Three individuals residing in the Philippines were indicted in New Jersey on June 12 for allegedly hacking into the telephone systems of large corporations and entities in the United States and other countries and selling information about the compromised telephone systems to Pakistani nationals residing in Italy, according to acting U.S. Attorney Ralph J. Marra, Jr.
Charged in the New Jersey indictment were Mahmoud Nusier, 40, Paul Michael Kwan, 27, and Nancy Gomez, 24, all currently residing in the Philippines, with conspiracy to commit wire fraud and unauthorized access to computer systems and other counts. Nusier is a Jordanian national, while Kwan and Gomez are Philippine nationals. In connection with this international investigation, each of the defendants were previously arrested on March 10, 2007, by authorities in the Philippines, where they remain. The US Department of Justice is working with Philippine authorities to hold the defendants accountable in the United States for their alleged crimes.
In conjunction with the unsealing of the indictment, Italian law enforcement conducted searches of approximately 10 locations in four regions of Italy and arrested the financiers of the hacking activity. Those financiers allegedly used the information to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone.
"This was an extensive and well-organized criminal network that worked across continents," said Marra. "The hackers we've charged enabled their conspirators in Italy and elsewhere to steal large amounts of telecommunications capacity, which could then be used to further or finance just about any sort of nefarious activity here or overseas."
"We are extremely grateful to the FBI and authorities abroad with which we worked closely in developing this case," Marra said.
Operations were conducted on June 12 in Italy, where at least five individuals, all Pakistanis, were arrested during early-morning raids. Searches occurred at at least 10 telephone call centers and other premises. A news conference announcing the details was held by the chief of Brescia Police, the Brescia prosecutor, head of the Italian national police counter-terrorism division from Rome and officials from the Divisione Investigazioni Generali e Operazioni Speciali. The investigation has been ongoing since 2006 and relates to conduct ranging from October 2005 through December 2008.
According to information released by the U.S. Department of Justice, Nusier, Kwan, Gomez and others were recruited by the Pakistani masterminds in Italy to hack into the telephone networks of unsuspecting large corporations and entities so that telephone calls from the call centers owned by the Pakistanis in Italy could be transmitted over the hacked networks. To accomplish their mission, the hackers gained an intimate familiarity with the programming of the public branch exchange (PBX) telephone systems.
As the hackers dialed into the systems, they were able to identify the type of PBX system by the prompts and were thereby able to begin a process, known as a brute force attack, by which they sought to attack vulnerable points of the PBX systems. Often, the vulnerable points consisted of telephone extensions with default passwords still in place. After using a couple of methods to exploit the information they gained regarding the hacked PBX systems, the hackers transmitted the information about the hacked system back to the financiers. The hackers -- Nusier, Kwan, Gomez and others -- were then paid approximately $100 per hacked telephone system.
In March 2007, the Philippine police executed search warrants and arrested seven individuals, including Nusier, Kwan and Gomez, in connection with the present investigation. As part of the Philippines investigation, it was revealed that the PBX systems of over 2,500 victim corporations in the United States, Canada, Australia and Europe had been infiltrated. The searches yielded dozens of notebooks full of the telephone numbers and access codes to the victim PBX systems.
"We will continue to work with law enforcement officials overseas in Italy, the Philippines and elsewhere to prosecute those individuals currently charged and to identify others involved in this international conspiracy," said Weysan Dun, Special Agent in Charge of the FBI Newark Division. "The recent cooperation and coordination illustrates law enforcement's ability to adapt to the ever-changing landscape of international cybercrime."
The losses in this case, which exceeded $55 million, were borne by the victim corporations and entities, and AT&T and other long distance carriers, which provided the long-distance telephone service for the victims. Although AT&T was not hacked, it was among the companies that carried the long-distance calls. The U.S. Attorney's Office and FBI thanked AT&T and the victim corporations for their extensive and critical cooperation in the investigation.
In addition to the conspiracy count, each of the defendants is charged with two counts of unauthorized access to a computer system for purposes of committing fraud, and with the possession of unauthorized access devices, including passcodes to U.S. telephone systems. The defendants face maximum prison sentences of five years on the conspiracy count, five years on each of the two respective unauthorized computer access counts, and 10 additional years on the access device count. In addition, each is subject to a maximum fine of $250,000 on each count for which they are named, or twice the gain resulting from the offense, whichever is greater.
The indictment has been assigned to U.S. District Judge Mary L. Cooper in Trenton. No hearings are currently scheduled before the court, as defendants Nusier, Kwan and Gomez are residing in the Philippines and would only make an appearance in the United States subject to their self-reporting or extradition. The individuals arrested in Italy will be prosecuted in Italy.
Marra credited the Special Agents of the FBI, under the direction of Special Agent in Charge Weysan Dun, for their work in the investigation. The case is being prosecuted by Assistant U.S. Attorney Erez Liebermann of the U.S. Attorney's Office Computer Hacking and Intellectual Property Section, part of the Commercial Crimes Unit in Newark.