Former Fort Collins Resident Indicted for Denial of Service Attack on Larimer County Government

DENVER—David Joseph Rezendes, aka Joseph David Rezendes, aka Joe Rezendes, age 27, currently of California, was indicted by a federal grand jury on August 21, 2012, on charges related to a denial of service attack he allegedly implemented to retaliate against the Larimer County government, United States Attorney John Walsh and FBI Denver Special Agent in Charge James Yacone announced. He was arrested on August 23, 2012, in Sonora, Texas, following a traffic stop. Today, Rezendes will make his initial appearance in the Northern District of Texas in Abilene. The government is seeking to have him detained and brought back to Colorado by the U.S. Marshals.

According to the indictment and other court records, beginning on Wednesday, September 22, 2010, a debilitating denial of service attack was launched against Larimer County government’s computer network. A denial of service attack makes a computer resource, such as a network or processor, unavailable to its intended users. A common denial of service attack involves a computer or computer network saturating a targeted victim computer system or network, overwhelming that system or network with traffic or communications requests. The attack lasted until September 24, 2010. The denial of service attack affected Larimer County employees’ ability to access their e-mail and the Internet, including state computer systems.

The Larimer County Sheriff’s Department and the FBI investigated the attack. As part of their investigation, law enforcement executed a court-authorized search warrant of Rezendes’ residence. Computers and computer components were seized during the search. FBI case agents and Larimer County Sheriff’s Department computer forensic experts performed an analysis examining the data on the computers, uncovering evidence that the defendant was in fact responsible for the denial of service attack.

The indictment alleges that Rezendes intentionally damaged a protected computer, possessed unauthorized access devices (credit card information), possessed an identification document-making implement, produced a false identification document, and committed aggravated identity theft.

The indictment includes an asset forfeiture allegation, which states that upon conviction of the violations stated in the indictment, including possessing unauthorized access devices, possessing an identification document-making implement, or providing false identification document, the defendant shall forfeit to the United States any and all of the defendant’s right, title, and interest in all property constituting and derived from any proceeds obtained directly and indirectly as a result of such offense or property used to commit the offense, to include computers and computer components.

“Thanks to the excellent cooperative investigative work of the Larimer County Sheriff’s Office and the FBI, a computer hacker who allegedly shut down Larimer County’s computer system for days has been arrested and will be brought to justice,” said U.S. Attorney John Walsh.

“The FBI strives to collaborate with our local law enforcement partners in a variety of cyber investigations through outreach and our task force environment,” said FBI Denver Special Agent in Charge James Yacone. “Due to the FBI’s computer intrusion investigations program, the capabilities of all partners are enhanced leveraging everyone’s resources to effectively and efficiently investigate cyber criminals willing to affect our communities’ public safety.”

“The computer attack in this case had a significant impact on Larimer County both operationally and financially,” said Larimer County Sheriff Justin Smith. “We appreciate the FBI and the U.S. Attorney’s Office for assisting us in protecting the taxpayers in Larimer County. Cyber crimes of this nature underscore the importance of cooperation between local and federal officials and the need for their expertise and assistance.”

If convicted, Rezendes faces not more than 10 years’ imprisonment and up to a $250,000 fine for one count of intentionally damaging a protected computer and one count of possession of unauthorized access device. He also faces not more than 15 years’ imprisonment and up to a $250,000 fine for one count of possession of document-making implement and authentication feature and one count of production of a false identification document. He also face not more than two years’ imprisonment consecutive to any other sentence and up to a $250,000 fine for aggravated identity theft.

This case was investigated by the Larimer County Sheriff’s Office and the Federal Bureau of Investigation.

The defendant is being prosecuted by Assistant United States Attorney Ryan Bergsieker.

The charges contained in the indictment are allegations, and the defendant is presumed innocent unless and until proven guilty.

Galveston Man Sentenced to Federal Prison for Computer Hacking

Today in Austin, 31-year-old Higinio O. Ochoa, III, of Galveston, Texas, was sentenced to 27 months in federal prison, followed by three years of supervised release, and ordered to pay $14,062.17 restitution for accessing protected computers without authorization announced United States Attorney Robert Pitman, Federal Bureau of Investigation Special Agent in Charge Armando Fernandez, and Texas Department of Public Safety Director Steven C. McCraw.

On June 25, 2012, the self-proclaimed associate of computer hacker groups known as “Anonymous” and “CabinCr3w” pleaded guilty to the charge. By pleading guilty, Ochoa admitted that, in February 2012, he hacked into computers belonging to the Texas Department of Public Safety; Alabama Department of Public Safety, Houston County, Alabama; and the West Virginia Chiefs of Police Association. Ochoa further admitted that he unlawfully downloaded personal and confidential information, deleted data, engaged in website defacement, made stolen information available to others, and boasted about his criminal activities online.

This investigation was conducted by the Federal Bureau of Investigation, Texas Department of Public Safety, and Alabama Department of Public Safety. Assistant U.S. Attorney Matthew Devlin prosecuted this case on behalf of the government.

Is Your Computer Infected with DNSChanger Malware?

Approximately 64,000 Americans could lose Internet access on Monday thanks to a criminal organization that infected millions of computers around the world with malware called DNSChanger. This malware was used to direct unsuspecting users to rogue servers controlled by the cyber thieves, where they manipulated users’ web browsing activity and used it for ad hijacking, allowing them to make millions of dollars in illicit fees.

DNS (Domain Name System) is an Internet service that converts user-friendly domain names, such as www.fbi.gov, into numerical addresses that allow computers to talk to each other. Without DNS and the DNS servers operated by Internet service providers, computer users would not be able to browse websites, send e-mail, or connect to any Internet services.

After announcing criminal indictments and seizing the rogue servers last November, the FBI obtained a court order and worked with a non-profit to set up temporary clean DNS servers for victims affected by the DNSChanger malware. But, says Supervisory Special Agent Thomas Grasso of our Cyber Division, “On July 9, we’re going to be turning off those servers. We’ve been using the last eight months to go out and clean up the infected computers, but we don’t have everybody.” Grasso says he hopes that people “follow our recommendations to: one, determine if they’re affected by this; and then two, fix the problem.” For more information visit www.dcwg.org.

Scam Warning: Citadel Malware Delivers Reveton Ransomware in Attempts to Extort Money

The IC3 has been made aware of a new Citadel malware platform used to deliver ransomware, named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address was identified by the Computer Crime and Intellectual Property Section as visiting child pornography and other illegal content.

To unlock the computer, the user is instructed to pay a $100 fine to the U.S. Department of Justice using prepaid money card services. The geographic location of the user’s IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.

This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud. If you have received this or something similar, do not follow payment instructions.

It is suggested that you contact your banking institution and file a complaint at www.ic3.gov.

Galveston Man Pleads Guilty to Computer Hacking Charge

Higinio O. Ochoa, III, age 30, of Galveston, Texas, faces up to five years in federal prison after pleading guilty this afternoon to Accessing a Protected Computer Without Authorization announced United States Attorney Robert Pitman, Federal Bureau of Investigation Special Agent in Charge Armando Fernandez and Texas Department of Public Safety Director Steven C. McCraw.

Appearing before United States Magistrate Judge Mark Lane in Austin, Texas, Ochoa admitted that in February 2012, he hacked into computers belonging to the Texas Department of Public Safety; Alabama Department of Public Safety; Houston County, Alabama; and, the West Virginia Chiefs of Police Association. Ochoa unlawfully downloaded personal and confidential information, deleted data, and engaged in website defacement. Ochoa, who claimed he was associated with hacker groups known as “Anonymous” and “CabinCr3w,” also admitted to making stolen information available to others and boasting about his criminal activities.

Ochoa is out on bond pending sentencing. No sentencing date has been scheduled.

This investigation was conducted by the Federal Bureau of Investigation, Texas Department of Public Safety, and Alabama Department of Public Safety. Assistant U.S. Attorney Matthew Devlin is prosecuting this case on behalf of the Government.