Passcodes in Secret Jailhouse
• FBI Hoaxes Boost Online Fraud
• Malware Threatens to Sue BitTorrent Downloaders
• Man Allegedly Bilks E-trade, Schwab of $50000
• Court Allows Woman to Sue Bank for Lax Security
• Russian Cybercrook Gets 18 Months for IRS E-Filing Scam
• FBI Says ‘Money Mule’ Scams Now Top $100 Million

Search engines and ISPs have for years refused to tell the public how many times the cops and feds have forced them to turn over information on users.

Google broke that unwritten code of silence Tuesday, unveiling a Government Requests Tool that shows the public how often individual governments around the world have asked for user information, and how often they’ve asked Google to remove content from their sites or search index, for reasons other than copyright violation.

The answer for U.S. users is 3,580 total requests for information over a six-month period from July 2009 to December 2009. That number comes to about 20 a day, and includes subpoenas and search warrants from state, local and federal law enforcement officials. Brazil just edges out the U.S. in the number of requests for data about users, with 3,663 over those six months. That’s due to the continuing Brazilian popularity of Google’s social networking site, Orkut.

Google VP David Drummond announced the tool in a blog post Tuesday, casting it as a tool to cut down on censorship — not surprising, given that Google says it’s been censored by 25 of the 100 countries it operates in.

[G]overnment censorship of the web is growing rapidly: from the outright blocking and filtering of sites, to court orders limiting access to information and legislation forcing companies to self-censor content.

So it’s no surprise that Google, like other technology and telecommunications companies, regularly receives demands from government agencies to remove content from our services. Of course many of these requests are entirely legitimate, such as requests for the removal of child pornography. We also regularly receive requests from law enforcement agencies to hand over private user data. Again, the vast majority of these requests are valid and the information needed is for legitimate criminal investigations. However, data about these activities historically has not been broadly available. We believe that greater transparency will lead to less censorship.

Google is also releasing information about the number of times governments ask the company to take down content or remove links. These include requests to take down defamatory videos, such as the one that led to prosecution of Google executives in Italy. The statistics do not include requests based on copyright or from reports of child pornography, since Google automatically takes down the latter whenever it detects it.

Google has long pledged its allegiance to transparency and says this announcement will add to the long-running debate about how much power law enforcement and governments should have to see what citizens do online.

A broad consortium of tech companies and privacy groups recently announced a push to modernize the nation’s privacy laws so that data stored by third parties, especially by so-called cloud computing services like Gmail, are treated just like data stored on citizens’ home computers. Currently, e-mails stored online lose much of their legal protection after 6 months, and the Justice Department recently tried to get at unopened mail online without having to get a proper search warrant.

The numbers reflect only criminal investigations, and do not include national security investigation powers such as National Security Lettters or FISA warrants, which companies are often not legally allowed to disclose.

The numbers also do not include the number of people named in the requests, whether Google fought the request, or which products the requests apply to. The company says it plans to release that information after it figures out how to create meaningful statistics, since a single request can apply to multiple people using multiple products, or conversely, Google can receive multiple requests concerning the same person.

Threat Level has been agitating since 2006 for Google to disclose records requests.  While there’s more the company could reveal, today’s move is an unprecedented step from an internet giant.

For its part Microsoft says it’s not ready to reveal its numbers.

“At this time Microsoft is not commenting on the demands made by governments for customer information,” the company said in an e-mailed statement “However, we are in the process of working towards full implementation of the Global Network Initiative principles, which will enable a framework for providing more transparency to our processes and procedures in responding to governments demands for customer information.”

Fellow internet giant Yahoo says it’s also a founding member of the Global Network alliance, but it doesn’t give out surveillance statistics, in part to protect user privacy.

“In support of both user privacy and public safety interests, we do not generally discuss the details of law enforcement demands,” the company said in an e-mailed statement. “As a general matter, Yahoo! Inc. and its subsidiaries around the world receive law enforcement demands relating to only a tiny fraction (less than one one-hundredth of 1%) of the Yahoo! user base.”

That initiative was started after Congress contemplated regulating how large U.S. internet companies do business in countries with repressive governments, after Yahoo helped the Chinese government imprison political activists by turning over their e-mails to authorities.

The ACLU applauded Google’s move, saying they’d called for this data for years and that they hope it helps the movement to reform the U.S.’s data privacy laws.

“Americans for too long have been kept in the dark about how their private information is stored, used and shared,” said Laura Murphy, who heads the ACLU’s Washington Legislative office. “It is our hope that this tool will help Americans to better understand the relationship between private companies and our government.”

Murphy says such reporting should be mandatory.

“Congress should make updating the law a priority so that other companies will fall in line with Google and allow for greater transparency when it comes to the government’s requests for our information,” Murphy said.

ISPs and large tech companies have long used the excuse that they don’t publish this information because no one else does. Now that Google has taken this first step, that argument no longer works. And we are looking at you, Yahoo, Microsoft, Amazon and AT&T, when we say that.

You might notice that Google reports no data for China and other countries for user requests in criminal investigations. That’s because Google is not reporting data for criminal requests when countries have fewer than 30 in six months, since those “statistics could place important investigations at risk and interfere with public safety efforts of the authorities.”

See Also:

• Google Talks Transparency, But Hides Surveillance Stats
• Google’s Half-Hearted Commitment to Transparency
• Google, Microsoft Push Feds to Fix Privacy Laws

The hackers who breached Google’s network last year were able to nab the source code for the company’s global password system, according to The New York Times.

The single sign-on password system, which Google referred to internally as “Gaia,” allows users to log into a constellation of services the company offers — Gmail, search, business applications and others — using one password.

The hackers, who are still unknown, were able to steal the code after gaining access to the company’s software repository, which stores the crown jewels for its search engine and other programs.

Because the hackers grabbed the software, and do not appear to have grabbed customer passwords, users aren’t directly affected by the theft. But the hackers could study the software for security vulnerabilities to devise ways to breach the system that could later affect users.

Google announced in January that it and numerous other companies had been hacked in a sophisticated attack. The hackers had targeted source code repositories at many of the companies, including Google.

According to the Times, the theft began when an instant message was sent to a Google employee in China who was using Windows Messenger. The message included a link to a malicious website. Once the employee clicked on the link, the intruders were able to gain access to the employee’s computer and from there to computers used by software developers at Google’s headquarters in California.

The intruders seemed to know the names of the Gaia software developers, according to the Times. The intruders had access to an internal Google corporate directory known as Moma, which lists the work activities of every Google employee.

They initially tried to access the programmer’s work computers and “then used a set of sophisticated techniques to gain access to the repositories where the source code for the program was stored.”

The Times doesn’t elaborate on the set of sophisticated techniques the hackers used to access the source code, but in March, security firm McAfee released a white paper in relation to the Google hack that describes serious security vulnerabilities it found in software configuration management systems (SCMs) used by companies that were targeted in the hacks.

“[The SCMs] were wide open,” Dmitri Alperovitch, McAfee’s vice president for threat research told Threat Level at the time. “No one ever thought about securing them, yet these were the crown jewels of most of these companies in many ways — much more valuable than any financial or personally identifiable data that they may have and spend so much time and effort protecting.”

Many of the companies that were attacked used the same source-code management system made by Perforce, a California-based company, according to McAfee. The paper didn’t indicate, however, whether Google used Perforce or had another system in place with vulnerabilities.

According to McAfee’s earlier report, the malicious website the hackers used in the Google hack was hosted in Taiwan. Once the victim clicked on a link to the site, the site downloaded and executed a malicious JavaScript, with a zero-day exploit that attacked a vulnerability in the user’s Internet Explorer browser.

A binary disguised as a JPEG file then downloaded to the user’s system and opened a backdoor onto the computer and set up a connection to the attackers’ command-and-control servers, also hosted in Taiwan.

From that initial access point, the attackers obtained access to the source-code management system or burrowed deeper into the corporate network to gain a persistent hold.

According to the paper, the hackers were successful at accessing source code because many SCMs are not secured out of the box and do not maintain sufficient logs to help forensic investigators examining an attack.

“Additionally, due to the open nature of most SCM systems today, much of the source code it is built to protect can be copied and managed on the endpoint developer system,” the white paper states. “It is quite common to have developers copy source code files to their local systems, edit them locally, and then check them back into the source code tree…. As a result, attackers often don’t even need to target and hack the backend SCM systems; they can simply target the individual developer systems to harvest large amounts of source code rather quickly.”

Alperovitch told Threat Level his company had seen no evidence to indicate that source code at any of the hacked companies had been altered.

Two Belarusian nationals suspected of operating a rent-a-fraudster service for bank and identity thieves have been arrested overseas, according to New York authorities, who unsealed an indictment for one of the suspects on Monday.

Dmitry Naskovets, 25, and Sergey Semashko, 25, are suspected of creating and operating CallService.biz, a Russian-language site for identity criminals who trafficked in stolen bank-account data and other information. The website displayed an FBI logo Monday and the message, “This domain has been seized by the Federal Bureau of Investigation.”

Naskovets has been charged in U.S. District Court for Southern New York with one count each of aggravated identity theft and conspiracy to commit wire fraud and credit card fraud. Semashko has been charged by Belarusian authorities.

Naskovets was arrested in the Czech Republic last Thursday, at the request of U.S. authorities who have filed for extradition. Semashko was arrested the same day in Belarus.

According to the indictment (.pdf), the two entrepreneurs launched the site in Lithuania in June 2007 and filled a much-needed niche in the criminal world — providing English- and German-speaking “stand-ins” to help crooks thwart bank security screening measures.

In order to conduct certain transactions — such as initiating wire transfers, unblocking accounts or changing the contact information on an account — some financial institutions require the legitimate account holder to authorize the transaction by phone.

Thieves could provide the stolen account information and biographical information of the account holder to CallService.biz, along with instructions about what needed to be authorized. The biographical information sometimes included the account holder’s name, address, Social Security number, e-mail address and answers to security questions the financial institution might ask, such as the age of the victim’s father when the victim was born, the nickname of the victim’s oldest sibling or the city where the victim was married.

The thieves obtained the information through various means, such as phishing attacks and malware placed on victims’ computers to log their keystrokes.

CallService.biz would then have someone who matched the legitimate account holder’s gender and was proficient in the needed language, pose as the account holder and call the financial institution to authorize the fraudulent transaction.

One client, for example, requested assistance in July 2007 with illegally siphoning $35,000 from a checking account owned by someone in Westchester County, New York. The wire transfer occurred July 17.

The site boasted that its purveyors had served more than 2,000 criminal customers. Authorities wouldn’t say what fees the two allegedly charged or how much they earned from their scheme.

The two advertised their services on other carding sites, such as CardingWorld.cc, which was also operated by Semashko. The ads boasted that their team had conducted more than 5,400 “confirmation calls” to banks.

The FBI seized the domain name pursuant to a seizure warrant.

Additional co-conspirators were also arrested overseas, though authorities didn’t indicate how many.

U.S. Attorney Preet Bharara said in a statement that the site “was especially dangerous because it allegedly was specifically designed to bypass the usual security measures that bank and business customers have come to rely on.”

The Department of Justice’s office of international affairs worked with the Belarusian Ministry of Internal Affairs’ high-tech–crime department, the Police Presidium of the Czech Republic and the Lithuanian Criminal Police Bureau Cybercrime Board to coordinate the investigations and arrests.

If convicted on all three counts, Naskovets faces a maximum sentence of 39½ years in prison.

A webcam spying scandal at a suburban Philadelphia school district is broadening, with lawyers claiming the district secretly snapped thousands of webcam images of students using school-issued laptops without the pupils’ knowledge or consent.

Some of the images included pictures of youths at home, in bed or even “partially dressed,” according to a Thursday filing in the case. Pupils’ online chats were also captured, as well as a record of the websites they visited.

Pennsylvania high school officials are accused of spying on students with webcams on district-issued Macbooks. Here is sophomore Blake Robbins sleeping at home in an image secretly and allegedly taken by his school's laptop. (Posted here with permission of Robbins' attorneys)

When the story first broke in February, the district said the cameras were activated only handful of times when a laptop was reported stolen or missing — an assertion lawyers suing the district say is false.

“Discovery to date has now revealed that thousands of webcam pictures and screen shots (.pdf) have been taken from numerous other students in their homes, many of which never reported their laptops lost or missing,” attorney Mark Haltzman wrote in a Thursday federal court filing.

In February, the Lower Merion School District deactivated the webcam-tracking program secretly lodged on 2,300 student laptops.

The move came a day after the 6,900-pupil district, which provides students from its two high schools free MacBooks, was sued in federal court on allegations it was undertaking a dragnet surveillance program targeting its students — an allegation the district has repeatedly denied.

The suit was based on a claim by sophomore Blake Robbins that school officials reprimanded him for “improper behavior” based on photos the computer secretly took of the boy at home last fall. One picture shows him asleep at home in October.

That “behavior” turned out to be pill popping. The family said their son was eating Mike and Ike candy.

Thursday’s filing, which claims 400 images of Robbins were taken during a two-week period last fall, also says that an IT administrator at the district “may be a voyeur.” Lawyers suing the district are urging a federal judge presiding over the case to grant a forensic examination of administrator’s personal computer.

The lawsuit said the administrator, who has been placed on paid leave, “invokes the Fifth Amendment to every question asked of her, including a question asked as to whether she had ever downloading (sic) pictures to her own computer, including pictures of students who were naked while in their home.”

The lawsuit seeks class-action status to represent all the district’s 2,300 high school students.

Proposed legislation announced late Thursday by Sen. Arlen Specter (D-Pennsylvania) would make it a federal felony to remotely spy on private residences and hotel rooms with video cameras.

See Also:

• Teen Kills Self on Justin.tv — Update
• Fed Blotter: New Charges Filed Against Alleged Cyber Peeping Tom
• MySpace Sued Over 2006 Teen Suicide
• U.S. Military Contractor Allegedly Hacked Teens to Extort Nude Photos
• FBI Recorded 27 Million FISA ‘Sessions’ in 2006
• NYPD Helicopter Views Faces from Miles Away

The two American lawyers who were illegally wiretapped by the Bush administration asked a federal judge Friday to order the government to pay $612,000 in damages, plus legal fees for their attorneys.

The demand (.pdf) comes two weeks after U.S. District Judge Vaughn Walker said the former administration wiretapped the lawyers’ telephone conversations (.pdf) without a warrant, in violation of federal law.

It was the first ruling addressing how Bush’s once-secret NSA spy program, adopted in the wake of the 9/11 terror attacks, was carried out against American citizens. Other lawsuits considered the program’s overall constitutionality — absent any evidence of specific eavesdropping — and were dismissed.

The government in 2004 was intercepting the telephone communications of lawyers Wendell Belew and Asim Ghafoor. They were counsel to a Saudi charity, the Al-Haramain Islamic Foundation, which the government has declared a terror organization.

They learned of the eavesdropping after the government erroneously sent them records. Both the Bush and the Obama administrations declared those records state secrets, so the documents were removed from the case.

Walker allowed the case to proceed, based on other evidence of eavesdropping (.pdf).

The lawyers are seeking $204,000 each, in addition to $204,000 for the charity, whose U.S. assets are frozen because of its terror designation. Judge Walker did not immediately rule on the request.

Under Bush’s so-called Terrorist Surveillance Program, which The New York Times disclosed in December 2005, the NSA was eavesdropping on Americans’ telephone calls without warrants if the government believed the person on the other line was overseas and associated with terrorism. Congress, with the vote of Barack Obama — who was a U.S. senator from Illinois at the time — subsequently authorized such warrantless spying in the summer of 2008.

The legislation also provided the nation’s telecommunication companies immunity from lawsuits accusing them of being complicit with the Bush administration in illegal wiretapping.

Photo: wintersoul1/flickr

See Also:

• Court Says Bush Illegally Wiretapped Two Americans
• Obama Dares Judge to Order Release Of NSA Spy Document
• Appeals Court Allows Classified Evidence in Spy Case
• Top Secret: We’re Wiretapping You
• Analysis: Some Secret Documents Are Too Secret
• Feds Urge Dismissal of High-Profile Spy Case
• Thoughts of Storm Troopers Filling Spy Case