Six Charged in Silicon Valley Insider Trading Ring

FOR IMMEDIATE RELEASE

2021-103

Washington D.C., June 15, 2021 —

The Securities and Exchange Commission today announced insider trading charges against a Silicon Valley trading ring whose members generated nearly $1.7 million in illegal profits and losses avoided by trading on the confidential earnings information of two local technology companies.

According to the SEC’s complaint, Nathaniel Brown, who served as the revenue recognition manager for Infinera Corporation, repeatedly tipped Infinera’s unannounced quarterly earnings and financial performance to his best friend, Benjamin Wylam, from April 2016 until Brown left the company in November 2017. The SEC’s complaint alleges that Wylam, a high school teacher and bookmaker, traded on this information and also tipped Naveen Sood, who owed Wylam a six-figure gambling debt. Sood allegedly traded on this information and tipped his three friends Marcus Bannon, Matthew Rauch, and Naresh Ramaiya, each of whom also illegally traded on the information.

The SEC’s complaint further alleges that Bannon tipped Sood with material, nonpublic information concerning Bannon’s employer, Fortinet Inc. As alleged in the complaint, Bannon learned in early October 2016 that Fortinet was going to unexpectedly announce preliminary negative financial results. Bannon allegedly tipped this information to Sood, who used it to trade. After learning the information, Sood allegedly tipped Wylam and Ramaiya, who also traded.

“Using sophisticated data analysis, the SEC was able to uncover this insider trading ring and hold each of its participants accountable to ensure the integrity of our markets,” said Joseph Sansone, Chief of the SEC Enforcement Division’s Market Abuse Unit. “The Commission considered relevant circumstances, including Bannon’s medical condition, in accepting these defendants’ settlement offers in order to address the concerted misconduct alleged in our complaint, which involved insider trading in the securities of two different companies for more than a year.”

The SEC’s complaint charges Brown, Wylam, Sood, Bannon, Rauch, and Ramaiya with violating Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder. Bannon, Rauch, and Ramaiya consented to the entry of final judgments without admitting or denying the allegations in the complaint. Bannon agreed to pay a civil penalty of $281,497, Rauch agreed to pay a civil penalty of $128,230, and Ramaiya agreed to pay a civil penalty of $65,780. Sood also consented to the entry of a final judgment and agreed to pay a civil penalty of $178,320. The final judgments, which require court approval, would permanently enjoin Bannon, Rauch, Ramaiya, and Sood from violating Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder. Wylam has consented to a permanent injunction with civil penalties, if any, to be decided later by the court. The SEC’s litigation against Brown is continuing.

In parallel proceedings, the U.S. Attorney’s Office for the Northern District of California today announced related criminal charges against Brown, Wylam, and Sood.

The SEC’s investigation was conducted by Colby Steele and David Bennett with the assistance of Matthew Koop, Darren Boerner, and Patrick McCluskey in the Enforcement Division’s Market Abuse Unit. The case was supervised by Paul Kim and Mr. Sansone. The litigation will be led by Alfred Day, Timothy Halloran, and Stephan Schlegelmilch. The SEC appreciates the assistance of the U.S. Attorney’s Office for the Northern District of California and the Federal Bureau of Investigation.

https://www.sec.gov/news/press-release/2021-103

SEC Charges Issuer With Cybersecurity Disclosure Controls Failures

FOR IMMEDIATE RELEASE

2021-102

Washington D.C., June 15, 2021 —

The Securities and Exchange Commission today announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.

According to the SEC’s order, on the morning of May 24, 2019, a cybersecurity journalist notified First American of a vulnerability with its application for sharing document images that exposed over 800 million images dating back to 2003, including images containing sensitive personal data such as social security numbers and financial information. In response, according to the order, First American issued a press statement on the evening of May 24, 2019, and furnished a Form 8-K to the Commission on May 28, 2019. However, according to the order, First American’s senior executives responsible for these public statements were not apprised of certain information that was relevant to their assessment of the company’s disclosure response to the vulnerability and the magnitude of the resulting risk. In particular, the order finds that First American’s senior executives were not informed that the company’s information security personnel had identified the vulnerability several months earlier, but had failed to remediate it in accordance with the company’s policies. The order finds that First American failed to maintain disclosure controls and procedures designed to ensure that all available, relevant information concerning the vulnerability was analyzed for disclosure in the company’s public reports filed with the Commission.

“As a result of First American’s deficient disclosure controls, senior management was completely unaware of this vulnerability and the company’s failure to remediate it,” said Kristina Littman, Chief of the SEC Enforcement Division’s Cyber Unit. “Issuers must ensure that information important to investors is reported up the corporate ladder to those responsible for disclosures.”

The SEC’s order charges First American with violating Rule 13a-15(a) of the Exchange Act. Without admitting or denying the SEC’s findings, First American agreed to a cease-and-desist order and to pay a $487,616 penalty.

The SEC’s investigation was conducted by Brent W. Wilner of the Cyber Unit with assistance from Amy J. Longo of the Trial Unit, and was supervised by Diana K. Tani and Ms. Littman of the Cyber Unit. The SEC appreciates the assistance of the New York State Department of Financial Services.

https://www.sec.gov/news/press-release/2021-102

U.S. Attorney’s Office

Middle District of Florida

FOR IMMEDIATE RELEASE

Wednesday, June 16, 2021

Arkansas Man Pleads Guilty To Soliciting And Paying For The Production Of A Video Depicting A 9-Year-Old Child Being Molested

Jacksonville, Florida – Cody Dillon Hogan (26, Leachville, Arkansas) has pleaded guilty to using the internet to solicit and pay an individual to molest a 9-year-old child and to creating a video recording depicting this sexual abuse. Hogan faces a mandatory minimum penalty of 15 years, and up to 30 years, in federal prison and a potential life term of supervised release. Hogan was arrested on November 9, 2020, at his residence in Arkansas and remains in custody. A sentencing date has not yet been set.

According to court documents, in December 2019, an undercover FBI agent in Jacksonville, who was posing as a parent of a 9-year-old child, made contact with Hogan in a particular online chat application. During an online session, Hogan, using the online name “stonetelephone,” sent the undercover agent a photo of his own genitalia and asked for “naughty” photos of the purported 9-year-old “child.” Hogan offered to pay the “parent” to create and send him a video of the “child” being sexually abused. Hogan gave specific instructions as to how he wanted to see the “child” molested in the video, and he sent the agent a $50 gift card as payment for the requested video. For several weeks, Hogan continued to solicit the undercover agent to produce and send him a video of the 9-year-old “child” being molested, and he provided advice on various ways to send it to him over the internet using group sharing accounts and online cloud storage. During one particular online chat, Hogan stated, “After I see this video there could be all kinds of money and requests coming your way lol.”

Subsequently, FBI agents and other law enforcement officers executed a federal search warrant at Hogan’s residence in Arkansas and placed him under arrest. During an interview with FBI agents, Hogan admitted that he had engaged in online conversations with the mother of a 9-year-old child about producing and sending him a pornographic video of the child. He also stated that he had successfully solicited at least three other children to produce and send him sexually explicit photos of themselves. A search of Hogan’s cellphone and his homemade computer revealed that these devices contained hundreds of videos and images depicting the sexual abuse of young children, including sadistic and masochistic conduct.

This case was investigated by the Federal Bureau of Investigation in Jacksonville and Memphis and the Jonesboro (Arkansas) Police Department. It is being prosecuted by Assistant United States Attorney D. Rodney Brown.

It is another case brought as part of Project Safe Childhood, a nationwide initiative launched in May 2006 by the Department of Justice to combat the growing epidemic of child sexual exploitation and abuse. Led by the United States Attorneys’ Offices and the Criminal Division's Child Exploitation and Obscenity Section, Project Safe Childhood marshals federal, state, and local resources to locate, apprehend, and prosecute individuals who sexually exploit children, and to identify and rescue victims. For more information about Project Safe Childhood, please visit www.justice.gov/psc.

https://www.justice.gov/usao-mdfl/pr/arkansas-man-pleads-guilty-soliciting-and-paying-production-video-depicting-9-year-old

U.S. Attorney’s Office

District of New Hampshire

FOR IMMEDIATE RELEASE

Wednesday, June 16, 2021

Rochester Man Indicted for Possession of Child Pornography

CONCORD –Michael Clemence, 35, of Rochester was indicted by a federal grand jury on Monday and charged with one count of possession of child pornography, Acting United States Attorney John J. Farley announced today.

Clemence was arrested on June 7, 2021 and is currently detained.

According to the original complaint filed in court, federal agents located one or more images of child pornography on electronic devices seized from Clemence’s residence during the execution of a federal search warrant on June 4, 2021. The investigation into Clemence stemmed from a larger investigation into child exploitation material on the “dark web.”

The investigation is ongoing. Anyone with information regarding this matter is encouraged to contact Homeland Security Investigations at 603-629-2716.

The charges in the indictment are only allegations. The defendant is presumed to be innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

The case was investigated by the Homeland Security Investigations and the Rochester Police Department and is being prosecuted by Assistant U.S. Attorneys Kasey Weiland and Anna Krasinski.

https://www.justice.gov/usao-nh/pr/rochester-man-indicted-possession-child-pornography

“It’s a huge loss,” Black Lives Matter Cleveland co-founder Kareem Henton said. “Prof. Hardaway has been the one that has really been fighting hard to keep them on task.”

https://www.ideastream.org/news/ayesha-bell-hardaway-forced-out-of-cleveland-police-monitoring-team

U.S. Attorney’s Office

District of Connecticut

FOR IMMEDIATE RELEASE

Wednesday, June 16, 2021

Russian National Convicted of Charges Relating to Kelihos Botnet

Helped Hackers Evade Defenses of U.S. Businesses and Conduct Ransomware Attacks

A federal jury in Hartford convicted a Russian national yesterday for his role in operating a “crypting” service used to conceal “Kelihos” malware from antivirus software, enabling hackers to systematically infect victim computers around the world with malicious software, including ransomware. Oleg Koshkin, 41, formerly of Estonia, was convicted of one count of conspiracy to commit computer fraud and abuse and one count of aiding and abetting computer fraud and abuse. He faces a maximum penalty of 15 years in prison and is scheduled to be sentenced on September 20.

“By operating a website that was intended to hide malware from antivirus programs, Koshkin provided a critical service that enabled other cyber criminals to infect thousands of computers around the world,” said Acting U.S. Attorney Leonard C Boyle. “We will investigate and prosecute the individuals who aid and abet cyber criminals as vigorously as we do the ones who actually hit the ‘send’ button on viruses and other malicious software.”

“The defendant designed and operated a service that was an essential tool for some of the world’s most destructive cybercriminals, including ransomware attackers,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department's Criminal Division. “The verdict should serve as a warning to those who provide infrastructure to cybercriminals: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable — and we will work tirelessly to bring you to justice.”

“Mr. Koshkin and his associates knowingly provided crypting services designed to help malicious software bypass anti-virus software,” said Special Agent in Charge David Sundberg of the FBI’s New Haven Division. “The criminal nature of the Crypt4U service was a clear threat to the confidentiality, integrity and availability of computer systems everywhere. We at the FBI will never stop pursuing those like Mr. Koshkin for perpetrating cyber crimes and threats to the public at large.”

According to court documents and evidence introduced during the trial, Koshkin operated the websites “crypt4u.com,” “fud.bz,” and others. The websites promised to render malicious software fully undetectable (FUD) by nearly every major provider of antivirus software. Koshkin and his co-conspirators claimed that their services could be used for malware such as botnets, remote access trojans (RATs), keyloggers, credential stealers, and cryptocurrency miners.

In particular, Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day. Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates. The Kelihos botnet was used by Levashov to send spam, harvest account credentials, conduct denial of service attacks, and to distribute ransomware and other malicious software. At the time it was dismantled by the FBI, the Kelihos botnet was known to include at least 50,000 compromised computers around the world.

Koshkin was arrested in California on September 6, 2019, and has been detained since his arrest.

https://www.justice.gov/usao-ct/pr/russian-national-convicted-charges-relating-kelihos-botnet

>>13916738

Koshkin’s co-defendant, Pavel Tsurkan, is charged with conspiring to cause damage to 10 or more protected computers, and aiding and abetting Levashov in causing damage to 10 or more protected computers. He is released on bond while awaiting trial.

As to Tsurkan, an indictment is merely an allegation, and a defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

Levashov was arrested by the Spanish National Police on April 7, 2017, and extradited to the United States. On September 12, 2018, he pleaded guilty to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of wire fraud, and one count of aggravated identity theft.

The FBI’s New Haven Division is investigating the case through its Connecticut Cyber Task Force. Assistant U.S. Attorney Edward Chang of the United States Attorney’s Office and Senior Counsel Ryan K.J. Dickey of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case, with assistance from the Criminal Division’s Office of International Affairs. The Estonian Police and Border Guard Board also provided significant assistance.

In April 2021, the Department of Justice announced the creation of the Ransomware and Digital Extortion Task Force to combat the growing number of ransomware and digital extortion attacks. As part of the Task Force, the Criminal Division, working with the U.S. Attorneys’ Offices, prioritizes the disruption, investigation, and prosecution of ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes. The department, through the Task Force, also strategically targets the ransomware criminal ecosystem as a whole and collaborates with domestic and foreign government agencies as well as private sector partners to combat this significant criminal threat.

http://www.borderlandbeat.com/2020/08/five-federal-judges-and-magistrates.html

After the murder of Judge Uriel Villegas, federal judges and magistrates, as well as federal senators and private initiative, asked to review the protection protocols in the Judiciary. One of the recommendations that was repeated the most was that of the “faceless judges”.

It is a measure to protect judges in a context of violence, to allow them to work with impartiality and without fear, where their identity is not revealed in sensitive cases that involve drug trafficking, but also high-profile cases and other serious crimes.

And, despite the fact that Villegas had requested that the assigned protection stop, there are other cases in which the judges do request that they and their families be considered for the security protocol. The Judiciary has indicated that any judge or magistrate who requests it has been granted the measure.

>>13916831

https://trumpwhitehouse.archives.gov/presidential-actions/executive-order-protecting-law-enforcement-officers-judges-prosecutors-families/

Section 1. Declassification and Release. At my request, on December 30, 2020, the Department of Justice provided the White House with a binder of materials related to the Federal Bureau of Investigation’s Crossfire Hurricane investigation. Portions of the documents in the binder have remained classified and have not been released to the Congress or the public. I requested the documents so that a declassification review could be performed and so I could determine to what extent materials in the binder should be released in unclassified form.

I determined that the materials in that binder should be declassified to the maximum extent possible. In response, and as part of the iterative process of the declassification review, under a cover letter dated January 17, 2021, the Federal Bureau of Investigation noted its continuing objection to any further declassification of the materials in the binder and also, on the basis of a review that included Intelligence Community equities, identified the passages that it believed it was most crucial to keep from public disclosure. I have determined to accept the redactions proposed for continued classification by the FBI in that January 17 submission.

I hereby declassify the remaining materials in the binder. This is my final determination under the declassification review and I have directed the Attorney General to implement the redactions proposed in the FBI’s January 17 submission and return to the White House an appropriately redacted copy.

My decision to declassify materials within the binder is subject to the limits identified above and does not extend to materials that must be protected from disclosure pursuant to orders of the Foreign Intelligence Surveillance Court and does not require the disclosure of certain personally identifiable information or any other materials that must be protected from disclosure under applicable law. Accordingly, at my direction, the Attorney General has conducted an appropriate review to ensure that materials provided in the binder may be disclosed by the White House in accordance with applicable law.

https://trumpwhitehouse.archives.gov/presidential-actions/memorandum-declassification-certain-materials-related-fbis-crossfire-hurricane-investigation/

>>13917032

>protected from disclosure pursuant to orders of the Foreign Intelligence Surveillance Court

Where’s Boasberg?