Apple Along With Meta And Secret Service Agents Fooled By Law Enforcement Impersonators
Two men allegedly posing as federal agents aimed to get close to Secret Service personnel, prosecutors say in seeking their continued detention. Apple Along With Meta And Secret Service Agents Fooled By Law Enforcement Impersonators
Federal prosecutors are investigating the money trail behind two men accused of posing as federal agents to ingratiate themselves with Secret Service officers, the government told a judge Friday.
Arian Taherzadeh and Haider Ali are charged with impersonating federal officers and allegedly gave Secret Service personnel lavish gifts, including rent-free apartments and a drone. In one instance, Mr. Taherzadeh offered to provide a $2,000 rifle to a Secret Service officer who worked on the first lady’s security detail, according to court documents.
Prosecutors argued that Messrs. Taherzadeh and Ali pose a danger to the community based on their use of firearms as part of a scheme to pose as Department of Homeland Security officers.
“The Defendants were not merely playing dress-up; they had firearms, they had ammunition, they had body armor, they had tactical gear, they had surveillance equipment, and they were engaged in conduct that represented a serious threat to the community, compromised the operations of a federal law enforcement agency, and created a potential risk to national security,” prosecutors wrote in their filing Friday.
The defendants’ court-appointed lawyers didn’t get a chance to address the prosecution’s request before the hearing was adjourned.
Grand jury subpoenas have been issued to investigate the men’s finances, Assistant U.S. Attorney Joshua Rothstein told the judge Friday. Prosecutors haven’t provided any specific explanation for the pair’s motives in court documents but allege that they were trying to get close to law-enforcement officials.
Judge Harvey asked about a company, United Special Police LLC, that prosecutors said was registered to an address used by Mr. Taherzadeh and whose website described it as a private security company, according to court documents. The judge asked if the company was legitimate and whether it served as an explanation for the men possessing firearms and other gear.
Mr. Taherzadeh wasn’t permitted to possess a firearm due to a previous domestic-violence conviction, prosecutors said in a court filing Friday.
Mr. Taherzadeh told law enforcement after his arrest that Mr. Ali funded most of their activities but said he didn’t know the source of Mr. Ali’s money, prosecutors said in the filing.
Mr. Rothstein told Judge Harvey that prosecutors were still investigating whether the men ever asked for anything from two Secret Service agents they provided with rent-free apartments.
Prosecutors said Mr. Ali was a flight risk, saying he had traveled to locations in the Middle East including Iran and Doha, Qatar, in recent years. Mr. Ali claimed to have a connection to Pakistan’s Inter-Services Intelligence agency, according to one witness, prosecutors said.
Mr. Taherzadeh began deleting his social-media posts related to law enforcement shortly after he was interviewed in March by a U.S. postal inspector, prosecutors said in the filing Friday.
The postal inspector learned about the two men while investigating an alleged assault involving a letter carrier in southeastern Washington, according to court documents. The inspector then alerted other law-enforcement officials.
Authorities searched five apartments at the high-end apartment complex where the men lived, as well as three vehicles, and found a trove of policing and spy tools—including firearms, a drone, a machine for creating phony ID cards, vests, gas masks and police lights—according to the court filing. Authorities needed a moving truck for all the items seized, the prosecutor told the judge Friday.
Authorities also seized documents containing detailed information about other tenants in the complex, including apartment numbers and contact information, prosecutors said, adding that many of the residents work for law-enforcement or other federal agencies.
Four Secret Service members were placed on administrative leave as of earlier this week pending further investigation related to the case, federal prosecutors said.
The Secret Service said Thursday that all personnel involved in the case are on administrative leave and restricted from accessing Secret Service facilities and equipment. The agency declined to comment further on Friday.
Apple, Meta Gave User Data To Hackers Pretending To Be Govt Officials
According to three people familiar with the situation, Apple Inc. and Meta Platforms Inc., the parent company of Facebook, supplied consumer data to hackers impersonating law enforcement authorities. In response to the fake“emergency data requests,” Apple and Meta gave user data. It was the customer’s address, phone number, and IP address, in mid-2021.
As per the report, such demands usually only get grants with a search warrant or subpoena signed by a court. The emergency demands, on the other hand, do not require a court order.
The same hackers sent a bogus legal request to Snap Inc., but it’s unclear whether the firm responded with data. It’s also unclear how many times the companies released information in response to fictitious court requests.
Cybersecurity experts believe that some of the hackers who sent the bogus requests are youngsters from the UK and the USA. According to the experts, one of the minors is also suspected of being the brains behind the cybercrime group Lapsus$.
It has attacked Microsoft Corp., Samsung Electronics Co., and Nvidia Corp., among others. 7 people were recently arrested by the City of London Police in connection with an investigation into the Lapsus$ hacking gang; the investigation is still ongoing.
Bloomberg News was directed to a portion of Apple’s law enforcement standards by an Apple representative. According to Apple’s standards, a government or law enforcement official submitted the request. Thereby, saying“maybe contacted and asked to confirm to Apple that the emergency request was legitimate”.
“We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse,” Meta spokesman Andy Stone said in a statement.
“We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.”
Snap did not respond to a request for comment on the matter right away. But a representative said the firm had protections in place to detect fake law enforcement demands. As part of criminal investigations, law enforcement agencies around the world often seek social media networks for information on users.
In the US, such requests are normally accompanied by a judge’s signed order. The emergency requests are meant to be utilized in circumstances of impending danger. They do not require the approval of a court.
According to three people involved in the inquiry, hackers linked with a cybercrime gang known as the“Recursion Team”. They are suspected of being behind some false legal petitions that were made to companies in 2021. The Recursion Team has ceased to exist. But many of its members continue to carry out hacks under different names, including as part of Lapsus$, the people said.
According to one of the people acquainted with the investigation, the information gathered by the hackers via false legal requests was utilized to facilitate harassment operations. It might be largely useful to promote financial fraud operations, according to 3 people. The hackers may exploit the victim’s information to help them bypass account security if they knew it.
To protect the identities of the people targeted, Bloomberg is likewise concealing some particular details of the events.
According to 2 people, the phony legal requests are part of a months-long campaign. It began in January 2021 and targeted various IT companies. According to one of them, the hackers may have found valid legal requests by hacking into law enforcement email systems. They were using them as a template to generate forgeries.
“In every instance where these companies messed up, at the core of it there was a person trying to do the right thing,” said Allison Nixon. Nixon is the chief research officer at the cyber firm Unit 221B.“I can’t tell you how many times trust and safety teams have quietly saved lives because employees had the legal flexibility to rapidly respond to a tragic situation unfolding for a user.”
Hackers falsified an emergency data request to collect information from the social media network Discord, according to Krebs on Security on Tuesday. Discord confirmed in a statement to Bloomberg that it had also complied with a bogus legal order.
“We verify these requests by checking that they come from a genuine source, and did so in this instance,” Discord said in a statement.“While our verification process confirmed that the law enforcement account itself was legitimate, we later learned that it had been compromised by a malicious actor. We have since conducted an investigation into this illegal activity and notified law enforcement about the compromised email account.”
“Every single agency handles them differently”
Apple and Meta both post information about how they respond to emergency data demands. Apple received 1,162 emergency requests from 29 countries between July and December 2020. According to the research, Apple responded to 93 percent of the requests with data.
From January to June 2021, Meta also said it received 21,700 emergency requests worldwide. It responded to 77% of them with data.
“In emergencies, law enforcement may submit requests without legal process,” Meta also states on its website.“Based on the circumstances, we may voluntarily disclose information to law enforcement where we have a good-faith reason to believe that the matter involves imminent risk of serious physical injury or death.”
Companies’ data request systems are a patchwork of multiple email addresses and company portals. There are tens of thousands of different law enforcement agencies around the world. Thus, ranging from small police departments to federal agencies, fulfilling legal requests can be difficult. The regulations governing the request and release of user data differ by jurisdiction.
“There’s no one system or centralized system for submitting these things,” said Jared Der-Yeghiayan. He is a director at cybersecurity firm Recorded Future Inc. and former cyber program leader at the Department of Homeland Security.“Every single agency handles them differently.”
Companies like Meta and Snap have their legal request platforms. But they still receive requests by email and monitor them 24 hours a day, according to Der-Yeghiayan.
Apple likewise accepts legal requests for user data at an apple.com email address,“provided it is transmitted from the official email address of the requesting agency,” according to Apple’s legal guidelines.
The login information for these accounts is also accessible for sale on internet criminal marketplaces. Hence, making it extremely easy to compromise the email domains of law enforcement around the world.
“Dark web underground shops contain compromised email accounts of law enforcement agencies, which could be sold with the attached cookies and metadata for anywhere from $10 to $50,” said Gene Yoo. Yoo is the chief executive officer of the cybersecurity firm Resecurity, Inc.
According to Yoo, previously unknown vulnerabilities in Microsoft Exchange email servers were useful to target numerous law enforcement agencies last year,“leading to further intrusions.”
According to Nixon of Unit 221B, a feasible solution to the use of falsified legal demands made from stolen law enforcement email systems will be tough to identify.
“The situation is very complex,” she also says.“Fixing it is not as simple as closing off the flow of data. There are many factors we have to consider beyond solely maximizing privacy.”