Friday, August 5, 2011

Complete DHS Daily Report for August 5, 2011

Daily Report

Top Stories

• An Arkansas lawyer pled guilty to a bond scheme that caused Arkansas banks to lose $40 million and resulted in one bank failure, Arkansas New Bureau reports. (See item 17)

17. August 3, Arkansas News Bureau – (Arkansas) Lawyer pleads guilty in biggest fraud case in Arkansas history. A Little Rock, Arkansas lawyer whose scheme to issue bogus bonds caused the failure of a Batesville bank pleaded guilty August 3 in what a federal prosecutor called the largest fraud in Arkansas history. The lawyer pleaded guilty to one count of bank fraud. The total loss from his scheme has been estimated at $39.9 million. In a news conference after the plea, a U.S. attorney for the Eastern District of Arkansas said the lawyer issued fraudulent rural improvement district bonds and used the bonds as collateral to obtain loans, the proceeds from which he used to continue issuing bonds as well as funding several businesses he was involved in and maintaining “a very opulent lifestyle.” The scheme began to come to light in October 2010, when the Federal Deposit Insurance Corporation (FDIC) discovered during a routine bank audit that First Southern Bank in Batesville had a bond portfolio that included $23 million in rural improvement district bonds created by the lawyer. He and his family’s PA Alliance Trust were majority shareholders in the bank. The FDIC discovered the bonds were fraudulent and reported its findings to the FBI and the U.S. attorney’s office. In December, the FDIC shut down the bank and entered into an agreement with a Missouri bank to take over its assets and deposits. Other banks from which the lawyer obtained loans using fraudulent bonds as collateral included Centennial Bank, Citizens, Liberty Bank, First Community, Allied, Simmons, and Regions Bank. A U.S. attorney said the ”intended loss,” or the amount the man intended to steal through fraud, was $47 million. Source: http://arkansasnews.com/2011/08/03/lawyer-pleads-guilty-to-defrauding-banks-agrees-to-repay-40-million/

• Cargill announced August 3 it is recalling 36 million pounds of ground turkey that may be contaminated with a multi-drug resistant Salmonella strain linked to 76 illnesses and one death, according to Food Safety News. (See item 25)

25. August 4, Food Safety News – (Arkansas; National) Cargill recalls 36 million pounds of ground turkey. Cargill announced August 3 it is recalling almost 36 million pounds of ground turkey products that may be contaminated with a multi-drug resistant strain of Salmonella Heidelberg, a pathogen linked to at least 76 illnesses across the United States, and one death in California. The recalled meat came from a single processing facility in Springdale, Arkansas, but ended up in dozens of different ground turkey products sold nationwide under a variety of brand names including Honeysuckle White, Shady Brook Farms, Riverside, Aldi's Fit and Active Fresh, Spartan, Giant Eagle, Kroger, and Safeway. Cargill is recalling products produced between February 20 through August 2, and halting production of ground turkey products at the facility until the source of contamination is identified and corrected. The Centers for Disease Control and Prevention (CDC) announced the agency found four retail ground turkey samples to be positive for the same strain of Salmonella Heidelberg between early March and late June. The samples were taken as part of routine sampling for the National Antimicrobial Resistance Monitoring System, and had "not been linked to illnesses" so they did not spark a recall. As late as August 2, U.S. Department of Agriculture Food Safety and Inspection Service officials said there was not enough evidence to substantiate a recall. The agency said August 3 that epidemiologic and traceback investigations, as well as in-plant findings, led the agency to determine there is a link between the Cargill ground turkey products and the outbreak. Source: http://www.foodsafetynews.com/2011/08/cargill-recalls-36-million-pounds-of-ground-turkey/

Details

Banking and Finance Sector

17. August 3, Arkansas News Bureau – (Arkansas) Lawyer pleads guilty in biggest fraud case in Arkansas history. A Little Rock, Arkansas lawyer whose scheme to issue bogus bonds caused the failure of a Batesville bank pleaded guilty August 3 in what a federal prosecutor called the largest fraud in Arkansas history. The lawyer pleaded guilty to one count of bank fraud. The total loss from his scheme has been estimated at $39.9 million. In a news conference after the plea, a U.S. attorney for the Eastern District of Arkansas said the lawyer issued fraudulent rural improvement district bonds and used the bonds as collateral to obtain loans, the proceeds from which he used to continue issuing bonds as well as funding several businesses he was involved in and maintaining “a very opulent lifestyle.” The scheme began to come to light in October 2010, when the Federal Deposit Insurance Corporation (FDIC) discovered during a routine bank audit that First Southern Bank in Batesville had a bond portfolio that included $23 million in rural improvement district bonds created by the lawyer. He and his family’s PA Alliance Trust were majority shareholders in the bank. The FDIC discovered the bonds were fraudulent and reported its findings to the FBI and the U.S. attorney’s office. In December, the FDIC shut down the bank and entered into an agreement with a Missouri bank to take over its assets and deposits. Other banks from which the lawyer obtained loans using fraudulent bonds as collateral included Centennial Bank, Citizens, Liberty Bank, First Community, Allied, Simmons, and Regions Bank. A U.S. attorney said the ”intended loss,” or the amount the man intended to steal through fraud, was $47 million. Source: http://arkansasnews.com/2011/08/03/lawyer-pleads-guilty-to-defrauding-banks-agrees-to-repay-40-million/

18. August 3, Palm Beach Post – (Florida) Palm Beach, Delray loan officers plead guilty in $2.5M mortgage scheme. Three of the four loan officers charged in a $2.5 million reverse mortgage and loan modification scheme have plead guilty in a federal court in Miami, Florida, a news release from the U.S. Department of Justice said August 3. The defendants were charged with one count of conspiracy to commit wire fraud for their participation in the scheme, the release said. The fourth defendant is scheduled to appear in court August 10. According to the news release, from May 2009 to November 2010, the defendants defrauded borrowers Genworth Financial Home Equity Access, Inc. and the Federal Housing Administration, causing one Genworth to approve and the FHA to insure more than $2.57 million in reverse mortgage loans. One defendant received loan proceeds from Genworth totalling $2.57 million and fraudulently diverted at least $988,000 to a bank account controlled by two of the other defendants, according to the release. To cover their tracks, the defendants engaged in a loan modification scheme to hide the existence of the Genworth reverse mortgage transactions from the original mortgage lenders, whose loans remained unpaid. The release said, in other instances, the defendants also made monthly mortgage payments to the borrowers' original lenders. Source: http://www.palmbeachpost.com/money/real-estate/palm-beach-delray-loan-officers-plead-guilty-in-1691100.html

19. August 3, Federal Bureau of Investigation – (Virginia) Loan officer from Springfield, Washington admits guilty to mortgage fraud. A 48-year-old man from Springfield pleaded guilty August 3 to using his position as a loan officer to carry out a multi-million-dollar mortgage fraud scheme involving more than 15 homes in Northern Virginia. The man pleaded guilty to one count of an indictment charging him with conspiracy to commit wire fraud. He faces a maximum penalty of 20 years in prison when he is sentenced November 4. According to court documents, the former loan officer at the Falls Church branch of SunTrust Mortgage, prepared and submitted false, fraudulent, and misleading mortgage loan applications for unqualified buyers — individuals who lacked the finances, credit rating, or legal status to obtain a certain loan amount. The fraudulent applications contained false information regarding applicants’ employment, income, assets, immigration status, and intent to live in the property as a primary residence. As part of the fraud scheme, the convict taught his co-conspirators how to create fake documents to corroborate false data contained in the loan applications. The total amount of mortgage loans approved through the conspiracy exceeded $6.5 million. The total loss attributable directly to the man is more than $2.5 million. In related matters, three loan officers have pled guilty to their roles as loan officer assistants in the conspiracy. Source: http://www.loansafe.org/loan-officer-from-springfield-washington-admits-guilty-to-mortgage-fraud

20. August 3, St. Louis Post-Dispatch – (Missouri) Belleville broker admits $2.4 million Ponzi scheme. A Belleville, Missouri broker pleaded guilty to mail fraud and money laundering August 3 and admitted running a $2.4 million, 20-year Ponzi scheme. The broker ran Financial Services Moskop and Associates for roughly 6 years before he was barred from selling securities in 1990. From that point until last year, he pretended to act as a broker. He told clients their funds were invested in various mutual funds or CDs, when he actually just deposited their checks in the bank, his plea agreement says. The broker made $985,000 in "lulling" payments to clients to keep the ruse running, but 17 people or couples lost more than $1.4 million. Some lost only a few thousand, and one woman was paid more than she put in. But one couple lost $353,000 to the scheme, court records show. Source: http://www.stltoday.com/news/local/illinois/article_dab9b3fc-be0b-11e0-8f8e-0019bb30f31a.html

For another story, see item 40 below in the Information Technology Sector

Information Technology Sector

37. August 4, Computerworld – (International) Researcher follows RSA hacking trail to China. Malware used in the attack against RSA Security earlier this year was controlled from China, a well-known botnet researcher said August 3. The director of malware research for Dell SecureWorks, traced the command-and-control (C&C) servers used to oversee the RSA attack to networks in Beijing and Shanghai. "This gives us the where, but not the who," he said when asked whether his work had come up with clues about the attack's architects. In mid-March, RSA confirmed it had been targeted by hackers who had breached its network defenses and stole proprietary information. Although RSA never detailed what was stolen, it admitted data related to the company's SecurID two-factor authentication products was part of the haul. The attack was expensive for RSA, which in a recent earnings report said it had spent $66 million to replace customers' SecurID tokens that are used by man defense contractors and government agencies. The attackers gained access to RSA's network by convincing a small number of the company's employees to open malware-infected Excel spreadsheets. The spreadsheets included an exploit for a then-unpatched vulnerability in Adobe's Flash Player. Later attacks on defense contractor Lockheed Martin reportedly utilized information obtained in the RSA hack. In his months-long project, the researcher uncovered the location of the malware's command servers by using error messages displayed by a popular tool called "HTran", which Chinese hackers often bundle with their code. HTran bounces traffic between multiple IP addresses to mask the real identity of the order-giving servers, making it appear, for instance, that the C&C servers are in the United States when they are not. Source: http://www.computerworld.com/s/article/9218857/Researcher_follows_RSA_hacking_trail_to_China

38. August 4, The Register – (International) Cybercrooks exploit interest in Harry Potter ebook site. Malware-slingers are tapping into the buzz around a new Harry Potter site to mount a variety of scams designed to either defraud, infect, or otherwise con would-be victims. Pottermore, currently in beta, has been set up to sell ebooks of the Harry Potter novels, along with additional content such as background details and settings. Fans of the series are not so patiently waiting for the site to become generally available in early October. In the meantime, this anxiousness makes them more than suitable targets for scammers. Cyber-tricksters are offering to pre-register users as well as buying or selling accounts via eBay, net security firm GFI Software warns. Supposed account are on offer at around $100 a pop. The official Pottermore blog strongly advises against buying accounts on eBay, or handing over personal data to supposed pre-registration services. The transfer of accounts is prohibited under the terms and conditions of the site. "We have the right to terminate any Pottermore accounts that are sold online," it said. In addition, scammers are punting supposed account access as a "download" via YouTube. Users are asked to fill in a survey before they are allowed access. Interest in the Pottermore site is also being abused as part of a search engine poisoning scam designed to trick Potter fans into scareware portals that run bogus scans of surfers' PCs to fool them into buying fake anti-virus software. Source: http://www.theregister.co.uk/2011/08/04/pottermania_scam_fiesta/

39. August 4, The Register – (International) Anonymous unsheathes new, potent attack weapon. Members of Anonymous are developing a new attack tool as an alternative to the LOIC (Low Orbit Ion Cannon) DDoS utility. The move follows a spate of arrests thought to be connected to use of the LOIC, which by default does nothing to hide a user's identity. The new tool, dubbed RefRef, due to be released in September, uses a different approach to knocking out Web sites. LOIC floods a targeted site with TCP or UDP packets, a relatively unsophisticated yet effective approach, especially when thousands of users use the tool to join voluntary botnets. RefRef, by contrast, is based on a more sophisticated application-level approach designed to tie up or crash the servers behind targeted Web sites instead of simply flooding them with junk traffic, according to a blog post on the development by an Anonymous-affiliated blog. Arrests in England, Spain, and Turkey connected to LOIC-powered attacks have already prompted some core members of Anonymous to move towards using a new server and dropping LOIC in favor of other attack tools, such as Slow Loris and Keep-Dead DoS. This now seems to be purely a stop-gap measure while RefRef is under development. Source: http://www.theregister.co.uk/2011/08/04/anon_develops_loic_ddos_alternative/

40. August 3, eWeek – (International) Android malware affected up to 1M users in 2011. Android smartphone owners have plenty to be wary of on the security front, according to a new report from Lookout Mobile Security. Android handset users are 2.5 times more likely to be affected by malware today than they were 6 months ago, as anywhere from 500,000 to 1 million users were impacted by malware on their smartphone or tablet computer, Lookout said in its new 2011 Mobile Threat report. Moreover, 3 out of 10 Android gadget owners are likely to encounter a Web-based threat on their device each year, with the number of Android apps infected with malware soaring from 80 apps in January to more than 400 apps through June 2011. Lookout, whose report includes aggregated data from more than 700,000 applications and 10 million devices worldwide, noted that "attackers are deploying a variety of increasingly sophisticated techniques to take control of the phone, personal data, and money." One such data-chomping exploit involved an Android malware package that records the phone conversations of mobile phone users affected with the payload. Lookout said mobile payment services, which includes Google Wallet, ISIS, and American Express' Serve, are key attack vectors. Source: http://www.eweek.com/c/a/Security/Android-Malware-Affects-Up-to-1M-Users-in-2011-137686/

For another story item 41 below in the Communications Sector

Communications Sector

41. August 3, KWCH 12 Wichita – (Kansas) Copper thieves strike AT&T phone line in N. Wichita. Police in Wichita, Kansas, are looking for thieves who stole around $6,000 worth of copper wire from an AT&T site. It happened sometime between July 31 and August 1 in the 2400 block of W. 29th Street North. Police said thieves stole 65 feet of copper wire, wiping out telephone and data in that area. The Sedgwick County Law Enforcement Training Center is among those that lost telephone lines and Internet service, but it has since been restored. Source: http://articles.kwch.com/2011-08-03/at-t-site_29848413

For another story item 40 above in the Information Technology Sector