Hackers stole $23 million (£18m) from the US Department of Defence in 2018 through an eloaborate phishing scam, according to the US Justice Department, which said it has successfully convicted two of the conspirators.
Sercan Oyuntur, 40, of Northridge, California, was convicted of counts including wire fraud, bank fraud and aggravated identity theft last week, following an eight-day trial in Camden, New Jersey federal court.
Another conspirator, Hurriyet Arslan, of New Jersey, pleaded guilty in January 2020 to conspiracy, bank fraud and money laundering and is due to be sentenced in June, the Justice Department said.
From June to September 2018 the two men, along with others in Germany and Turkey, circulated phishing emails to various government contractors.
One of these, a jet fuel supplier’s intermediary based in New Jersey, was tricked by the scheme into supplying his login credentials to a malicious website posing as the General Services Administration’s public-facing site.
Arslan, who oned a used car dealership called Deal Automotive Sales in Florence, New Jersey, was tasked with creating a shell company, setting up a mobile phone number for the firm, hiring someone to pose as the firm’s owner and opening a bank account in the firm’s name.
On 10 October, 2018, based on fraudulent information suplied by Oyuntur and the others, the Department of Defence transferred $23.5m intended to pay for jet fuel into the Deal Automotive bank account.
Arslan was able to access some of the funds, but the bank wouldn’t release the balance.
The conspirators then obtained a falsified government contract from a collaborator in Turkey indicating that the used car dealership had obtained a defence contract worth $23m in an effort to convince the bank to provide access to the remaining funds.
The combined maximum prison sentences for Oyuntur’s charges amount to 107 years, while the fines for the fraud charges amount to $3m or twice the gross profits or loss relatd to the offence, whichever is greater, the Department of Justice said.
The remaining charges mean a potential $250,000 fine or twice the gain or loss from the offence, whichever is greater.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…