A Lithuanian pleaded guilty today to wire fraud, aggravated identity theft and three counts of money laundering, after instigating employees of Google and Alphabet units Alphabet transferred more than $ 100 million into bank accounts that he controlled as part of the compromise of several business emails (BEC). ) Fraud attacks of at least around 2013 or around 2015 or so.
"As Evaldas Rimasauskas has acknowledged today, he has come up with a blatant ploy to prevent US companies from spending more than $ 100 million and then siphoned those funds into bank accounts around the world. said Manhattan US Attorney Geoffrey S. Berman in the DoJ press release. Unsealed indictment of March 21, 2017.
According to the indictment [.PDF]Rimasauskas has registered and incorporated a Latvian company with the same name as Asian computer hardware manufacturer Quanta Computer Inc., according to Bloomberg, and has also opened several accounts in banks in Cyprus, Lithuania, Hungary, Slovakia and Latvia to receive fraudulent payments.
Facebook defrauded $ 99 million, Google's $ 23 million
According to the communiqué issued today by the DoJ, he "submitted false invoices, contracts and letters that appeared to have been executed and wrongly signed by leaders and agents of the victim companies and wore false stamps. company name of these companies "to banks in support of the large volume of funds that were fraudulently transmitted by electronic transfer".
With the help of several spoofed emails and the fact that both companies had identical names, the fraudster was able to mislead Google and Facebook employees, as well as the banks they worked with, to make and approve payments. on the bank accounts of his Latvian business.
After successfully receiving funds from the accounts he controlled, Rimasauskas spread the funds to bank accounts in six other countries, trying to cover his tracks.
Although the indictment does not specifically identify Google and Facebook as being the two US companies that have been deceived by the attacks of the Lithuanian scammers at the BEC, Reuters said that a Lithuanian court decision in 2017 identified Google and Facebook as the victims ".
In addition, according to the same report, "the scheme has defrauded Google on $ 23 million and Facebook out of $ 99 million, according to this order".
Rimasauskas faces up to 30 years in prison
As detailed in Today's guilty plea court documents, Rimasauskas agreed to waive US $ 49,738,559.41, "representing the amount of proceeds that can be attributed to the offense set out in Count 1 of the Act". "Accusation that the defendant personally got", which corresponds to the charge of wire fraud.
Rimasauskas is liable to a maximum sentence of 30 years imprisonment when he is found guilty of wire fraud, aggravated identity theft and three counts of money laundering. money against him, the date of the sentence having been set at "24/07/2019 at 10 o'clock in front of Judge George B. Daniels."
The FBI's Internet Crime Complaints Center (IC3) warned in June 2016 that the OCI attacks were causing huge financial losses, with malicious actors having cheated companies worth more than $ 3 billion. in the world in just over three years, with "1,300% increase in exposed losses identified."
BleepingComputer contacted Google and Facebook for more details, but did not receive a response prior to publication.
Updated March 20 at 17:46 EDT: A spokesman confirmed that Google was targeted by Rimasauskas BEC fraud attacks:
We detected this fraud and quickly alerted the authorities. We have recovered the funds and we are happy that this matter is resolved.