DEA: Top Hizballah terror financier arrested


FOR IMMEDIATE RELEASE

  Contact: DEA Public Affairs

  (202) 307-7977


Press Release

DEA NEWS: TOP HIZBALLAH TERROR FINANCIER ARRESTED

Kassim Tajideen is a specially designated terrorist charged with evading U.S. sanctions 

WASHINGTON – DEA and other federal officials today announced the arrest of Kassim Tajideen, a prominent financial supporter of the Hizballah terror organization. Tajideen is charged with evading U.S. sanctions imposed on him because of his financial support of Hizballah.

Tajideen, 62, of Beirut, Lebanon, was arrested overseas on March 12, 2017, based on an 11-count indictment unsealed today in the U.S. District Court for the District of Columbia following his arrival to the United States. Tajideen made his initial court appearance today before Magistrate Judge Robin M. Meriweather.   Tajideen pleaded not guilty and was ordered held pending a detention hearing set for March 29.

The arrest and indictment are the result of a two-year investigation led by the Drug Enforcement Administration (DEA) and assisted by U.S. Customs and Border Protection (CBP). The effort is part of DEA’s Project Cassandra, which targets Hizballah’s global criminal support network – dubbed by the DEA as the Business Affairs Component (BAC) that operates as a logistics, procurement and financing arm for Hizaballah.

Acting Assistant Attorney General Kenneth A. Blanco of the Justice Department’s Criminal Division, Acting Assistant Attorney General Mary McCord of the Justice Department’s National Security Division, U.S. Attorney Channing D. Phillips of the District of Columbia, DEA Special Agent in Charge Raymond Donovan of the Special Operations Division, and CBP Acting Commissioner Kevin K. McAleenan made the announcement.

“Kassim Tajideen posed a direct threat to safety and stability around the world,” said DEA Special Agent in Charge Donovan. “A prominent money man for Hizballah, Tajideen acted as a key source of funds for their global terror network. DEA and our partners are unrelenting in our pursuit of the world’s most dangerous terror and criminal networks and their many facilitators who threaten the rule of law and innocent lives.”

“Because of his support for Hizballah, a major international terrorist group, the U.S. government imposed sanctions on Kassim Tajideen in 2009 that barred him from doing business with U.S. individuals and companies,” said Acting Assistant Attorney General Blanco.  “Those sanctions are a powerful tool in our efforts to combat terrorists and those who would support them.  Indeed, the sanctions posed such a significant threat to Tajideen’s extensive business interests that he allegedly went to great lengths to evade them by hiding his identity from the U.S. entities he did business with, and from the government agencies responsible for enforcing the sanctions.  Thanks to the diligent work of our prosecutors and law enforcement partners, we broke through the web of intermediaries Tajideen allegedly used to conceal his involvement, and he has been brought to the United States to face justice.”

“Kassim Tajideen is alleged to have willfully flouted U.S. sanctions that were based on his prior support for Hizballah, a designated foreign terrorist organization,” said Acting Assistant Attorney General for National Security McCord. “Those sanctions are designed to protect our national security and public safety by limiting terrorists’ access to resources, and this extradition sends a clear message that we are resolved to find and hold accountable those who violate these laws.”

“The investigation of this case and the arrest and extradition of this defendant demonstrates our commitment to enforcing vitally important sanctions laws that are in place to protect our national security and foreign policy interests,” said U.S. Attorney Phillips. “Because of the hard work of law enforcement here and abroad, Kassim Tajideen will now face charges in an American courtroom.”

The indictment charges Tajideen with one count of willfully conspiring to violate the International Emergency Economic Powers Act (IEEPA) and the Global Terrorism Sanctions Regulations, seven counts of unlawful transactions with a Specially Designated Global Terrorist, and one count of conspiracy to launder monetary instruments. The indictment also indicates that the government will seek a forfeiture money judgment against the defendants equal to the value of any property, real or personal, which constitutes or is derived from proceeds traceable to these offenses.

According to the indictment, Tajideen allegedly presided over a multi-billion-dollar commodity distribution business that operates primarily in the Middle East and Africa through a web of vertically integrated companies, partnerships, and trade names.  The indictment further alleges that Tajideen and others engaged in an elaborate scheme to engage in business with U.S. companies while concealing Tajideen’s involvement in those transactions.

The Department of the Treasury’s Office of Foreign Assets Control named Tajideen a Specially Designated Global Terrorist on May 27, 2009.  This designation prohibits U.S. companies from transacting unlicensed business with Tajideen or any companies which are operated for his benefit – in essence stripping Tajideen’s global business empire of its ability to legally acquire goods from, or wire money into, the United States.  However, the indictment alleges that Tajideen restructured his business empire after the designation in order to evade the sanctions and continue conducting transactions with U.S. entities.  Tajideen and others are alleged to have created new trade names and to have misrepresented his ownership in certain entities in order to conceal Tajideen’s association.  The scheme allowed Tajideen’s companies to continue to illegally transact business directly with unwitting U.S. vendors, as well as to continue utilizing the U.S. financial and freight transportation systems to conduct wire transfers and move shipping containers despite the sanctions against Tajideen.

According to the indictment, between approximately July of 2013 until the present day, the conspirators illegally completed at least 47 individual wire transfers, totaling over approximately $27 million, to parties in the United States.  During the same time period, the conspirators caused dozens of illegal shipments of goods to leave U.S. ports for the benefit of Tajideen, without obtaining the proper licenses from the U.S. Department of the Treasury.

An indictment is merely a formal charge that a defendant has committed a violation of criminal laws and every defendant is presumed innocent until, and unless, proven guilty.

This investigation was carried out by the U.S. Attorney’s Office for the District of Columbia, the Criminal Division’s Money Laundering and Asset Recovery Section, the DEA and the U.S. Customs and Border Protection’s National Targeting Center Counter-Network Division, with assistance from the Criminal Division’s Office of International Affairs and the Counterintelligence and Export Control Section of the Department of Justice’s National Security Division.  The case is being prosecuted by Assistant U.S. Attorneys Thomas A. Gillice and Deborah Curtis and Special Assistant U.S. Attorney Jacqueline L. Barkett of the U.S. Attorney’s Office for the District of Columbia and Trial Attorney Joseph Palazzo from the Money Laundering and Asset Recovery Section.

Participating investigative agencies in DEA’s Project Cassandra include the DEA’s New Jersey Field Division and Special Operations Division and various DEA country offices, as well as the Treasury Department’s Office of Foreign Assets Control and Financial Crimes Enforcement Network.

Breaking News:Lithuanian Man Arrested For Theft Of Over $100 Million In Fraudulent Email Compromise Scheme Against Multinational Internet Companies


FOR IMMEDIATE RELEASE
Tuesday, March 21, 2017
Lithuanian Man Arrested For Theft Of Over $100 Million In Fraudulent Email Compromise Scheme Against Multinational Internet Companies
Joon H. Kim, the Acting United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced criminal charges against EVALDAS RIMASAUSKAS for orchestrating a fraudulent business email compromise scheme that induced two U.S.-based internet companies (the “Victim Companies”) to wire a total of over $100 million to bank accounts controlled by RIMASAUSKAS. RIMASAUSKAS was arrested late last week by authorities in Lithuania on the basis of a provisional arrest warrant.  The case has been assigned to U.S. District George B. Daniels.

Acting U.S. Attorney Joon H. Kim said:  “From half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals. And this arrest should serve as a warning to all cyber criminals that we will work to track them down, wherever they are, to hold them accountable. The charges and arrest in this case were made possible thanks to the terrific work of the FBI and the cooperation of the victim companies and their financial institutions. We thank the companies and their banks for acting quickly, coming forward promptly, and cooperating with law enforcement; it led not only to the charges announced today, but also the recovery of much of the stolen funds.”

FBI Assistant Director William F. Sweeney Jr. said:  “As alleged, Evaldas Rimasauskas carried out a business email compromise scheme creatively targeting two very specific victim companies. He was initially successful, acquiring over $100 million in proceeds that he wired to various bank accounts worldwide. But his footprint would eventually lead investigators to the truth, and today we expose his lies. Criminals continue to commit a wide variety of crimes online, and significant cyber data breaches have had a negative impact across a variety of industries. The FBI will continue to work with our domestic and international partners to pursue criminals who engage in this type of activity, wherever they may be hiding.”

According to the allegations contained in the Indictment unsealed today[1]:

From at least in or around 2013 through in or about 2015, RIMASAUSKAS orchestrated a fraudulent scheme designed to deceive the Victim Companies, including a multinational technology company and a multinational online social media company, into wiring funds to bank accounts controlled by RIMASAUSKAS.  Specifically, RIMASAUSKAS registered and incorporated a company in Latvia (“Company-2”) which bore the same name as an Asian-based computer hardware manufacturer (“Company-1”), and opened, maintained, and controlled various accounts at banks located in Latvia and Cyprus in the name of Company-2.  Thereafter, fraudulent phishing emails were sent to employees and agents of the Victim Companies, which regularly conducted multimillion-dollar transactions with Company-1, directing that money the Victim Companies owed Company-1 for legitimate goods and services be sent to Company-2’s bank accounts in Latvia and Cyprus, which were controlled by RIMASAUSKAS.  These emails purported to be from employees and agents of Company-1, and were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents of Company-1, but in truth and in fact, were neither sent nor authorized by Company-1.  This scheme succeeded in deceiving the Victim Companies into complying with the fraudulent wiring instructions.

After the Victim Companies wired funds intended for Company-1 to Company-2’s bank accounts in Latvia and Cyprus, RIMASAUSKAS caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.  RIMASAUSKAS also caused forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer.

Through these false and deceptive representations over the course of the scheme, RIMASAUSKAS, the defendant, caused the Victim Companies to transfer a total of over $100,000,000 in U.S. currency from the Victim Companies’ bank accounts to Company-2’s bank accounts.

RIMASAUSKAS, 48, of Vilnius, Lithuania, is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison, and one count of aggravated identity theft, which carries a mandatory minimum sentence of two years in prison.

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

Mr. Kim praised the outstanding investigative work of the FBI, and thanked the Prosecutor General’s Office of the Republic of Lithuania, the Lithuanian Criminal Police Bureau, the Vilnius District Prosecutor’s Office and the Economic Crime Investigation Board of Vilnius County Police Headquarters for their assistance in the investigation and arrests, as well as the Department of Justice’s Office of International Affairs.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorney Eun Young Choi is in charge of the prosecution.  Assistant U.S. Attorney Edward Diskant is handling the forfeiture aspects of the prosecution.

The charges contained in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.
[1] As the introductory phrase signifies, the entirety of the text of the Indictment, and the description of the Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.
17-093
USAO – New York, Southern
Topic:
Cyber Crime
Download U.S. v. Evaldas Rimasauskas Indictment
Updated March 21, 2017

ZTE Corporation Pleads Guilty for Violating U.S. Sanctions by Sending U.S.-Origin Items to Iran


Department of Justice

Office of Public Affairs

FOR IMMEDIATE RELEASE
Wednesday, March 22, 2017
ZTE Corporation Pleads Guilty for Violating U.S. Sanctions by Sending U.S.-Origin Items to Iran
ZTE Corporation pleaded guilty today to conspiring to violate the International Emergency Economic Powers Act (IEEPA) by illegally shipping U.S.-origin items to Iran, obstructing justice and making a material false statement.

Attorney General Jeff Sessions of the U.S. Department of Justice, Acting Assistant Attorney General Mary B. McCord for National Security, U.S. Attorney John R. Parker for the Northern District of Texas and Assistant Director Bill Priestap for the FBI’s Counterintelligence Division made the announcement today. The plea was entered before U.S. District Judge Ed Kinkeade.

Specifically, ZTE pleaded guilty to one count of conspiring to unlawfully export in violation of the IEEPA, one count of obstruction of justice and one count of making a material false statement. ZTE agreed to pay a fine in the amount of $286,992,532 and a criminal forfeiture in the amount of $143,496,266, and submit to a three-year period of corporate probation, during which time an independent corporate compliance monitor will review and report on ZTE’s export compliance program.

As previously announced on March 7, at the time that ZTE agreed to plead guilty, the Corporation simultaneously reached settlement agreements with the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) and the U.S. Department of the Treasury’s Office of Foreign Assets Control. In total ZTE has agreed to pay the U.S. Government $892,360,064. The BIS has suspended an additional $300,000,000, which ZTE will pay if it violates its settlement agreement with the BIS.

According to plea documents filed in the case, between January 2010 and January 2016, ZTE, either directly or indirectly through a third company, shipped approximately $32,000,000 of U.S.-origin items to Iran without obtaining the proper export licenses from the U.S. government. In early 2010, ZTE began bidding on two different Iranian projects. The projects involved installing cellular and landline network infrastructure. Each contract was worth hundreds of millions of U.S. Dollars and required U.S. components for the final products.

In December 2010, ZTE finalized the contracts with Iranian customers. The contracts were signed by four parties: the Iranian customer, ZTE, Beijing 8 Star and ZTE Parsian (ZTE’s subsidiary in Iran). Court documents explain that ZTE identified Beijing 8 Star (8S) as a possible vehicle for hiding its illegal shipments of U.S. items to Iran. It intended to use 8S to export U.S.-origin items from China to ZTE customers in Iran. As part of this plan, ZTE supplied 8S with necessary capital and took over control of the company.

Under the terms of the Iran contracts, ZTE agreed to supply the “self-developed equipment,” collect payments for the projects and manage the whole network. ZTE Parsian was to provide locally purchased materials and all services. 8S was responsible for “relevant third-party equipment,” which primarily meant parts that would be subject to U.S. export laws. ZTE intended for 8S to be an “isolation company,” that is, ZTE intended for 8S (rather than ZTE) to purchase the embargoed equipment from suppliers and provide that equipment under the contract in an effort to distance ZTE from U.S. export-controlled products, and insulate ZTE from U.S. export violations. However, 8S had no purchasing or shipping history and no real business reputation.

Ultimately, although 8S was a party to the contracts, ZTE itself purchased and shipped the embargoed goods under the contract. In its shipping containers, it packaged the U.S. items with its own self-manufactured items to hide the U.S.-origin goods. ZTE did not include the U.S. items on the customs declaration forms, though it did include the U.S.-origin items on the packing lists included inside of the shipments.

In early 2011, when ZTE determined that the use of 8S was insufficient to hide ZTE’s connection to the illegal export of U.S.-origin goods to Iran, senior management of ZTE ordered that a company-level export control project team study, handle and respond to the company’s export control risks. In September 2011, four senior managers signed an Executive Memo, which proposed that the company identify and establish new “isolation companies” that would be responsible for supplying U.S. component parts necessary for projects in embargoed countries. The isolation companies would conceal ZTE’s role in the transshipment scheme and would insulate ZTE from export control risks.

In March 2012, Reuters published an article regarding ZTE’s sale of equipment to Iran. In response, ZTE made a decision to temporarily cease sending new U.S. equipment to Iran. By November 2013, however, ZTE had resumed its business with Iran. Beginning in July 2014, ZTE began shipping U.S.-origin equipment to Iran once again without the necessary licenses.

Instead of using 8S, however, ZTE identified a new isolation company. ZTE signed a contract with the new isolation company, which in turn signed contracts with the two Iranian customers. According to the new scheme, ZTE purchased and manufactured all relevant equipment – both U.S.-origin and ZTE-manufactured – and prepared them for pick-up at its warehouse by the new isolation company. The new isolation company then shipped all items to the Iranian customers. Shipments to Iran continued from January 2014 through January 2016.

Despite its knowledge of an ongoing grand jury investigation into its Iran exports, according to plea documents, ZTE took several steps to conceal relevant information from the U.S. government. It further took affirmative steps to mislead the U.S. government. In the summer of 2012, ZTE asked each of the employees who were involved in the Iran sales to sign nondisclosure agreements in which the employees agreed to keep confidential all information related to the company’s U.S. exports to Iran.

During meetings throughout late 2014, late 2015 and early 2016, outside counsel for ZTE, unaware that the statements ZTE had given to counsel for communication to the U.S. Government were false, represented to the DOJ and federal law enforcement agents that ZTE had stopped doing business with Iran and therefore was no longer violating U.S. export laws. Similarly, on July 8, 2015, in-house counsel for ZTE accompanied outside counsel in a meeting with the DOJ and federal law enforcement agents and reported that ZTE was abiding by U.S. laws. That statement was also false.

ZTE also hid data related to its resumed illegal sales to Iran from a forensic accounting firm hired by defense counsel to conduct an internal investigation into the company’s Iran sales. ZTE knew the forensic accounting firm was reviewing its systems and knew that the analysis was being reported to the DOJ and U.S. law enforcement. To avoid detection of its 2013-2016 resumed illegal sales to Iran, ZTE formed the “contract data induction team” (“CDIT”). The CDIT was comprised of approximately 13 people whose job it was to “sanitize the databases” of all information related to the 2013-2016 Iran business. The team identified and removed from the databases all data related to those sales. ZTE also established an auto-delete function for the email accounts of those 13 individuals on the CDIT, so their emails were deleted every night – a departure from its normal practices – to ensure there were no communications related to the hiding of the data.

The case is being prosecuted by Deputy Chief Elizabeth Cannon of the National Security Division’s Counterintelligence and Export Control Section and Assistant U.S. Attorney Mark Penley of the Northern District of Texas.
17-304
National Security Division (NSD)
USAO – Texas, Northern
Topic:
Counterintelligence and Export Control
Updated March 23, 2017

Aviation Phishing Scams


U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

Aviation Phishing Scams

03/23/2017 04:27 PM EDT
Original release date: March 23, 2017
US-CERT has received reports of email-based phishing campaigns targeting airline consumers. Systems infected through phishing campaigns act as an entry point for attackers to gain access to sensitive business or personal information.

US-CERT encourages users and administrators to review an airline Security Advisory and US-CERT’s Security Tip ST04-014 for more information on phishing attacks.

Cisco Releases Security Updates


U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

03/22/2017 06:02 PM EDT
Original release date: March 22, 2017
Cisco has released security updates to address vulnerabilities in its IOS, IOS XE, and IOx Software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system or cause a denial-of-service condition.Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)


U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

03/22/2017 01:20 PM EDT
Original release date: March 22, 2017
The Network Time Foundation’s NTP Project has has released version ntp-4.2.8p10 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the NTP Security Notice Page for vulnerability and mitigation details.