PHOENIX, Ariz. – Joshua Polloso Epifaniou, 22, of Nicosia, Cyprus was sentenced today in the Northern District of Georgia by U.S. District Judge Mark H. Cohen to 12 months and one day in prison, on top of the nearly four years Epifaniou has already served in custody since his arrest in Cyprus in May 2017. Epifaniou pleaded guilty to federal computer fraud charges brought in Arizona and the Northern District of Georgia. As a result of his conviction, Epifaniou forfeited $389,113 and 70,000 euros to the government and paid $600,000 in restitution to the victims of his fraud. Epifaniou is the first Cypriot national ever extradited from Cyprus to the United States.

“Cybercrime is a threat to both our individual privacy and to the security of American companies,” said Acting U.S. Attorney Anthony Martin. “We will work diligently alongside our law enforcement partners to ensure any perpetrators are identified and brought to justice.”

Between October 2014 and May 2017, Epifaniou hacked websites and monitored online traffic to identify targets for extortion. After selecting target websites, Epifaniou worked with co-conspirators to steal personally identifiable information from the websites’ databases. Epifaniou then used proxy servers located in foreign countries to log into email accounts and send messages to the websites threatening to leak the sensitive data unless a ransom was paid in cryptocurrency. 

Victims of Epifaniou’s computer terrorism included an online sports news website owned by Turner Broadcasting System Inc. in Atlanta, Georgia, a free online game publisher based in Irvine, California, a hardware company based in New York, New York, an online employment website headquartered in Innsbrook, Virginia, and a consumer report website, Ripoff Report, headquartered in Phoenix, Arizona.

After extorting Ripoff Report, Epifaniou also hacked into its website to remove online complaints at the request of paying clients. Epifaniou and his co-conspirator, Pierre Zarokian, charged clients between $1,000 and $5,000 for each complaint removal and falsely told clients that the removals were court-ordered. Epifaniou was charged by indictment in Arizona in CR-17-1280-SMB and Zarokian was sentenced last year in CR-18-1626-MTL.

“This individual was preying on people for his own personal gain,” said Sean Kaul, Special Agent in Charge of the FBI Phoenix Field Office. “FBI agents, analysts and support staff worked tirelessly on this case. This investigation should send a strong message that the FBI has a long reach and no matter where you are, we will continue to leverage all available resources and utilize partnerships in the United States and foreign partnerships to identify criminals in an effort to bring justice to victims of crime.”

The Federal Bureau of Investigation conducted the investigation in this case. Foreign law enforcement partners also made significant contributions to the investigation, including the Office for Combating Cybercrime of the Cyprus Police. The U.S. Attorney’s Offices for the District of Arizona and for the Northern District of Georgia handled the prosecution, with assistance from the Criminal Division’s Office of International Affairs.

CASE NUMBER: CR17-00327-MHC-JKL

RELEASE NUMBER: 2021-014_Epifaniou

# # #

For more information on the U.S. Attorney’s Office, District of Arizona, visit http://www.justice.gov/usao/az/ Follow the U.S. Attorney’s Office, District of Arizona, on Twitter @USAO_AZ for the latest news.

Both Properties Worth a Combined $70 Million

MIAMI – The United States filed two civil forfeiture complaints today in the U.S. District Court for the Southern District of Florida alleging that commercial real estate properties in Louisville, Kentucky, and Dallas, Texas, both acquired using funds misappropriated from PrivatBank in Ukraine, are subject to forfeiture based on violations of federal money laundering statutes.

U.S. Attorney Ariana Fajardo Orshan for the Southern District of Florida, Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division, U.S. Attorney Justin E. Herdman for the Northern District of Ohio, and Special Agent in Charge Eric B. Smith of the FBI’s Cleveland Field Office made the announcement.

The complaints allege that Ihor Kolomoisky and Gennadiy Boholiubov, who owned PrivatBank, one of the largest banks in Ukraine, embezzled and defrauded the bank of billions of dollars.  The two obtained fraudulent loans and lines of credit from approximately 2008 through 2016, when the scheme was uncovered, and the bank was nationalized by the National Bank of Ukraine.  The complaints allege that they laundered a portion of the criminal proceeds using an array of shell companies’ bank accounts, primarily at PrivatBank’s Cyprus branch, before they transferred the funds to the United States.  As alleged in the complaint, the loans were rarely repaid except with more fraudulently obtained loan proceeds.

As alleged in the Complaints, in the United States, associates of Kolomoisky and Bogoliubov, Mordechai Korf and Uriel Laber, operating out of offices in Miami, created a web of entities, usually under some variation of the name “Optima,” to further launder the misappropriated funds and invest them.  They purchased hundreds of millions of dollars in real estate and businesses across the country, including the properties subject to forfeiture: the Louisville office tower known as PNC Plaza, and the Dallas office park known as the former CompuCom Headquarters.  The buildings have a combined value of approximately $70 million.

A complaint is merely an allegation and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law. 

FBI’s Cleveland Division is investigating the case with support from FBI’s International Corruption Unit, IRS Criminal Investigation, and U.S. Customs and Border Protection. Assistant U.S. Attorney Adrienne Rosen of the U.S. Attorney’s Office for the Southern District of Florida,  International Unit Chief Mary K. Butler, Senior Trial Attorney Michael C. Olmsted, Trial Attorneys Shai D. Bronshtein and Peter Steciuk, and Law Clerk Robert Blaney of the Criminal Division’s Money Laundering and Asset Recovery Section are prosecuting the cases.  The Justice Department’s Office of International Affairs has provided substantial assistance in the investigation.

The Kleptocracy Asset Recovery Initiative is led by a team of dedicated prosecutors in the Criminal Division’s Money Laundering and Asset Recovery Section, in partnership with federal law enforcement agencies, and often with U.S. Attorney’s Offices, to forfeit the proceeds of foreign official corruption and, where appropriate, to use those recovered assets to benefit the people harmed by these acts of corruption and abuse of office.  In 2015, the FBI formed International Corruption Squads across the country to address national and international implications of foreign corruption.  Individuals with information about possible proceeds of foreign corruption located in or laundered through the United States should contact federal law enforcement or send an email to kleptocracy@usdoj.gov (link sends e-mail) or https://tips.fbi.gov/.

Related court documents and information may be found on the website of the District Court for the Southern District of Florida at www.flsd.uscourts.gov or at http://pacer.flsd.uscourts.gov, under case nos. 20-cv-23278 and 20-cv-23279.   

MIAMI – An indictment was unsealed yesterday charging Syria national Mohamad Deiry and Lebanese national Samer Rayya, both principals of an Iraq-based arms company, Black Shield Ltd., with conspiring to export munitions from the United States to Sudan and Iraq without the necessary licenses and approvals, in violation of the Arms Export Control Act. Additionally, Deiry and Rayya were charged with conspiring to commit money laundering in furtherance of their illicit procurement activities.

Both Rayya and Deiry remain at large and wanted by the FBI. The defendants have ties to or may visit Syria, Lebanon, Iraq, Turkey, Russia, Belarus, Sudan and Libya.

Concurrent with this announcement, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Black Shield, also known as Black Shield for Trading LLC, Deiry, and Rayya, as well as other individuals and entities involved in the procurement network used by Deiry and Rayya in support of Black Shield’s illegal supply of munitions used in conflicts around the world.

“The U.S. Attorney’s Office is committed to the prosecution of those individuals and corporations that illicitly procure munitions to be shared overseas,” said U.S. Attorney Markenzy Lapointe for the Southern District of Florida. “Our goal is to identify and thwart arms traffickers and money launderers whose criminal acts fuel the destabilization of nations and perpetuation of international conflicts.”

“These defendants allegedly ran an international arm trafficking ring and conspired to unlawfully export anti-aircraft ammunition and other military arms and munitions from the United States to Sudan and Iraq, promoting violence and putting Americans and our allies at risk,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “These charges exemplify the Justice Department’s commitment to investigating and holding accountable those who defy our U.S. export controls.”

“This indictment demonstrates the FBI’s resolve to investigate those who seek to illegally acquire and sell U.S. arms, ultimately fueling conflict around the world,” said Executive Assistant Director of the FBI’s National Security Branch Larissa L. Knapp. “Deiry and Rayya’s alleged actions will not be taken lightly, and the FBI will do all within its power to ensure that they are brought to justice. Illegal arms exportation and international money laundering will not be tolerated.”

According to the indictment, between April and November 2016, Deiry, Rayya and others conspired to export munitions, including 23-millimeter antiaircraft ammunition, Bushmaster 40mm Grenade Launchers, FN SCAR-L CQC (5.56x45mm) assault rifles, FN SCAR-H CQC (7.62x51mm) assault rifles, FNH 5.7x28mm green tip ammunition, and HK MR762A1 LRP ii (7.62x51mm) assault rifles, from the United States to Sudan and Iraq without first obtaining the required licenses or approvals from DDTC. Specifically, the co-conspirators attempted to illegally acquire the munitions from the United States in a deal worth $1,200,000, which was part of a larger scheme to illegally acquire $4 million worth of 23-millimeter ammunition. The conspiracy involved the transshipment of the munitions from the United States to Guatemala and from Guatemala to false end-users in Cyprus before ultimately arriving in Sudan and Iraq. In furtherance of the conspiracy, Black Shield wired a downpayment of $100,000 from a front company located in Benin, West Africa. The conspiracy involved both Black Shield emissaries from India and Belarus, who traveled to the United States to inspect the munitions, as well as Israeli American and Israeli Romanian-Uzbeki brokers, who acted as middlemen between the supplier and end-users.

Deiry and Rayya are charged with conspiracy to unlawfully export defense articles from the United States, which carries a maximum statutory penalty of five years in prison; and conspiracy to engage in international money laundering, which carries a maximum statutory penalty of 20 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Miami Field Office is investigating the case.

Assistant U.S. Attorney Randy Hummel for the Southern District of Florida is prosecuting the case, with valuable assistance from Trial Attorneys Brendan Geary and Tracy Varghese of the National Security Division’s Counterintelligence and Export Control Section.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Related court documents and information may be found on the website of the District Court for the Southern District of Florida at www.flsd.uscourts.gov or at http://pacer.flsd.uscourts.gov, under case number 21-cr-6029.

Indictment

###

Both Properties Worth a Combined $70 Million

MIAMI – The United States filed two civil forfeiture complaints today in the U.S. District Court for the Southern District of Florida alleging that commercial real estate in Louisville, Kentucky, and Dallas, Texas, both acquired using funds misappropriated from PrivatBank in Ukraine, are subject to forfeiture based on violations of federal money laundering statutes.

U.S. Attorney Ariana Fajardo Orshan for the Southern District of Florida, Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division, U.S. Attorney Justin E. Herdman for the Northern District of Ohio, and Special Agent in Charge Eric B. Smith of the FBI’s Cleveland Field Office made the announcement.

The complaints allege that Ihor Kolomoisky and Gennadiy Boholiubov, who owned PrivatBank, one of the largest banks in Ukraine, embezzled and defrauded the bank of billions of dollars.  The two obtained fraudulent loans and lines of credit from approximately 2008 through 2016, when the scheme was uncovered, and the bank was nationalized by the National Bank of Ukraine.  The complaints allege that they laundered a portion of the criminal proceeds using an array of shell companies’ bank accounts, primarily at PrivatBank’s Cyprus branch, before they transferred the funds to the United States.  As alleged in the complaint, the loans were rarely repaid except with more fraudulently obtained loan proceeds.

As alleged in the Complaints, in the United States, associates of Kolomoisky and Bogoliubov, Mordechai Korf and Uriel Laber, operating out of offices in Miami, created a web of entities, usually under some variation of the name “Optima,” to further launder the misappropriated funds and invest them.  They purchased hundreds of millions of dollars in real estate and businesses across the country, including the properties subject to forfeiture: the Louisville office tower known as PNC Plaza, and the Dallas office park known as the former CompuCom Headquarters.  The buildings have a combined value of approximately $70 million.

A complaint is merely an allegation and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law. 

FBI’s Cleveland Division is investigating the case with support from FBI’s International Corruption Unit, IRS Criminal Investigation, and U.S. Customs and Border Protection. Assistant U.S. Attorney Adrienne Rosen of the U.S. Attorney’s Office for the Southern District of Florida,  International Unit Chief Mary K. Butler, Senior Trial Attorney Michael C. Olmsted, Trial Attorneys Shai D. Bronshtein and Peter Steciuk, and Law Clerk Robert Blaney of the Criminal Division’s Money Laundering and Asset Recovery Section are prosecuting the cases.  The Justice Department’s Office of International Affairs has provided substantial assistance in the investigation.

The Kleptocracy Asset Recovery Initiative is led by a team of dedicated prosecutors in the Criminal Division’s Money Laundering and Asset Recovery Section, in partnership with federal law enforcement agencies, and often with U.S. Attorney’s Offices, to forfeit the proceeds of foreign official corruption and, where appropriate, to use those recovered assets to benefit the people harmed by these acts of corruption and abuse of office.  In 2015, the FBI formed International Corruption Squads across the country to address national and international implications of foreign corruption.  Individuals with information about possible proceeds of foreign corruption located in or laundered through the United States should contact federal law enforcement or send an email to kleptocracy@usdoj.gov (link sends e-mail) or https://tips.fbi.gov/.

Related court documents and information may be found on the website of the District Court for the Southern District of Florida at www.flsd.uscourts.gov or at http://pacer.flsd.uscourts.gov, under case nos. 20-cv-23278 and 20-cv-23279.   

Tampa, Florida – United States Attorney Roger B. Handberg, along with Special Agent in Charge Kareem Carter for the IRS - Criminal Investigation Washington D.C. Field Office, and Special Agent in Charge David Walker for the FBI - Tampa Division, announces that Vitalii Chychasov (37, Ukraine) has pleaded guilty to conspiracy to commit access device fraud and trafficking in unauthorized access devices relating to his administration of SSNDOB Marketplace, a series of websites that operated for years and were used to sell personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. The SSNDOB Marketplace has listed the personal information for millions of individuals in the United States, generating more than $19 million in sales revenue. On June 7, 2022, seizure orders were executed against the domain names of the SSNDOB Marketplace, effectively ceasing the website’s operation.

Chychasov faces a maximum penalty of 15 years in federal prison, and as part of his plea agreement, he has agreed to forfeit the internet domains BLACKJOB.BIZ, SSNDOB.CLUB, SSNDOB.VIP, and SSNDOB.WS, which were used to commit the offenses and were part of the series of domains that comprised the “Marketplace.” Chychasov also agreed to a forfeiture money judgment in the amount of $5 million, the proceeds of the access device fraud.

Chychasov was arrested in March 2022 while attempting to enter Hungary; and was extradited to the United States in July 2022. A second SSNDOB Marketplace administrator, Sergey Pugach, was arrested in May 2022.

According to court records, the SSNDOB administrators created advertisements on dark web criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts. The administrators also employed various techniques to protect their anonymity and to thwart detection of their activities, including strategically maintaining servers in various countries, and requiring buyers to use digital payment methods.

Stolen Social Security numbers can be used to commit a variety of frauds, including United States tax fraud, unemployment insurance fraud, loan fraud, credit card fraud, and the like. Investigators determined that a single buyer from the site used stolen personal identifying information that he purchased to steal and launder nearly $10 million.

The U.S. investigation was led by the IRS - Criminal Investigation Cyber Crimes Unit and the FBI – Tampa Division, with assistance from the IRS-Criminal Investigation’s Tampa Field Office. Substantial assistance was also provided by the Department of Justice’s Office of International Affairs, the FBI’s Legal Attaché Offices responsible for Latvia and Cyprus, the Latvian Police, and the Cypriot authorities.

The case is being prosecuted by Assistant United States Attorney Rachel Jones and the asset forfeiture is being handled by Assistant United States Attorney Suzanne Nebesky.

Tampa, Florida – United States Attorney Roger B. Handberg, along with Special Agent in Charge Darrell Waldon for the IRS - Criminal Investigation Washington D.C. Field Office, and Special Agent in Charge David Walker for the FBI - Tampa Division, today announced the seizure of the SSNDOB Marketplace, a series of websites that operated for years and were used to sell personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. The SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue.

The SSNDOB administrators created advertisements on darkweb criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts. The administrators also employed various techniques to protect their anonymity and to thwart detection of their activities, including using online monikers that were distinct from their true identities, strategically maintaining servers in various countries, and requiring buyers to use digital payment methods, such as bitcoin.

The international operation to dismantle and seize this infrastructure is the result of close cooperation with law enforcement authorities in Cyprus and Latvia. On June 7, 2022, seizure orders were executed against the domain names of the SSNDOB Marketplace (ssndob.ws, ssndob.vip, ssndob.club, and blackjob.biz), effectively ceasing the website’s operation.

“I applaud the extensive work and cooperation by our domestic and international law enforcement partners in bringing a halt to this global scheme,” said U.S. Attorney Roger Handberg. “The theft and misuse of personal information is not only criminal but can have a catastrophic impact on individuals for years to come.”

“Identity theft can have a devastating impact on a victim’s long-term emotional and financial health. Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised,” said Special Agent in Charge Darrell Waldon, IRS-CI Washington, D.C. Field Office. “Special agents with IRS-CI’s DC Cyber Crimes Unit will continue to work with the U.S. and international law enforcement community to end these complex scams, regardless of where the money trail leads them.”

“These seizures demonstrate the FBI’s strong working relationship with our international partners in disrupting malicious cyber activity,” said FBI Tampa Special Agent in Charge David Walker. “Dismantling illicit marketplaces that threaten the privacy and security of the American public is a priority of the FBI.”

The U.S. investigation was led by the IRS - Criminal Investigation Cyber Crimes Unit and the FBI – Tampa Division, with assistance from the IRS-Criminal Investigation’s Tampa Field Office. Substantial assistance was also provided by the Department of Justice’s Office of International Affairs, the FBI’s Legal Attaché Offices responsible for Latvia and Cyprus, the Latvian Police, and the Cyprus Police.

The investigation is being overseen by Assistant United States Attorney Rachel Jones and asset forfeiture will be handled by Assistant United States Attorney Suzanne Nebesky.

Tampa, Florida – U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii Chychasov (37, Ukraine) to eight years in federal prison for his administration of SSNDOB Marketplace, a series of websites that operated for years and were used to sell personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States.

On June 7, 2022, seizure orders were executed against the domain names of the SSNDOB Marketplace—BLACKJOB.BIZ, SSNDOB.CLUB, SSNDOB.VIP, and SSNDOB.WS—effectively ceasing the website’s operation. As part of his sentence, the court also entered an order of forfeiture in the amount of $5 million, the proceeds of the fraud, and ordered Chychasov to forfeit his interest in the BLACKJOB.BIZ, SSNDOB.CLUB, SSNDOB.VIP, and SSNDOB.WS domains.

Chychasov was arrested in March 2022 while attempting to enter Hungary. He was extradited to the United States from Hungary in July 2022.

According to court records, Chychasov and other Marketplace administrators advertised on dark web criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts. The administrators also employed various techniques to protect their anonymity and to thwart detection of their activities, including strategically maintaining servers in various countries, and requiring buyers to use digital payment methods. The SSNDOB Marketplace listed for sale the personal information for millions of individuals in the United States, generating more than $19 million USD in sales revenue.

Stolen Social Security numbers, like those sold on the Marketplace, are used to commit a variety of frauds, including U.S. tax fraud, unemployment insurance fraud, loan fraud, and credit card fraud. Sales on the Marketplace skyrocketed during the early stages of the COVID-19 pandemic, when federal and state governments began to disburse monies—through a variety of programs—to American businesses and families at a time of a national (and international) emergency.

The U.S. investigation was led by the Internal Revenue Service – Criminal Investigation Cyber Crimes Unit and the Federal Bureau of Investigation – Tampa Division, with assistance from the IRS-Criminal Investigation’s Tampa Field Office. Substantial assistance was also provided by the Department of Justice’s Office of International Affairs, the FBI’s Legal Attaché Offices responsible for Latvia and Cyprus, the Latvian Police, the Hungarian authorities, and the Cypriot authorities.

The case was prosecuted by Assistant United States Attorney Rachel Jones and asset forfeiture is being handled by Assistant United States Attorney Suzanne Nebesky.







 

          A 37-year-old citizen of Belarus was sentenced today in U.S. District Court in Seattle to four years in prison for conspiracy to commit wire fraud, announced U.S. Attorney Annette L. Hayes. ALEXANDER MIHAILOVSKI was indicted in August 2012 for his role as a payment processor in a $71 million cybercrime scheme. He was arrested in Vienna, Austria in late 2015. MIHAILOVSKI was extradited to the U.S. to face charges a year ago. He pleaded guilty in August 2016. At the sentencing hearing U.S. District Judge Thomas S. Zilly said, “You provided an important part of the total scheme… by making it appear legitimate…. People who commit these crimes will be apprehended and will be punished.”

          “Just like a bank robber needs a get-away driver, cyber fraudsters need people to turn their electronic scams into cash,” said U.S. Attorney Annette L. Hayes. “This defendant ran a credit card processing company that was essentially ripping off nearly $71 million dollars from unsuspecting computer users. Like so many others, he thought he would get away with his crimes. Instead, close cooperation with our worldwide law enforcement partners allowed us to track him down and get him back to the United States to face justice.”

 

          According to records in the case, MIHAILOVSKI operated a credit card payment processing company called Mystique Enterprises, LTD, doing business as PSBILL, Smart Systems, and Failsafe Payments. MIHAILOVSKI and his company were part of an international cybercrime ring that netted $71 million by infecting victims’ computers with “scareware” and selling fraudulent antivirus software that was supposed to secure victims’ computers but was, in fact, useless.

          The prosecution of MIHAILOVSKI is part of Operation Trident Tribunal, a coordinated enforcement action targeting international cybercrime rings that caused more than $71 million in total losses to more than one million computer users through the sale of fraudulent computer security software known as “scareware.” The scareware used in this scheme was malicious software that posed as legitimate computer security software. The scareware caused popup notices to appear on the victims’ computers with false warnings that the computers had been infected and prompted the victims to purchase fake anti-virus software with a credit card at a cost of up to $129. The scareware would often disable legitimate anti-virus software and lock-down other features of the computers, effectively preventing the victims from using their computers until they purchased the fake anti-virus software or reformatted their computers. An estimated 960,000 users were victimized by this scareware scheme, leading to $71 million in actual losses.

          MIHAILOVSKI is the second foreign national prosecuted in this particular scareware scheme. In December 2012, Mikael Patrick Sallnert, 40, a citizen of Sweden, was also sentenced to four years in prison and was ordered to pay $650,000 in forfeiture. Sallnert also served as a credit card payment processor for the crime ring.

          This case is being investigated by the FBI Seattle Division Cyber Task Force and other FBI entities. The case is being prosecuted by Assistant U.S. Attorneys Norman Barbosa and Francis Franze-Nakamura. Substantial assistance was provided by the Criminal Division’s Office of International Affairs and the Computer Crime and Intellectual Property Section.

          Critical assistance in the investigation was provided by the Security Service of Ukraine, German Federal Criminal Police, Netherlands National High-Tech Crime Unit, London Metropolitan Police, Latvian State Police, Lithuanian Criminal Police Bureau, Swedish National Police Cyber Unit, French Police Judiciare, Royal Canadian Mounted Police, Romania’s Directorate for Combating Organized Crime, Cyprus National Police in cooperation with the Unit for Combating Money Laundering, the Danish National Police, and the Austrian Federal Ministry of Justice.

LOS ANGELES – Authorities have arrested five defendants – including several Southern California residents – for their alleged participation in a years-long scheme to steal millions of dollars from American consumers’ bank accounts, the Justice Department announced today.

The arrests follow a federal grand jury last week returning a seven-count indictment that charges a total of 14 defendants with conspiracy to violate the Racketeer Influenced and Corrupt Organizations (RICO) Act.

According to the indictment, various members and associates of the alleged criminal enterprise created shell entities that claimed to offer products or services, such as cloud storage. Then, after obtaining identifying and banking information for victims, the enterprise allegedly executed unauthorized debits against victims’ bank accounts, which it falsely represented to banks were authorized by the victims.

Because some of the unauthorized debits resulted in returned transactions – which generated high return rates and could raise red flags at financial institutions – the indictment alleges the enterprise’s shell entities also generated “micro debits” against other bank accounts controlled by the enterprise. The micro debits allegedly artificially lowered shell entities’ return rates to levels that conspirators believed would reduce bank scrutiny and lessen potential negative impact on the enterprise’s banking relations.

The five defendants arrested Tuesday are:



Edward Courdy, 73, of Hawaiian Gardens;

Eric Bauer, 65, of Huntington Beach;

Veronica Crosswell, 35, of Long Beach;

Jenny Sullivan, 46, of Denver; and

John Beebe, 52, of Honolulu;



Defendant Linden Fellerman, 67, of Las Vegas, has agreed to surrender himself on Friday, May 5, 2023 to authorities in Los Angeles. 

Three other defendants have been summoned to appear in United States District Court in Los Angeles on May 24. Those defendants are:



Michael Young, 41, of Hollywood, Florida;

Randy Grabeel, 71, of Pittsburg, California; and

Debra Vogel, 68, of Las Vegas.



Seven other defendants are currently fugitives being sought by federal authorities. They are:



Guy Benoit, 68, a resident of Canada and Cyprus;

Steven Kennedy, 54, of Canada;

Sayyid Quadri of Canada;

Ahmad Shoaib, 63, of Canada; and

Lance Johnson, 52, of Laveen, Arizona;



In addition to the RICO offense alleged in the indictment, all of the defendants – except Grabeel and Vogel – are charged with at least one count of wire fraud.

Harold Sobel previously was convicted for his role in the scheme in Las Vegas federal court and sentenced to 3½ years in prison. In a related civil case also filed in Los Angeles federal court, injunctive relief and settlements totaling nearly $5 million were obtained against various persons, including several who are charged in this criminal indictment.

“This sophisticated scheme allegedly generated millions of dollars in revenue by  using consumers’ personal information to fraudulently reach straight into the bank accounts of thousands of Americans,” said United States Attorney Martin Estrada. “The indictment alleges that an international network of fraudsters engaged in a wide-ranging scheme which sought to victimize consumers while concealing their activities from banks and law enforcement authorities. Thanks to law enforcement, the defendants’ alleged efforts to continue this scheme have failed.”

“The scheme alleged in the indictment involved an elaborate plot to reach into consumers’ bank accounts and steal their hard-earned savings,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “The Department of Justice will use all of the tools at its disposal to prosecute such schemes.”

An indictment contains allegations that a defendant committed a crime. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Some defendants made their initial court appearances yesterday. If convicted, each defendant faces a maximum penalty of 20 years in prison for racketeering conspiracy and, if applicable, 30 years in prison for each count of wire fraud.

The U.S. Postal Inspection Service is investigating the case.

Assistant United States Attorney Monica Tait of the Major Frauds Section, and Trial Attorneys Wei Xiang, Meredith Healy and Amy Kaplan of the Justice Department’s Consumer Protection Branch are prosecuting the case. The United States Attorney’s Office for the Southern District of Texas provided substantial assistance.

The Department of Justice urges individuals to be on the lookout for unauthorized debits to their accounts. Regularly check your bank, credit card, and other financial statements and contact your financial institution if you see a charge you do not recognize. Report any fraudulent debit you identify to law enforcement. Reports may be filed with the FTC at www.ftccomplaintassistant.gov or at 877-FTC-HELP.

The Consumer Protection Branch, in conjunction with the U.S. Postal Inspection Service, is pursing wrongdoers who disguise the unlawful nature of business activities by, among other methods, artificially lowering financial account return rates. These tactics are designed to deceive banks, resulting in bank accounts remaining open and facilitating fraud schemes and other illegal activities, including schemes that debit consumers’ bank accounts without authorization, tech support scams, and subscription traps.

Samuel Salman El Reda Participated in Terrorist Operations for Hezbollah in South America, Asia and Lebanon, and Helped Plan and Execute Hezbollah’s July 18, 1994, Bombing of the Asociación Mutual Israelita Argentina Building in Buenos Aires, Killing 85 People

A Manhattan federal court today unsealed terrorism charges against Samuel Salman El Reda, aka Samuel Salman El Reda El Reda, Salman Raouf Salman, Sulayman Rammal, Salman Ramal, Salman Raouf Salman, and Hajj, 58, a dual Colombian-Lebanese citizen and member of Hezbollah’s Islamic Jihad Organization (IJO), in connection with El Reda’s alleged role leading decades of terrorist activity on behalf of Hezbollah and the IJO.

El Reda is charged with, among other offenses, conspiring to provide and providing material support to Hezbollah, a designated foreign terrorist organization. El Reda is based in Lebanon and remains at large.

“Nearly three decades ago, long-time Hezbollah terrorist operative Samuel Salman El Reda allegedly helped plan and execute the heinous attack on a Buenos Aires Jewish community center that murdered 85 innocent people and injured countless others,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “This indictment serves as a message to those who engage in acts of terror: that the Justice Department’s memory is long, and we will not relent in our efforts to bring them to justice.”

“As alleged, for decades, Samuel Salman El Reda has led terrorist operations on behalf of the Islamic Jihad Organization of Hezbollah, including a 1994 bombing in Buenos Aires that massacred 85 innocent victims,” said U.S. Attorney Damian Williams for the Southern District of New York. “The career prosecutors of this office have not forgotten the pain and suffering that El Reda has allegedly caused, and we thank the dedication of our law enforcement partners for pursuing this important case. The Southern District of New York continues to be a leader in prosecuting violent terrorists and terrorist organizations, and we will not rest until those who create chaos and destruction are brought to justice.”

“While it’s been nearly 30 years since this horrific terrorist attack, the FBI and our partners throughout the U.S. government are committed to delivering justice for the victims’ families,” said Executive Assistant Director Larissa L. Knapp of the FBI’s National Security Branch. “Our reach and our memory are long, as this investigation shows. The charges unsealed today are a result of the hard work and determination of the men and women of the FBI and Justice Department, and the assistance of our international partners in law enforcement.”

According to court documents, Hezbollah is a Lebanon-based Shia Islamic organization with political, social and terrorist components. Hezbollah was founded in the 1980s with support from Iran after the 1982 Israeli invasion of Lebanon, and its mission includes establishing a fundamentalist Islamic state in Lebanon. Since Hezbollah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including U.S. citizens and military personnel. In 1997, the Department of State designated Hezbollah as a foreign terrorist organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today. In 2001, pursuant to Executive Order 13224, the Department of the Treasury designated Hezbollah as a Specially Designated Global Terrorist entity. In 2010, State Department officials described Hezbollah as the most technically capable terrorist group in the world and a continued security threat to the United States.

The IJO, which is also known as the External Security Organization and “Unit 910,” is a component of Hezbollah responsible for the planning and coordination of intelligence, counterintelligence and terrorist activities on behalf of Hezbollah outside of Lebanon. In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, killing six people and injuring 32 others. Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including through the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, the seizure of similar chemicals in May 2015 in connection with the arrest of another IJO operative, and the seizure of approximately three tons of ammonium nitrate in London in the fall of 2015. Since June 2017, multiple IJO operatives have been arrested, charged and convicted in the Southern District of New York for terrorism-related offenses.

Beginning in at least 1993, El Reda has led terrorist operations on behalf of Hezbollah and the IJO in South America, Asia and Lebanon. El Reda was responsible for, among other things, helping to plan and execute the July 18, 1994, bombing of the Asociaión Mutual Israelita Argentina (AMIA) building in Buenos Aires, which killed 85 people and injured hundreds more. El Reda’s activities for Hezbollah in connection with the AMIA bombing included relaying information to IJO operatives that was used for planning and executing the attack. In the decades following the attack, El Reda continued to engage in terrorist activity on Hezbollah’s behalf by recruiting, training and managing IJO operatives around the world. El Reda deployed IJO operatives to Thailand, Panama and Peru, among other places, to help Hezbollah and the IJO conduct pre-operational surveillance in support of attack planning and stockpile explosive precursor chemicals, including ammonium nitrate. For example, in or about May 2009, El Reda instructed an IJO operative to travel to Thailand to help destroy a cache of ammonium nitrate and other explosive materials that the IJO believed was under law enforcement surveillance. In or about February 2011, El Reda instructed an IJO operative to travel to Panama to surveil the Panama Canal and Embassies maintained by the United States and Israel, and in or about January 2012, El Reda instructed an IJO operative to travel again to Panama to conduct additional pre-operational surveillance.

El Reda is charged with: (i) providing material support to a designated foreign terrorist organization, which carries a maximum penalty of 20 years in prison; (ii) conspiring to provide material support to a designated foreign terrorist organization, which carries a maximum penalty of 20 years in prison; (iii) aiding and abetting the receipt of military-type training from a designated foreign terrorist organization, which carries a maximum penalty of 10 years in prison or a fine; and (iv) conspiring to receive military-type training from a designated foreign terrorist organization, which carries a maximum penalty of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the New York Police Department, is investigating the case. The Justice Department’s Office of International Affairs provided valuable assistance.

Assistant U.S. Attorneys Jacob H. Gutwillig and Jason A. Richman for the Southern District of New York are prosecuting the case, with valuable assistance from Deputy Chief Larry Schneider of the National Security Division’s Counterterrorism Section.

An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.





​​​​​​​El Reda Indictment

Arthur Petrov, 33, a dual Russian-German citizen who has resided in Russia and Cyprus, is charged by criminal complaint, unsealed today, with export control violations, smuggling, wire fraud, and money laundering offenses based on his alleged participation in an ongoing scheme to procure U.S.-sourced microelectronics subject to U.S. export controls on behalf of a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.

Petrov was arrested on Aug. 26 in the Republic of Cyprus at the request of the United States.

“As alleged in the complaint, Arthur Petrov conspired to smuggle U.S. microelectronics technology with military applications to Russia, the type of components used by the Russian military in its unjust invasion of Ukraine,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “The Justice Department will not tolerate efforts to circumvent our export control laws to fuel the Russian war machine and those who try will find no refuge from U.S. justice. We thank our partners in the Republic of Cyprus for their law enforcement cooperation and continued support.” 

“Those how evade our export control restrictions to support Putin’s brutal war machine will be held accountable,” said Assistant Secretary of Commerce for Export Enforcement Matthew S. Axelrod. “In conjunction with today’s criminal action, we have issued a Temporary Denial Order to shutter this alleged illicit procurement network’s access to the type of U.S. micro-electronics embedded in Russian missiles and drones that have been used in its unprovoked war against the Ukrainian people.”

“Arthur Petrov is alleged to have participated in an international illicit procurement network based in Russia, using shell companies to smuggle shipments from U.S. distributors of microelectronics with military applications through intermediary countries in order to conceal the ultimate destination of these sensitive materials: Russia. As alleged, Petrov knew that the transactions and shipments were in contravention of U.S. export controls relating to Russia,” said U.S. Attorney Damian Williams for the Southern District of New York. “Efforts to illicitly supply Russia with U.S.-sourced military technology represent an affront to national security and will continue to be met with criminal prosecutions by this office.”

“Petrov’s alleged conduct in the complaint represents a complex, concerted scheme to circumvent U.S. law and export controls,” said Executive Assistant Director Larissa L. Knapp of the FBI’s National Security Branch. “The alleged creation and establishment of an intricate network of shell companies demonstrates the elaborate measures adversaries will take to steal sensitive technology. The FBI remains committed to dismantling criminal enterprises’ intent on threatening national security.”  

According to court documents, Petrov is a dual Russian-German national who works for LLC Electrocom VPK (Electrocom), a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military. Petrov and two co-conspirators (CC-1 and CC-2), who are Russian nationals also working for Electrocom, operated an illicit procurement network in Russia and elsewhere overseas. As alleged, following Russia’ invasion of Ukraine in February 2022 and continuing until August 2023, they fraudulently procured from U.S. distributors large quantities of microelectronics subject to U.S. export controls on behalf of Electrocom. To carry out the scheme, Petrov, CC-1, and CC-2 used shell companies and other deceptive means to conceal that the electronics components were destined for Russia. The technology that Petrov and his co-conspirators procured during the course of the conspiracy have significant military applications and include various types of electronics components of the sort that have been recovered in Russian military hardware on the battlefield in Ukraine, such as Russian guided missiles, drones, and electronic warfare and communications devices.

To perpetrate the scheme, Petrov first acquired the controlled microelectronics from U.S.-based electronics exporters using a Cyprus-based shell company, Astrafteros Technokosmos LTD (Astrafteros), which he operates. Petrov procured these sensitive electronics components by falsely representing to the U.S. exporters that Astrafteros was purchasing the items for fire security systems, among other commercial uses, and that the ultimate end-users and destinations of the electronics are companies in Cyprus or other third countries — when in fact the components are destined for Electrocom in Russia, which supplies manufacturers for the Russian military. The microelectronics that Petrov procured as part of the conspiracy include, among other things, microcontrollers and integrated circuits that are on the Commerce Control List maintained by the Commerce Department and cannot lawfully be exported or reexported to Russia without a license from the Commerce Department. Invoices provided to Petrov by the U.S. distributors expressly noted that these microcontrollers and integrated circuits are subject to U.S. export controls.

To evade these controls, Petrov, CC-1, and CC-2 worked together to transship the controlled items procured by Petrov using pass-through entities operated by CC-1 and CC-2 in third countries. CC-1 and CC-2 then caused the items to be shipped, sometimes through yet another country, to the ultimate destination: Electrocom in Saint Petersburg, Russia. At all times, Petrov, CC-1, and CC-2 concealed from the U.S. distributors that they were procuring the controlled electronics components on behalf of Electrocom and that the items were destined for Russia. During the course of the conspiracy, Petrov, CC-1, and CC-2 procured from U.S. distributors and shipped to Russia more than $225,000 worth of controlled electronics components with military applications.

Petrov is charged with one count of conspiracy to defraud the United States, which carries a maximum sentence of five years in prison; one count of conspiracy to violate the Export Control Reform Act (ECRA), which carries a maximum sentence of 20 years in prison; three counts of violating the ECRA, which each carry a maximum sentence of 20 years in prison; one count of conspiracy to smuggle goods from the United States, which carries a maximum sentence of five years in prison; three counts of smuggling goods from the United States, which each carry a maximum sentence of 10 years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; and one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI and the Department of Commerce’s Bureau of Industry and Security are investigating the case, with valuable assistance provided by the FBI’s Legal Attaché offices in Poland, Germany, and Athens, Greece; the Justice Department’s National Security Division; and the Justice Department’s Office of International Affairs. The Republic of Cyprus National Police also provided critical assistance in effecting the defendant’s arrest and detention at the request of the United States.

Assistant U.S. Attorney Kevin Sullivan for the Southern District of New York is prosecuting the case, with assistance from Trial Attorney Maria Fedor of the Counterintelligence and Export Control Section.

Today’s actions were coordinated through the Justice Department’s Task Force KleptoCapture and the Justice and Commerce Departments’ Disruptive Technology Strike Force. Task Force KleptoCapture is an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export restrictions, and economic countermeasures that the United States has imposed, along with its allies and partners, in response to Russia’s unprovoked military invasion of Ukraine. The Disruptive Technology Strike Force is an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation states.

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Joon H. Kim, the Acting United States Attorney for the Southern District of New York (“SDNY”), Kenneth A. Blanco, the Acting Assistant Attorney General for the Criminal Division of the Department of Justice (“DOJ”), Don Fort, Chief of the Criminal Investigation Division, Internal Revenue Service (“IRS-CI”), and Patrick J. Lechleitner, Special Agent in Charge of the U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (“HSI”) Washington, D.C., Field Office, announced today the filing of criminal charges against Telia Company AB (“Telia”), a multinational telecommunications company headquartered in Sweden, whose securities traded publicly in New York from 2002 until 2007, and its Uzbek subsidiary, Coscom LLC  (“Coscom”), for conspiring to violate the Foreign Corrupt Practices Act (“FCPA”) by paying more than $331 million in bribes to a government official in Uzbekistan. 

 

Mr. Kim also announced that in connection with the filed charges, Coscom pled guilty today before United States District Judge George B. Daniels, and SDNY and DOJ entered into a deferred prosecution agreement (“DPA”) with Telia.  Pursuant to the DPA, Telia admitted to participating in the charged conspiracy.  Telia will pay a total criminal penalty of $274,603,972 to the United States, which includes a $500,000 criminal fine and $40 million in criminal forfeiture that Telia agreed to pay on behalf of Coscom.  Telia also agreed to implement rigorous internal controls and cooperate fully with the Government’s ongoing investigation, including its investigation of individuals.

 

In related proceedings, Telia reached a settlement with the U.S. Securities and Exchange Commission (“SEC”) and the Public Prosecution Service of the Netherlands (“PPS”).  Under the terms of its civil resolution with the SEC, Telia agreed to pay $457,169,977 in disgorgement of profits and prejudgment interest.  Finally, Telia agreed to pay the PPS a criminal penalty of $274 million, which, together with the criminal penalty paid to the United States, yieldstotal criminal penalties of $548,603,972.  Because the SEC agreed to credit the $40 million paid in criminal forfeiture against the civil settlement amount, the total criminal and regulatory penalties to be paid by Telia is $965,773,949.

           

Acting U.S. Attorney Joon H. Kim said:  “Today, we announce one of the largest criminal corporate bribery and corruption resolutions ever, with penalties totaling just under a billion dollars.  Swedish telecom company Telia and its Uzbek subsidiary Coscom have admitted to paying, over many years, more than $331 million in bribes to an Uzbek government official.  Telia, whose securities traded publicly in New York, corruptly built a lucrative telecommunications business in Uzbekistan, using bribe payments wired around the world through accounts here in New York City.  If your securities trade on our exchanges and you use our banks to move ill-gotten money, then you have to abide by our country’s laws.  Telia and Coscom refused to do so, and they have been held accountable in Manhattan federal court today.” 

 

Acting Assistant Attorney General Kenneth A. Blanco said:  “This resolution underscores the Department’s continued and unwavering commitment to robust FCPA and white-collar criminal enforcement.  It also demonstrates the Department’s cooperative posture with its foreign counterparts to stamp out international corruption and to reach fair, appropriate and coordinated resolutions.  Foreign and domestic companies that pay bribes put honest companies at a disadvantage and distort the free and fair market and the rule of law.  Today’s resolution reflects the significant efforts of law enforcement, the Criminal Division and the U.S. Attorney’s Office for the Southern District of New York to bring such companies to justice, and to maintain a competitive and level playing field for companies to do business, create jobs and thrive.”

 

IRS-CI Chief Don Fort said:  “Today marks the second resolution of proceedings against corporate entities who have engaged in a global bribery scheme of government officials.  It also further demonstrates the dedication we have to identifying illegal financial transactions being used for bribery in the international community.  It is important that the global economy remain on a fair playing field and IRS-CI will remain committed in our efforts to dismantle these kinds of corrupt financial schemes.”

 

HSI Special Agent in Charge Patrick J. Lechleitner said:  “Today’s resolution marks a win against a foreign corruption scheme where millions of dollars in bribery funds were paid to Uzbekistan officials and laundered through the U.S. financial system.  HSI, working hand in hand with our partners at IRS Criminal Investigation, leveled the playing field for publicly traded companies by exposing these corrupt practices and helped the U.S. government collect nearly $275 million in criminal penalties.”

 

According to the allegations contained in the criminal Informations, which was filed today in Manhattan federal court, the statement of facts set forth in the DPA, and other publicly available information:

 

Between approximately 2007 and 2012, Telia and Coscom, through various executives, employees, and affiliated entities, paid more than $331 million in bribes to illegally obtain telecommunications business in Uzbekistan.  The bribes were paid to an Uzbek government official who was a close relative of a high-ranking government official and who exercised influence over Uzbek telecommunications industry regulators.  Telia and Coscom structured and concealed the bribes through various payments to a shell company that certain Telia and Coscom management knew was beneficially owned by the foreign official.  The bribes were paid on multiple occasions over a period of approximately five years so that Telia could enter the Uzbek market and Coscom could gain valuable telecom assets and continue operating in Uzbekistan. 

 

Under the direction and control of the Uzbek government official, more than $331 million in bribery proceeds were laundered through accounts held in various countries around the world.  The illicit funds were transmitted through financial institutions in the Southern District of New York before they were deposited into accounts in those countries.

 

This resolution, reached in coordination with the SEC and authorities in the Netherlands, marks the second such resolution by a major international telecommunciations provider for bribery in Uzbekistan.  On February 18, 2016, Amsterdam-based VimpelCom Limited and its Uzbek subsidiary, Unitel LLC, also entered into resolutions with the United States and admitted to a conspiracy to make more than $114 million in bribery payments to the same Uzbek government official between 2006 and 2012.  The investigation has thus far yielded a combined total of more than $1.76 billion in global fines and disgorgement, including more than $500 million in criminal penalties to the United States.  In related actions, the United States has also filed civil complaints seeking the forfeiture of more than $850 million held in bank accounts in Switzerland, Belgium, Luxembourg, and Ireland, which constitute bribe payments made by VimpelCom, Telia, and a third telecommunications company to the Uzbek official, or funds involved in the laundering of those corrupt payments. 

 

*                *                *

           

Coscom was charged with, and pled guilty to, one count of conspiring to violate the anti-bribery provisions of the FCPA.  Telia was charged in a one-count Information with conspiracy to violate the anti-bribery provisions of the FCPA.

 

Mr. Kim thanked the Fraud Section of the DOJ’s Criminal Division for their collaboration, and praised the efforts of IRS-CI, the IRS Global Illicit Financial Team, and HSI in the investigation.  He also thanked the SEC’s Division of Enforcement for its significant assistance and cooperation in the investigation.  Mr. Kim also thanked law enforcement colleagues within the PPS, the Swedish Prosecution Authority, and the Office of the Attorney General in Switzerland, as well as law enforcement colleagues in Austria, Belgium, Cyprus, France, Ireland, the Isle of Man, Latvia, Luxembourg, Norway, Switzerland, the Isle of Man, and the United Kingdom.  Mr. Kim also thanked the Department of Justice’s Office of International Affairs for its significant assistance in this matter.  The SEC referred the matter to the DOJ and also provided extensive cooperation and assistance.

 

The prosecution of this case is being handled by the Office’s Complex Frauds and Cybercrime Unit and the FCPA Unit of the Fraud Section of DOJ’s Criminal Division.  Assistant U.S. Attorney Edward A. Imperatore, Senior Litigation Counsel Nicola Mrazek, and Trial Attorney Ephraim Wernick are in charge of the prosecution.  MLARS Trial Attorney Michael Khoo is prosecuting the forfeiture case with substantial assistance from the Fraud Section and former MLARS Trial Attorney Marie M. Dalton, now an Assistant U.S. Attorney in the Western District of Washington. 

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, John C. Demers, Assistant Attorney General for National Security, William F. Sweeney Jr., Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), and Dermot F. Shea, Commissioner of the New York City Police Department (“NYPD”), announced today that ALI KOURANI was sentenced to 40 years in prison based on terrorism, sanctions, and immigration convictions arising from KOURANI’s illicit work as an operative for the Islamic Jihad Organization, Hizballah’s external attack-planning component.

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Ali Kourani was recruited, trained, and deployed by Hizballah’s Islamic Jihad Organization to plan and execute acts of terrorism around New York City.  After spending years conducting surveillance on the City’s critical infrastructure, federal buildings, international airports, and even daycare centers, he is now the first Islamic Jihad Organization operative to be convicted and sentenced for his crimes against the United States.  The lengthy prison term imposed today on Kourani sends an important message to Hizballah and the Islamic Jihad Organization:  If you are caught planning harm against this City and its residents, you will face justice and be held accountable.”

Assistant Attorney General John C. Demers said:  “While living in the United States, Kourani served as an operative of Hizballah in order to help the foreign terrorist organization prepare for potential future attacks against the United States.  With today’s sentence, he is being held accountable for his crimes.  The evidence at trial showed that Kourani searched for suppliers who could provide weapons for such attacks, identified people who could be recruited or targeted for violence, and gathered information about and conducted surveillance of potential targets within our country.  Such covert activities conducted on U.S. soil are a clear threat to our national security and I applaud the agents, analysts, and prosecutors who are responsible for this investigation and prosecution.”

FBI Assistant Director William F. Sweeney Jr. said:  “Ali Kourani’s arrest was a reminder to us all that New York City and its surrounding areas remain primary targets for those looking to conduct a violent attack against our way of life.  His sentencing today, however, is also a reminder of the many successes of our FBI JTTFs nationwide, and their never-ending determination to disrupt the plans of those working to harm us.”  

Police Commissioner Dermot F. Shea said:  “This sentencing is an another example of the dedicated work of the New York Joint Terrorism Task Force and the close partnership with the U.S. Attorney’s Office, Southern District, to combat terror and hold accountable those who seek to support and promote terrorist groups.  I thank the NYPD investigators and our law enforcement partners whose hard work brought Mr. Kourani to justice.”

As reflected in the criminal Complaint, Indictment, court filings, and evidence presented at trial: 

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components that was founded in the 1980s with support from Iran.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including United States citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world, and a continued security threat to the United States.

The Islamic Jihad Organization (IJO), which is also known as the External Security Organization and “910,” is a highly compartmentalized component of Hizballah responsible for the planning, preparation, and execution of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, killing six people and injuring 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, including chemicals manufactured by a medical devices company based in Guangzhou, China (Guangzhou Company-1), and a similar seizure of chemicals manufactured by Guangzhou Company-1 in Cyprus in May 2015 in connection with the arrest of another IJO operative. 

KOURANI, who was born in Lebanon, attended Hizballah-sponsored weapons training in Lebanon in 2000 when he was approximately 16 years old.  After lawfully entering the United States in 2003, KOURANI obtained a Bachelor of Science in biomedical engineering in 2009, and a Master of Business Administration in 2013.

KOURANI and certain of his relatives were in Lebanon during the summer 2006 conflict between Israel and Hizballah, when a residence belonging to his family was destroyed.  At some point by 2008, IJO recruited KOURANI to its ranks.  In August 2008, KOURANI submitted an application for naturalization in the United States in which he falsely claimed, among other things, that he was not affiliated with a terrorist organization.  In April 2009, KOURANI became a naturalized citizen and was issued a United States passport.  Despite claiming in his passport application that he had no travel plans, KOURANI traveled to Guangzhou, China – the location of Guangzhou Company-1 – on May 3, 2009.  The purpose of the trip was to develop relationships that the IJO could rely on to obtain ammonium nitrate to be used as an explosive precursor chemical. 

IJO assigned KOURANI an IJO handler, or mentor, responsible for providing him with taskings, debriefings, and arranging training.  KOURANI sometimes communicated with his handler using coded email communications, including messages sent by the handler that informed KOURANI of the need to return to Lebanon.  In order to establish contact with his handler when KOURANI returned to Lebanon, KOURANI called a telephone number associated with a pager (the IJO Pager) and provided a code that he understood was specific to him.  After contacting the IJO Pager, the handler would contact KOURANI to set up an in-person meeting by calling a phone belonging to one of KOURANI’s relatives.  The IJO also provided KOURANI with additional training in tradecraft, weapons, and tactics.  In 2011, for example, KOURANI attended a weapons training camp in the vicinity of Birkat Jabrur, Lebanon, where he used a rocket-propelled grenade launcher, an AK-47 assault rifle, an MP5 submachine gun, a PKS machine gun (a Russian-made belt-fed weapon) and a Glock pistol.

Based on other taskings from IJO personnel, which IJO personnel conveyed during periodic in-person meetings when KOURANI returned to Lebanon, KOURANI conducted operations, which he understood to be aimed at preparing for potential future Hizballah attacks.   These covert activities included searching for weapons suppliers in the United States who could provide firearms to support IJO operations; identifying individuals affiliated with the Israeli Defense Force whom the IJO could either recruit or target for violence; gathering information regarding operations and security at airports in the United States and elsewhere, including JFK International Airport in New York; and surveilling U.S. military and law enforcement facilities in New York City, including the federal building at 26 Federal Plaza in Manhattan.  KOURANI transmitted some of the products of his surveillance and intelligence-gathering efforts back to IJO personnel in Lebanon using digital storage media.

*                      *                      *

In addition to the prison term, KOURANI, 35, was also sentenced to five years of supervised release. 

Mr. Berman praised the outstanding efforts of the FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the New York City Police Department.  Mr. Berman also thanked the Counterterrorism Section of the Department of Justice’s National Security Division.

This prosecution is being handled by the Office’s Terrorism and International Narcotics Unit.  Assistant U.S. Attorneys Amanda L. Houle and Emil J. Bove III are in charge of the case, with assistance from Trial Attorney Bridget Behling of the Counterterrorism Section.

Damian Williams, the United States Attorney for the Southern District of New York, announced that ROGER RALSTON, the CEO of DirectView Holdings, Inc. (“DirectView”), a Florida-based video surveillance and security company, was sentenced to five years in prison for defrauding elderly victims in connection with an international telemarketing scheme that caused losses of nearly $16 million.  RALSTON previously pled guilty before U.S. District Judge Jed S. Rakoff, who imposed the sentence.  Co-defendants Christopher Wright and Steven Hooper previously pled guilty and were sentenced to 52 months in prison and 42 months in prison, respectively, for their roles in the fraud.

According to the allegations in the Indictment, court filings, and statements made in Court:

Between approximately 2009 and 2015, RALSTON and other co-conspirators engaged in a scheme to defraud victims in the United Kingdom of nearly $16 million through the sale of false, fraudulent, and materially misleading investments, and to launder the proceeds of the fraud through bank accounts in multiple foreign jurisdictions.  RALSTON and his co-conspirators used the services of telemarketing call centers to identify and cold-call potential victims, who were primarily elderly or retired individuals residing in the United Kingdom.  Over a series of telephone calls, the telemarketers persuaded victims to invest money under various false and misleading pretenses, including the promise of short-term, high-yield, no-risk returns, when in fact the investments were high-risk, illiquid, and in some instances, entirely fictitious.  Many victims were persuaded to make additional investments under the false pretense that they would be permitted to sell their holdings if (and only if) they purchased more.  In reliance on the false representations and promises, the victims wired funds to various bank accounts in the United States, including in the Southern District of New York, in the names of corporate entities controlled by RALSTON.  RALSTON then mailed and emailed documents related to the fraudulent investments, including purchase contracts and investment certificates, to the victims.  Victims who tried to sell their investments found that they were unable to do so.  The victims never received a refund on their principal or any return on their investments.  

In order to conceal the nature, location, source, ownership, and control of the proceeds of the fraudulent scheme, RALSTON regularly transferred a substantial portion of the fraud proceeds from bank accounts in the United States, including in the Southern District of New York, to overseas bank accounts, including accounts in Cyprus, Switzerland, and the United Kingdom, in the names of various shell companies controlled by RALSTON’s co-conspirators.

The nature of the particular fraudulent investment vehicles being marketed to the victims changed over time.  From in or about 2009 until in or about 2011, RALSTON and his co-conspirators sold DirectView stock to the victims based on telemarketers’ false representations and promises that the shares were a no-risk, short-term investment in a debt-free company and that the shares were likely to increase over 100% in value in a short period of time.  In contrast to what RALSTON represented to victims, DirectView’s annual report filed with the United States Securities and Exchange Commission for the year ending December 31, 2010, contained dire warnings about the poor fiscal health of DirectView and the risk attendant in purchasing stock, including that the company “may be forced to cease operations” due to losses and cash flow problems, and purchasers “may find it extremely difficult or impossible to resell our shares.”

From in or about 2011 until in or about 2015, RALSTON and his co-conspirators engaged in the sale of fraudulent carbon credits and offsets.  The boiler room callers appealed to victims by claiming that the investments would be environmentally friendly and help address the climate crisis.  The victims were falsely promised that the carbon-related investments they purchased could be easily sold, carried no risk, and would yield a significant, short-term return.  In fact, the carbon credits and offsets that were sold to the victims were fake and did not represent any actual carbon credits or offsets.  RALSTON caused fraudulent carbon certificates to be created and sent to the victims.

*                *                *

In addition to the prison term, RALSTON, 54, of Riviera Beach, Florida, was sentenced to three years of supervised released and ordered to pay restitution in the amount of $15,714,859 and forfeiture in the amount of $15,713,621.20.

Mr. Williams praised the outstanding investigative work of Internal Revenue Service-Criminal Investigation in this case.

This case is being prosecuted by the Office’s Money Laundering and Transnational Criminal Enterprises and Complex Frauds and Cybercrime Units.  Assistant U.S. Attorneys Jessica Feinstein, Olga I. Zverovich, and David Felton are in charge of the prosecution.

Arthur Petrov Allegedly Participated in a Russia-Based Illicit Procurement Network That, Subsequent to Russia’s Invasion of Ukraine, Illegally Procured Large Quantities of Sensitive Microelectronics for a Russian Company That Supplies Manufacturers for the Russian Military

Damian Williams, the United States Attorney for the Southern District of New York, Matthew G. Olsen, the Assistant Attorney General of the Justice Department’s National Security Division, James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), and Matthew S. Axelrod, the Assistant Secretary for Export Enforcement of the Commerce Department, announced the unsealing of a Complaint charging ARTHUR PETROV with export control violations, smuggling, wire fraud, and money laundering offenses based on PETROV’s alleged participation in a scheme to procure U.S.-sourced microelectronics subject to U.S. export controls on behalf of a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  PETROV was arrested on August 26, 2023, in the Republic of Cyprus at the request of the United States. 



U.S. Attorney Damian Williams said: “Arthur Petrov is alleged to have participated in an international illicit procurement network based in Russia, using shell companies to smuggle shipments from U.S. distributors of microelectronics with military applications through intermediary countries in order to conceal the ultimate destination of these sensitive materials: Russia.  As alleged, Petrov knew that the transactions and shipments were in contravention of U.S. export controls relating to Russia.  Efforts to illicitly supply Russia with U.S.-sourced military technology represent an affront to national security and will continue to be met with criminal prosecutions by this Office.”



Assistant Attorney General Matthew G. Olsen said: “As alleged in the complaint, Arthur Petrov conspired to smuggle U.S. microelectronics technology with military applications to Russia, the type of components used by the Russian military in its unjust invasion of Ukraine.  The Justice Department will not tolerate efforts to circumvent our export control laws to fuel the Russian war machine and those who try will find no refuge from U.S. justice. We thank our partners in the Republic of Cyprus for their law enforcement cooperation and continued support.” 

FBI Assistant Director in Charge James Smith said: "After Russia’s further invasion of Ukraine in February 2022, we allege Petrov participated in a global scheme to use shell companies from around the world to establish a clandestine procurement network and supply Russia’s military industrial complex with critical U.S. technology, including types of microelectronics recovered in Russian military equipment on the battlefield in Ukraine.  Petrov and his co-conspirators knowingly misrepresented their business activities to evade export controls in order to procure and transship components associated with Russian guided missiles, drones, and electronic warfare devices.  This is yet another example of Russia using illicit procurement networks to not only advance their military, but ultimately harm the national security of our country.  The FBI is resolute in its commitment to stopping Russia from rearming its military with U.S. technology.  Along with our international partners, we will bring to justice anyone who evades sanctions or violates the laws of the United States.”

Assistant Secretary for Export Enforcement Matthew S. Axelrod said: “Those who evade our export control restrictions to support Putin’s brutal war machine will be held accountable.  In conjunction with today’s criminal action, we are issuing a Temporary Denial Order to shutter this alleged illicit procurement network’s access to the type of U.S. microelectronics embedded in Russian missiles and drones that have been used in its unprovoked war against the Ukrainian people.”      

According to the allegations contained in the Complaint unsealed today in Manhattan federal court:[1]

ARTHUR PETROV is a dual Russian-German national who has resided in Russia and Cyprus and works for LLC Electrocom VPK (“Electrocom”), a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  PETROV and two co-conspirators (“CC-1” and “CC-2”), who are Russian nationals also working for Electrocom, operated an illicit procurement network in Russia and elsewhere overseas.  They have fraudulently procured from U.S. distributors large quantities of microelectronics subject to U.S. export controls on behalf of Electrocom.  To carry out the scheme, PETROV, CC-1, and CC-2 used shell companies and other deceptive means to conceal that the electronics components were destined for Russia.  The technology that PETROV and his co-conspirators have procured in contravention of export controls during the course of the conspiracy have significant military applications and include various types of electronics components that have been recovered in Russian military hardware on the battlefield in Ukraine, such as Russian guided missiles, drones, and electronic warfare and communications devices.

To perpetrate the scheme, PETROV first acquired the controlled microelectronics from U.S.-based electronics exporters using a Cyprus-based shell company, Astrafteros Technokosmos LTD (“Astrafteros”), which he operates.  PETROV procured these sensitive electronics components by falsely representing to the U.S. exporters that Astrafteros was purchasing the items for fire security systems, among other commercial uses, and that the ultimate end-users and destinations of the electronics are companies in Cyprus or other third countries — when in fact the components are destined for Electrocom in Russia, which supplies manufacturers for the Russian military.  The microelectronics that PETROV has procured as part of the conspiracy include, among other things, microcontrollers and integrated circuits that are on the Commerce Control List maintained by the Commerce Department and cannot lawfully be exported or reexported to Russia without a license from the Commerce Department.  Invoices provided to PETROV by the U.S. distributors expressly noted that these microcontrollers and integrated circuits are subject to U.S. export controls.

To evade these controls, PETROV, CC-1, and CC-2 worked together to transship the controlled items procured by PETROV using pass-through entities operated by CC-1 and CC-2 in third countries.  CC-1 and CC-2 then caused the items to be shipped, sometimes through yet another country, to the ultimate destination: Electrocom in Saint Petersburg, Russia.  At all times, PETROV, CC-1, and CC-2 concealed from the U.S. distributors that they were procuring the controlled electronics components on behalf of Electrocom and that the items were destined for Russia.  During the course of the conspiracy, PETROV, CC-1, and CC-2 procured from U.S. distributors and shipped to Russia more than $225,000 worth of controlled electronics components with military applications.

*                *                *

PETROV, 33, a dual Russian-German citizen who has resided in Russia and Cyprus, is charged with one count of conspiracy to defraud the United States, which carries a maximum sentence of five years in prison; one count of conspiracy to violate the Export Control Reform Act (“ECRA”), which carries a maximum sentence of 20 years in prison; three counts of violating the ECRA, which each carry a maximum sentence of 20 years in prison; one count of conspiracy to smuggle goods from the United States, which carries a maximum sentence of five years in prison; three counts of smuggling goods from the United States, which each carry a maximum sentence of 10 years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; and one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison.

The statutory maximum penalties are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant would be determined by a judge.

Mr. Williams praised the outstanding investigative work of the FBI and its New York Field Office, Counterintelligence Division and the New York Field Office of the Bureau of Industry and Security of the Department of Commerce.  Mr. Williams also thanked the FBI’s Legal Attaché offices in Poland, Germany, and Athens, Greece; the Department of Justice’s National Security Division, Counterintelligence and Export Control Section; and the Department of Justice’s Office of International Affairs for their assistance.  The Cyprus Police also provided critical assistance in effecting the defendant’s arrest and detention at the request of the United States.

This case is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorney Kevin Sullivan is in charge of the prosecution, with assistance from Trial Attorney Maria Fedor of the Counterintelligence and Export Control Section.

Today’s actions were coordinated through the Justice Department’s Task Force KleptoCapture and the Justice and Commerce Departments’ Disruptive Technology Strike Force.  Task Force KleptoCapture is an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export restrictions, and economic countermeasures that the United States has imposed, along with its allies and partners, in response to Russia’s unprovoked military invasion of Ukraine.  The Disruptive Technology Strike Force is an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation states.

The charges in the Complaint are merely accusations, and the defendant is presumed innocent unless and until proven guilty.





[1] As the introductory phrase signifies, the entirety of the text of the Complaint and the description of the Complaint set forth herein constitute only allegations, and every fact described should be treated as an allegation.





U.S. v. Petrov Complaint

Joon H. Kim, the Acting United States Attorney for the Southern District of New York, announced today that the United States has settled a money laundering and civil forfeiture action against assets of 11 corporations, including some that own luxury residential and high-end commercial real estate in Manhattan. The Government’s complaint alleged that the defendant corporations laundered some proceeds of a $230 million Russian tax refund fraud scheme involving corrupt Russian officials that was uncovered by Sergei Magnitsky, a Russian lawyer who died in pretrial detention in Moscow under suspicious circumstances and was posthumously prosecuted by Russia.

 

In the stipulation of settlement filed with U.S. District Judge William H. Pauley III today, which is still subject to approval by the Court, one of the defendant corporations, Prevezon Holdings Ltd., agrees to pay $5,896,333.65 to resolve the Government’s claims against all defendants. This payment represents triple the value of the proceeds that the Government alleged could be traced directly from the Russian treasury fraud to the defendants ($1,965,444.55), and more than ten times the amount of proceeds the Government alleged could be traced directly to property in New York (approximately $582,000).

 

Acting Manhattan U.S. Attorney Joon H. Kim said: “We will not allow the U.S. financial system to be used to launder the proceeds of crimes committed anywhere – here in the U.S., in Russia, or anywhere else. Under the terms of this settlement, the defendants have agreed to pay not just what we alleged flowed to them from the Russian treasury fraud, but three times that amount, and roughly 10 times the money we alleged could be traced directly into U.S. accounts and real estate.”

 

The Government’s lawsuit alleged as follows:

 

In 2007, a Russian criminal organization engaged in an elaborate tax refund fraud scheme resulting in a fraudulently obtained tax refund of approximately $230 million from the Russian treasury. As part of the fraud scheme, members of the organization stole the corporate identities of portfolio companies of the Hermitage Fund, a foreign investment fund operating in Russia. The organization’s members then used these stolen identities to make fraudulent claims for tax refunds.

 

In order to procure the refunds, the criminal organization fraudulently re-registered the Hermitage companies in the names of members of the organization, and then orchestrated sham lawsuits against these companies. These sham lawsuits involved members of the organization as both the plaintiffs (representing sham commercial counterparties suing the Hermitage companies) and the defendants (purporting to represent the Hermitage companies). In each case, the members of the organization purporting to represent the Hermitage companies confessed full liability in court, leading the courts to award large money judgments to the plaintiffs.

 

The purpose of the sham lawsuits was to fraudulently generate money judgments against the Hermitage companies. Members of the organization purporting to represent the Hermitage companies then used those money judgments to seek tax refunds. The basis of these refund requests was that the money judgments constituted losses eliminating the profits the Hermitage companies had earned, and thus the Hermitage companies were entitled to a refund of the taxes that had been paid on these profits. The requested refunds totaled 5.4 billion rubles, or approximately $230 million.

 

Members of the organization who were officials at two Russian tax offices corruptly approved the requests within one business day, and approximately $230 million was disbursed to members of the organization, purportedly on behalf of the Hermitage companies, two days later.

 

After perpetrating this fraud, members of the organization undertook illegal actions in order to conceal this fraud and retaliate against individuals who attempted to expose it. After learning of the lawsuits against its portfolio companies, Hermitage retained attorneys, including Russian lawyer Sergei Magnitsky, to investigate. Magnitsky and other attorneys for Hermitage uncovered the refund fraud scheme, and the complicity of Russian governmental officials in it, and were subject to retaliatory criminal proceedings against them. Magnitsky was arrested and died approximately a year later in pretrial detention. An independent Russian human rights council concluded that Magnitsky’s arrest and detention were illegal, that Magnitsky was denied necessary medical care in custody, that he was beaten by eight guards with rubber batons on the last day of his life, and that the ambulance crew that was called to treat him as he was dying was deliberately kept outside of his cell for more than an hour until he was dead.

 

Members of the criminal organization, and associates of those members, have also engaged in a broad pattern of money laundering in order to conceal the proceeds of the fraud scheme. In a complex series of transfers through shell corporations, the $230 million from the Russian treasury was laundered into numerous accounts in Russia and other countries. A portion of the funds stolen from the Russian treasury passed through several shell companies into Prevezon Holdings, Ltd., a Cyprus-based real estate corporation that is a defendant in the forfeiture action. Prevezon Holdings laundered these fraud proceeds into its real estate holdings, including investment in multiple units of high-end commercial space and luxury apartments in Manhattan, and created multiple other corporations, also subject to the forfeiture action, to hold these properties.

 

* * *

 

A chart listing the companies named as defendants in the lawsuit is attached.

 

Mr. Kim praised the outstanding investigative work of ICE HSI New York’s El Dorado Task Force.

 

This case is being handled by the Office’s Money Laundering and Asset Forfeiture Unit. Assistant United States Attorneys Paul M. Monteleoni, Cristine Irvin Phillips, and Tara M. LaMorte are in charge of the case.

 



Prevezon Holdings, Ltd.





Prevezon Alexander, LLC





Prevezon Soho USA, LLC





Prevezon Seven USA, LLC





Prevezon Pine USA, LLC





Prevezon 1711 USA, LLC





Prevezon 1810, LLC





Prevezon 2009 USA, LLC





Prevezon 2011 USA, LLC





Ferencoi Investments, Ltd.





Kolevins Ltd.



 

Joon H. Kim, the Acting United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced criminal charges against EVALDAS RIMASAUSKAS for orchestrating a fraudulent business email compromise scheme that induced two U.S.-based internet companies (the “Victim Companies”) to wire a total of over $100 million to bank accounts controlled by RIMASAUSKAS. RIMASAUSKAS was arrested late last week by authorities in Lithuania on the basis of a provisional arrest warrant.  The case has been assigned to U.S. District George B. Daniels. 

Acting U.S. Attorney Joon H. Kim said:  “From half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals. And this arrest should serve as a warning to all cyber criminals that we will work to track them down, wherever they are, to hold them accountable. The charges and arrest in this case were made possible thanks to the terrific work of the FBI and the cooperation of the victim companies and their financial institutions. We thank the companies and their banks for acting quickly, coming forward promptly, and cooperating with law enforcement; it led not only to the charges announced today, but also the recovery of much of the stolen funds.”

FBI Assistant Director William F. Sweeney Jr. said:  “As alleged, Evaldas Rimasauskas carried out a business email compromise scheme creatively targeting two very specific victim companies. He was initially successful, acquiring over $100 million in proceeds that he wired to various bank accounts worldwide. But his footprint would eventually lead investigators to the truth, and today we expose his lies. Criminals continue to commit a wide variety of crimes online, and significant cyber data breaches have had a negative impact across a variety of industries. The FBI will continue to work with our domestic and international partners to pursue criminals who engage in this type of activity, wherever they may be hiding.”

According to the allegations contained in the Indictment unsealed today[1]:

From at least in or around 2013 through in or about 2015, RIMASAUSKAS orchestrated a fraudulent scheme designed to deceive the Victim Companies, including a multinational technology company and a multinational online social media company, into wiring funds to bank accounts controlled by RIMASAUSKAS.  Specifically, RIMASAUSKAS registered and incorporated a company in Latvia (“Company-2”) which bore the same name as an Asian-based computer hardware manufacturer (“Company-1”), and opened, maintained, and controlled various accounts at banks located in Latvia and Cyprus in the name of Company-2.  Thereafter, fraudulent phishing emails were sent to employees and agents of the Victim Companies, which regularly conducted multimillion-dollar transactions with Company-1, directing that money the Victim Companies owed Company-1 for legitimate goods and services be sent to Company-2’s bank accounts in Latvia and Cyprus, which were controlled by RIMASAUSKAS.  These emails purported to be from employees and agents of Company-1, and were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents of Company-1, but in truth and in fact, were neither sent nor authorized by Company-1.  This scheme succeeded in deceiving the Victim Companies into complying with the fraudulent wiring instructions.

After the Victim Companies wired funds intended for Company-1 to Company-2’s bank accounts in Latvia and Cyprus, RIMASAUSKAS caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.  RIMASAUSKAS also caused forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer. 

Through these false and deceptive representations over the course of the scheme, RIMASAUSKAS, the defendant, caused the Victim Companies to transfer a total of over $100,000,000 in U.S. currency from the Victim Companies’ bank accounts to Company-2’s bank accounts.

*                *                *

RIMASAUSKAS, 48, of Vilnius, Lithuania, is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison, and one count of aggravated identity theft, which carries a mandatory minimum sentence of two years in prison. 

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge. 

Mr. Kim praised the outstanding investigative work of the FBI, and thanked the Prosecutor General’s Office of the Republic of Lithuania, the Lithuanian Criminal Police Bureau, the Vilnius District Prosecutor’s Office and the Economic Crime Investigation Board of Vilnius County Police Headquarters for their assistance in the investigation and arrests, as well as the Department of Justice’s Office of International Affairs.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorney Eun Young Choi is in charge of the prosecution.  Assistant U.S. Attorney Edward Diskant is handling the forfeiture aspects of the prosecution. 

The charges contained in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.

 



[1] As the introductory phrase signifies, the entirety of the text of the Indictment, and the description of the Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.

Damian Williams, the United States Attorney for the Southern District of New York,  Andrew C. Adams, Task Force KleptoCapture Director, Michael J. Driscoll, the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), and Matthew S. Axelrod, Assistant Secretary of Commerce for Export Enforcement, announced today that the United States of America has been authorized to seize a Boeing 787-8 aircraft and a Gulfstream G650ER aircraft owned and/or controlled by Russian oligarch Roman Abramovich, pursuant to a seizure warrant from the U.S. District Court for the Southern District of New York, which found that the airplanes are subject to seizure and forfeiture based on probable cause of violations of the Export Control Reform Act (“ECRA”) and the recent sanctions issued against Russia.

U.S. Attorney Damian Williams said:  “Today’s affidavit and warrant demonstrate the Southern District’s commitment to bring to bear every legal tool available for enforcement of sanctions and export controls imposed in response to Russia’s illegal war in Ukraine.  Our international partners — nations devoted to the rule of law — far outnumber those jurisdictions where these aircraft can safely hide, and our investigation of illegal exports in violation of U.S. law will continue unabated.”

Task Force KleptoCapture Director Andrew C. Adams said:  “Today’s action reflects the global scope of the United States’ response to illegal Russian aggression in Ukraine.  While we seek to execute on these warrants, the Task Force eagerly anticipates working with international partners to uphold the rule of law and reminds members of the aviation, insurance, and financial industries that these aircraft constitute tainted property under active investigation by the United States.”

FBI Assistant Director Michael J. Driscoll said:  “These wealthy Russian oligarchs have helped foster an environment that enabled Russia to pursue its deadly war in Ukraine.  The seizure of their valuable possessions, including these two aircraft, is just one way the U.S government holds accountable those who break U.S. laws and support Russia in its attempt to conquer a sovereign nation.  Our work has only just begun and we won't back away.”

Assistant Secretary of Commerce for Export Enforcement Matthew S. Axelrod:  “The Commerce Department has put in place unprecedented export controls in response to Russia’s illegal war against Ukraine.  Today’s action, and our recent changes to make such actions public when brought, provides notice to the world of our commitment to enforce those controls aggressively in a transparent way, consistent with our commitment to the rule of law.”

According to the seizure warrant and affidavit sworn out today:[1]

In response to Russia’s invasion of Ukraine, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) issued various sanctions against Russia that impose export controls and license requirements to protect U.S. national security and foreign policy interests.  These Russia sanctions include expanded prohibitions on the export, reexport, or in-country transfer of U.S.-manufactured aircraft and aircraft parts and components to or within Russia without a BIS license, and eliminate the availability of any license exception for aircraft owned or controlled, or under charter or lease, by Russia or a Russian national.

The Boeing and the Gulfstream each were reexported to Russia (i.e., flown from a foreign country to Russia) in violation of the ECRA and regulations issued thereunder, including the recent Russia sanctions.  The Boeing was flown to Russia on March 4, 2022 without a BIS license and without a license exception, and is now in the United Arab Emirates.  The Gulfstream was flown to Russia on March 12 and 15, 2022 without a BIS license and without a license exception, and remains in Russia.  The Boeing and Gulfstream are owned and/or controlled by Roman Abramovich, a Russia national, through a series of shell companies in Cyprus, Jersey, and the British Virgin Islands. 

The Boeing (pictured below), bearing tail number P4-BDL and manufacturer serial number 37306, is believed to be worth approximately $350 million.











 

The Gulfstream (pictured below), bearing tail number LX-RAY and manufacturer serial number 6417, is believed to be worth approximately $60 million. 











 

*                *                *

Mr. Williams praised the outstanding work of the FBI and BIS.  In a charging letter that separately issued today, BIS initiated administrative proceedings against Roman Abramovich, seeking penalties of up to twice the value of the Boeing and the Gulfstream.  Mr. Williams further thanked the Justice Department’s National Security Division and Office of International Affairs, the U.S. Treasury Department’s Office of Foreign Assets Control, and Her Majesty’s Attorney General for the Bailiwick of Jersey for their assistance in this investigation. 

This case is being handled by the Office’s Money Laundering and Transnational Criminal Enterprises Unit and National Security and International Narcotics Unit.  Assistant United States Attorneys Joshua A. Naftalis, Anden Chow, Michael D. Lockard, and Kaylan E. Lasky are in charge of the investigation. 

The investigation was coordinated through the Justice Department’s Task Force KleptoCapture, an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export controls, and economic countermeasures that the United States, along with its foreign allies and partners, has imposed in response to Russia’s unprovoked military invasion of Ukraine.  Announced by the Attorney General on March 2 and run out of the Office of the Deputy Attorney General, the task force will continue to leverage all of the Department’s tools and authorities to combat efforts to evade or undermine the collective actions taken by the U.S. government in response to Russian military aggression.

 



[1]   The burden to prove forfeitability in a forfeiture proceeding is upon the government.

Damian Williams, the United States Attorney for the Southern District of New York, announced that ROGER RALSTON, the CEO of DirectView Holdings, Inc. (“DirectView”), a Florida-based video surveillance and security company, pled guilty today to one count of conspiracy to commit wire fraud for defrauding elderly victims in connection with the fraudulent sale of stock and fake carbon credits as part of an international telemarketing scheme that caused nearly $16 million in losses.  RALSTON pled guilty before U.S. District Judge Jed S. Rakoff.  Co-defendants Christopher Wright and Steven Hooper previously pled guilty and were sentenced to 52 months in prison and 42 months in prison, respectively, for their roles in the fraud.

According to the allegations in the Indictment, court filings, and statements made in Court:

From in or about 2009 up to and including in or about 2015, RALSTON and other co-conspirators engaged in a scheme to defraud victims in the United Kingdom of nearly $16 million through the sale of false, fraudulent, and materially misleading investments, and to launder the proceeds of the fraud through bank accounts in the United States and foreign countries.  RALSTON and his co-conspirators used the services of telemarketing call centers to identify and cold-call potential victims, who were primarily elderly or retired individuals residing in the United Kingdom.  Over a series of telephone calls, the telemarketers persuaded victims to invest money under various false and misleading pretenses, including the promise of short-term, high-yield, no-risk returns, when in fact the investments were high-risk, illiquid, and in some instances, entirely fictitious.  Many victims were persuaded to make additional investments under the false pretense that they would not be permitted to sell their holdings until they purchased more.  In reliance on the false representations and promises, the victims wired funds to various bank accounts in the United States, including in the Southern District of New York, in the names of corporate entities controlled by RALSTON.  RALSTON then mailed and emailed documents related to the fraudulent investments, including purchase contracts and investment certificates, to the victims.  Victims who tried to sell their investments found they were unable to do so.  The victims never received a refund on their principal or any return on their investments.  

In order to conceal the nature, location, source, ownership, and control of the proceeds of the fraudulent scheme, RALSTON regularly transferred a substantial portion of the fraud proceeds from bank accounts in the United States, including in the Southern District of New York, to overseas bank accounts, including accounts in Cyprus, Switzerland, and the United Kingdom, in the names of various shell companies controlled by RALSTON’s co-conspirators.

The nature of the particular fraudulent investment vehicles being marketed to the victims changed over time.  From in or about 2009 until in or about 2011, RALSTON and his co-conspirators sold DirectView stock to the victims based on telemarketers’ false representations and promises that the shares were a no-risk, short-term investment in a debt-free company, and that the shares were likely to increase over 100 percent in value in a short period of time.  In contrast to what RALSTON represented to victims, DirectView’s annual report filed with the United States Securities and Exchange Commission for the year ending December 31, 2010, contained dire warnings about the poor fiscal health of DirectView and the risk attendant in purchasing stock, including that the company “may be forced to cease operations” due to losses and cash flow problems, and purchasers “may find it extremely difficult or impossible to resell our shares.”

From in or about 2011 until in or about 2015, RALSTON and his co-conspirators engaged in the sale of fraudulent “carbon credits.”  The boiler room callers appealed to victims by claiming that the investments would be environmentally friendly and help address the climate crisis.  “Carbon credits,” which are issued as part of governmental and voluntary regulatory regimes, are permits representing the right to emit a certain number of tons of carbon dioxide into the atmosphere. “Carbon offsets,” which are tied to particular carbon-dioxide emissions reducing projects, represent a reduction in carbon dioxide emissions, and can be purchased by individuals and companies to “offset” their or third parties’ “carbon-footprints.”  The victims were falsely promised that the carbon-related investments they purchased could be easily sold, carried no risk, and would yield a significant, short-term return.  In fact, the carbon credits and offsets that were sold to the victims were fake, and did not represent any actual carbon credits or offsets.  Ralston caused fraudulent carbon certificates to be created and sent to the victims.   

*                *                *

RALSTON, 53, of Florida, pled guilty to one count of conspiracy to commit wire fraud, which carries a maximum sentence of 30 years in prison.  As part of his guilty plea, RALSTON also agreed to forfeit $15,713,621.20 and to pay restitution in the same amount to victims of the scheme.  RALSTON is scheduled to be sentenced by Judge Rakoff on December 13, 2022, at 4 p.m.

The maximum potential sentence in this case is prescribed by Congress and is provided here for informational purposes only, as RALSTON’s sentence will be determined by the judge.

Mr. Williams praised the outstanding investigative work of IRS Criminal Investigation in this case.

This case is being prosecuted by the Office’s Money Laundering and Transnational Criminal Enterprises and Complex Frauds and Cybercrime Units. Assistant U.S. Attorneys Jessica Feinstein, Olga I. Zverovich, and David Felton are in charge of the prosecution.

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced that EVALDAS RIMASAUSKAS, a Lithuanian citizen, was sentenced today to 60 months in prison for participating in a fraudulent business email compromise scheme that induced two U.S.-based Internet companies (the “Victim Companies”) to wire a total of over $120 million to bank accounts he controlled.  RIMASAUSKAS previously pled guilty to one count of wire fraud before U.S. District Judge George B. Daniels, who imposed today’s sentence.

U.S. Attorney Geoffrey S. Berman said:  “Evaldas Rimasauskas devised an audacious scheme to fleece U.S. companies out of more than $120 million, and then funneled those funds to bank accounts around the globe.  Rimasauskas carried out his high-tech theft from halfway across the globe, but he got sentenced to prison right here in Manhattan federal court.”

According to the allegations in the Indictment to which RIMASAUSKAS pled guilty, court filings, and statements made in public court proceedings:

From at least in or around 2013 through in or about 2015, RIMASAUSKAS orchestrated a fraudulent scheme designed to deceive the Victim Companies, including a multinational technology company and a multinational online social media company, into wiring funds to bank accounts controlled by RIMASAUSKAS.  Specifically, RIMASAUSKAS registered and incorporated a company in Latvia (“Company-2”) that bore the same name as an Asian-based computer hardware manufacturer (“Company-1”), and opened, maintained, and controlled various accounts at banks located in Latvia and Cyprus in the name of Company-2.  Thereafter, fraudulent phishing emails were sent to employees and agents of the Victim Companies, which regularly conducted multimillion-dollar transactions with Company-1, directing that money the Victim Companies owed Company-1 for legitimate goods and services be sent to Company-2’s bank accounts in Latvia and Cyprus, which were controlled by RIMASAUSKAS.  These emails purported to be from employees and agents of Company-1, and were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents of Company-1, but in truth and in fact, were neither sent nor authorized by Company-1.  This scheme succeeded in deceiving the Victim Companies into complying with the fraudulent wiring instructions.

After the Victim Companies wired funds intended for Company-1 to Company-2’s bank accounts in Latvia and Cyprus, RIMASAUSKAS caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.  RIMASAUSKAS also caused forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer.

Through these false and deceptive representations over the course of the scheme, RIMASAUSKAS, the defendant, caused the Victim Companies to transfer a total of over $120,000,000 in U.S. currency from the Victim Companies’ bank accounts to Company-2’s bank accounts. 

            RIMASAUSKAS was arrested by Lithuanian authorities in March 2017, pursuant to a provisional arrest warrant, and was extradited to the Southern District of New York in August 2017.

*                *                *

In addition to the prison term, Judge Daniels ordered RIMASAUSKAS to serve two years of supervised release, to forfeit $49,738,559.41, and to pay restitution in the amount of $26,479,079.24.

Mr. Berman praised the outstanding investigative work of the Federal Bureau of Investigation, and thanked the Prosecutor General’s Office of the Republic of Lithuania, the Lithuanian Criminal Police Bureau, the Vilnius District Prosecutor’s Office and the Economic Crime Investigation Board of Vilnius County Police Headquarters, the Prosecutor General’s Office of the Republic of Latvia, and the International Assistance Group at the Department of Justice, Canada, for their assistance in the investigation, arrests, and extradition, as well the Department of Justice’s Office of International Affairs.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorneys Eun Young Choi and Olga Zverovich are in charge of the prosecution. 

Damian Williams, the United States Attorney for the Southern District of New York, announced that CHRISTOPHER WRIGHT and STEVEN HOOPER were sentenced to 52 months in prison and 42 months in prison, respectively, for defrauding elderly victims in connection with the fraudulent sale of stock and fake carbon credits as part of an over $16 million international telemarketing scheme.  WRIGHT and HOOPER previously pled guilty before U.S. District Judge Jed S. Rakoff, who imposed the sentences. 

According to the allegations in the Indictment, court filings, and statements made in Court:

From in or about 2009 up to and including in or about 2015, WRIGHT, HOOPER, and other co-conspirators engaged in a scheme to defraud victims in the United Kingdom through the sale of false, fraudulent, and materially misleading investments, and to launder the proceeds of the fraud through bank accounts in the United States and foreign countries.  WRIGHT and HOOPER used the services of telemarketing call centers to identify and cold-call potential victims, who were primarily elderly or retired individuals residing in the United Kingdom.  Over a series of telephone calls, the telemarketers persuaded victims to invest money under various false and misleading pretenses, including the promise of short-term, high-yield, no-risk returns, when in fact the investments were high-risk, illiquid, and in some instances, entirely fictitious.  Many victims were persuaded to make additional investments under the false pretense that they would not be permitted to sell their holdings until they purchased more.  In reliance on the false representations and promises, the victims wired funds to various bank accounts in the United States, including in the Southern District of New York, in the names of corporate entities controlled by one of WRIGHT’s and HOOPER’s co-conspirators.  WRIGHT and HOOPER assisted in emailing of documents related to the fraudulent investments, including purchase contracts and investment certificates, to the victims.  Victims who tried to sell their investments found they were unable to do so.  The victims never received a refund on their principal or any return on their investments. 

In order to conceal the nature, location, source, ownership, and control of the proceeds of the fraudulent scheme, WRIGHT, HOOPER, and their co-conspirators set up overseas bank accounts, including in Cyprus, Switzerland, and the United Kingdom, in the names of various shell companies, which were used to launder a substantial portion of the fraud proceeds.

The nature of the particular fraudulent investment vehicles being marketed to the victims changed over time.  From in or about 2009 until in or about 2011, WRIGHT and his co-conspirators sold the stock of Florida-based corporation DirectView Holdings, Inc. (“DirectView”) to the victims based on telemarketers’ false representations and promises that the shares were a no-risk, short-term investment in a debt-free company, and that the shares were likely to increase over 100 percent in value in a short period of time.  In fact, DirectView’s annual report filed with the United States Securities and Exchange Commission (“SEC”) for the year ending December 31, 2010, contained dire warnings about the poor fiscal health of DirectView and the risk attendant in purchasing stock, including that the company “may be forced to cease operations” due to losses and cash flow problems, and purchasers “may find it extremely difficult or impossible to resell our shares.” 

From in or about 2011 until in or about 2015, WRIGHT, HOOPER, and their co-conspirators engaged in the sale of fraudulent “carbon credits.”  The boiler room callers appealed to victims by claiming that the investments would be environmentally friendly and help address the climate crisis.  “Carbon credits,” which are issued as part of governmental and voluntary regulatory regimes, are permits representing the right to emit a certain number of tons of carbon dioxide into the atmosphere. “Carbon offsets,” which are tied to particular carbon-dioxide emissions reducing projects, represent a reduction in carbon dioxide emissions, and can be purchased by individuals and companies to “offset” their or third parties’ “carbon-footprints.”  The victims were falsely promised that the carbon-related investments they purchased could be easily sold, carried no risk, and would yield a significant, short-term return.  In fact, the carbon credits and offsets that were sold to the victims were fake, and did not represent any actual carbon credits or offsets. 

In total, victims lost over $16 million.

*                *                *

In addition to their prison terms, WRIGHT, 49, and HOOPER, 49, who are both citizens of the United Kingdom, were ordered to pay restitution in the respective amounts of $16,407,459.52 and $14,457,104.19. WRIGHT and HOOPER were also ordered to pay forfeiture in the amount of $1,632,443.10 and $760,977.12, respectively.

Mr. Williams praised the outstanding investigative work of IRS Criminal Investigation in this case.

This case is being prosecuted by the Office’s Money Laundering and Transnational Criminal Enterprises and Complex Frauds and Cybercrime Units. Assistant U.S. Attorneys Jessica Feinstein, Olga I. Zverovich, and David Felton are in charge of the prosecution.

Damian Williams, the United States Attorney for the Southern District of New York, announced that ALEXEI SAAB, a/k/a “Ali Hassan Saab,” a/k/a “Alex Saab,” a/k/a “Rachid,” was convicted today of receiving military-type training from a designated foreign terrorist organization, Hizballah, marriage fraud conspiracy, and making false statements, following a two-week trial before the Honorable Paul G. Gardephe. 

U.S. Attorney Damian Williams said:  “A unanimous jury found today that Alexei Saab is guilty of receiving military-type training from Hizballah, a known terrorist organization.  The evidence at trial showed that Saab surveilled some of New York’s most iconic and highly trafficked locations, such as the U.N. headquarters, Statue of Liberty, Rockefeller Center, Times Square, the Empire State Building, and local airports, tunnels, and bridges— in order to provide critical intelligence on how they could be most effectively attacked.  Saab’s chilling campaign against the American ideals of liberty and freedom has thankfully come to an end.”

According to court documents and evidence at trial:

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components.  Hizballah was founded in the 1980s with support from Iran after the 1982 Israeli invasion of Lebanon, and its mission includes establishing a fundamentalist Islamic state in Lebanon.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including United States citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2001, pursuant to Executive Order 13224, the U.S. Department of Treasury designated Hizballah a Specially Designated Global Terrorist entity.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world, and a continued security threat to the United States.

The Islamic Jihad Organization (“IJO”), which is also known as the External Security Organization and “910,” is a component of Hizballah responsible for the planning and coordination of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, which killed six people and injured 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, and a seizure of similar chemicals in May 2015 in connection with the arrest of another IJO operative.  In June 2017, two IJO operatives were arrested in the United States and charged with terrorism-related offenses in the Southern District of New York.  In May 2019, a jury convicted one of those two IJO operatives on all counts, and in December 2019, he was sentenced principally to a prison term of 40 years. 

SAAB joined Hizballah in 1996.  SAAB’s first Hizballah operations occurred in Lebanon, where he was tasked with observing and reporting on the movements of Israeli and Southern Lebanese Army soldiers in Yaroun, Lebanon.  Among other things, SAAB reported on patrol schedules and formations, procedures at security checkpoints, and the vehicles used by soldiers.  SAAB also, alongside his brother, planted an improvised explosive device that detonated and hit Israeli soldiers, seriously injuring at least one.

In approximately 1999, SAAB attended his first Hizballah training.  The training was focused on the use of firearms, and SAAB handled and fired an AK-47, an M16 rifle, and a pistol, and threw grenades.  In 2000, SAAB transitioned to membership in Hizballah’s unit responsible for external operations, the IJO, and he then received extensive training in IJO tradecraft, weapons, and military tactics, including how to construct and detonate bombs and other explosive devices and how to best use these devices in attacks.  Specifically, SAAB received detailed instruction in, among other things, triggering mechanisms, explosive substances, detonators, and the assembly of circuits. 

In 2000, SAAB entered the United States.  While living in the United States, SAAB remained an IJO operative, continued to receive military training in Lebanon, and conducted numerous operations for the IJO.  For example, SAAB surveilled dozens of locations in New York City—including the United Nations headquarters, the Statue of Liberty, Rockefeller Center, Times Square, the Empire State Building, and local airports, tunnels, and bridges—and provided detailed information on these locations, including photographs, to the IJO.  In particular, SAAB focused on the structural weaknesses of locations he surveilled in order to determine how a future attack could cause the most destruction.  SAAB’s reporting to the IJO included the materials used to construct a particular target, how close in proximity one could get to a target, and site weaknesses or “soft spots” that the IJO could exploit if it attacked a target in the future.  SAAB conducted similar intelligence gathering in a variety of large American cities, including Boston and Washington, D.C.   SAAB also was tasked by Hizballah with opening a front company that he could use to obtain fertilizer in the United States for use as an explosives precursor.

In addition to his attack-planning activities in the United States, SAAB conducted operations abroad.  For example, in or about 2003, SAAB attempted to murder a man he later understood to be a suspected Israeli spy.  SAAB pointed a firearm at the individual at close range and pulled the trigger twice, but the firearm did not fire.  SAAB also conducted surveillance in Istanbul, Turkey, and elsewhere.

Finally, in or about 2012, SAAB entered into a fraudulent marriage in exchange for $20,000.  The purpose of the marriage was for SAAB’s purported wife to apply for her citizenship.  SAAB later falsely affirmed, under penalty of perjury, and in connection with his purported wife’s efforts to obtain status in the United States, that the marriage was not for any immigration-related purposes. 

*                      *                      *

SAAB, 44, of Morristown, New Jersey, was convicted of one count of receiving military-type training from a designated foreign terrorist organization, which carries a potential sentence of 10 years in prison; one count of conspiracy to commit marriage fraud, which carries a maximum sentence of five years in prison; and one count of making false statements, which carries a maximum sentence of five years in prison.  SAAB was also acquitted of one count of conspiracy to provide material support to Hizballah, one count of citizenship application fraud, and one count of naturalization fraud. 

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as the defendant’s sentence will be determined by Judge Gardephe.

Mr. Williams praised the outstanding efforts of the FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the Federal Bureau of Investigation and detectives from the New York City Police Department.  Mr. Williams also thanked the Counterterrorism Section of the Department of Justice’s National Security Division.

This prosecution is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorneys Sam Adelsberg, Jessica Fender, and Jason A. Richman are in charge of the prosecution, with assistance from Trial Attorney Alexandra Hughes of the Counterterrorism Section.

Audrey Strauss, the United States Attorney for the Southern District of New York, announced that GEORGE BRIDI, a citizen of the United Kingdom, was extradited to the United States from Cyprus on August 31, 2021.  BRIDI was extradited on charges of conspiracy to commit copyright infringement, wire fraud conspiracy, and conspiracy to commit interstate transportation of stolen property, for his involvement in the Sparks Group, an international piracy group that illegally distributed movies and television shows on the Internet. 

BRIDI was arrested on August 23, 2020, in Paphos, Cyprus.  BRIDI will be presented and arraigned today before U.S. Magistrate Judge Ona T. Wang.  Codefendant Jonatan Correa, a/k/a “Raid,” previously pled guilty to conspiracy to commit copyright infringement and was sentenced on May 19, 2021, to three years and three months of supervised release, with the first three months to be served in community confinement.  Codefendant Umar Ahmad, a citizen of Norway, remains at large.  The case is assigned to U.S. District Judge Richard M. Berman. 

U.S. Attorney Audrey Strauss said: “As alleged, George Bridi was a member of an international video piracy ring that circumvented copyright protections on nearly every movie released by major production studios, as well as television shows, and distributed them worldwide on the Internet.  Thanks to the assistance of our law enforcement partners, the piracy ring has been busted and Bridi is now in U.S. custody.”

According to the allegations contained in the Indictments[[1]]:

Between 2011 and the present, Umar Ahmad, a/k/a “Artist,” GEORGE BRIDI, Jonatan Correa, a/k/a “Raid,” and others known and unknown were members of the Sparks Group, a criminal organization that disseminated on the Internet movies and television shows prior to their retail release date, including nearly every movie released by major production studios, after compromising the content’s copyright protections.

In furtherance of its scheme, the Sparks Group fraudulently obtained copyrighted DVDs and Blu-Ray discs from wholesale distributors in advance of their retail release date by, among other things, making various misrepresentations to the wholesale distributors concerning the reasons that they were obtaining the discs prior to the retail release date.   

Sparks Group members then used computers with specialized software to compromise the copyright protections on the discs, a process referred to as “cracking” or “ripping,” and to reproduce and encode the content in a format that could be easily copied and disseminated over the Internet.  They thereafter uploaded copies of the copyrighted content onto servers controlled by the Sparks Group, where other members further reproduced and disseminated the content on streaming websites, peer-to-peer networks, torrent networks, and other servers accessible to public.  The Sparks Group identified its reproductions by encoding the filenames of reproduced copyrighted content with distinctive tags, and also uploaded photographs of the discs in their original packaging to demonstrate that the reproduced content originated from authentic DVDs and Blu-Ray discs.

Ahmad and BRIDI arranged for discs to be picked up, mailed, or delivered from distributors located in Manhattan, Brooklyn, and New Jersey to other members of the Sparks Group, including Correa, prior to their official release date.  Ahmad, BRIDI, and Correa then reproduced, and aided and abetted the reproduction of, these discs by using computer software that circumvented copyright protections on the discs and reproducing the copyrighted content for further distribution on the Internet. 

The Sparks Group has caused tens of millions of dollars in losses to film production studios.

On August 26, 2020, in coordination with law enforcement authorities in 17 countries and supported by Eurojust and Europol, dozens of servers controlled by the Sparks Group were taken offline around the world, including in North America, Europe, and Asia.  The Sparks Group utilized these servers to store and disseminate copyrighted content illegally to members around the globe. 

*              *             *

BRIDI, 50, is charged with copyright infringement conspiracy, which carries a maximum penalty of five years in prison; wire fraud conspiracy, which carries a maximum penalty of 20 years in prison; and conspiracy to transport stolen property interstate, which carries a maximum penalty of five years in prison.    

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

 Ms. Strauss praised the outstanding work of Homeland Security Investigations and the U.S. Postal Inspection Service.  She also thanked Europol and Eurojust as well as law enforcement authorities in the following countries for their assistance in the investigation: Canada, Cyprus, Czech Republic, Denmark, France, Germany, Italy, Republic of Korea, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, and the United Kingdom. 

The case is being prosecuted by the Office’s Violent and Organized Crime Unit.  Assistant United States Attorneys Andrew K. Chan, Mollie Bracewell, and Christy Slavik are in charge of the prosecution.  The Justice Department’s Office of International Affairs (OIA) of the Department’s Criminal Division provided significant and ongoing assistance with facilitating the execution of dozens of mutual legal assistance requests in 18 different countries necessary for taking down servers and gathering evidence.  OIA also provided critical support in working with Eurojust and Europol in planning the coordinated operation in August 2020 and provided critical assistance in securing the defendant’s extradition from Cyprus.

The charges contained in the Indictments are merely accusations, and BRIDI and Ahmad are presumed innocent unless and until proven guilty.

 



[1] As the introductory phrase signifies, the entirety of the texts of the Indictments and the description of the Indictments set forth herein constitute only allegations and every fact described should be treated as an allegation.

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced that a jury returned a guilty verdict today against Ali Kourani, a/k/a “Ali Mohamad Kourani,” a/k/a “Jacob Lewis,” a/k/a “Daniel,” on all eight counts in the Indictment, which charged him with terrorism, sanctions, and immigration offenses for his illicit work as an undercover terrorist operative for Hizballah’s external attack-planning component.  KOURANI is scheduled to be sentenced on September 27, 2019, by the Honorable Alvin K. Hellerstein, who presided over the eight-day trial.

U.S. Attorney Geoffrey S. Berman said:  “Ali Kourani was recruited, trained, and deployed by Hizballah’s Islamic Jihad Organization to plan and execute acts of terrorism in the United States.  Kourani’s chilling mission was to help procure weapons and gather intelligence about potential targets in the U.S. for future Hizballah terrorist attacks.  Some of the targets Kourani surveilled included JFK Airport and law enforcement facilities in New York City, including the federal building at 26 Federal Plaza in Manhattan.  Today, Kourani has fittingly been convicted for his crimes in a courthouse that stands in the shadow of one of his potential targets.”

As reflected in the criminal Complaint, Indictment, and the evidence presented at trial:

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components that was founded in the 1980s with support from Iran.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including United States citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world, and a continued security threat to the United States.

The Islamic Jihad Organization (“IJO”), which is also known as the External Security Organization and “910,” is a highly compartmentalized component of Hizballah responsible for the planning, preparation, and execution of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, killing six people and injuring 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, including chemicals manufactured by a medical devices company based in Guangzhou, China (“Guangzhou Company-1”), and a similar seizure of chemicals manufactured by Guangzhou Company-1 in Cyprus in May 2015 in connection with the arrest of another IJO operative. 

KOURANI, who was born in Lebanon, attended Hizballah-sponsored weapons training in Lebanon in 2000 when he was approximately 16 years old.  After lawfully entering the United States in 2003, KOURANI obtained a Bachelor of Science in biomedical engineering in 2009, and a Masters of Business Administration in 2013.

KOURANI and certain of his relatives were in Lebanon during the summer 2006 conflict between Israel and Hizballah, when a residence belonging to his family was destroyed.  At some point before 2008, IJO recruited KOURANI to its ranks.  In August 2008, KOURANI submitted an application for naturalization in the United States in which he falsely claimed, among other things, that he was not affiliated with a terrorist organization.  In April 2009, KOURANI became a naturalized citizen and was issued a United States passport.  Despite claiming in his passport application that he had no travel plans, KOURANI traveled to Guangzhou, China – the location of Guangzhou Company-1 – on May 3, 2009.  He later claimed to the FBI that the purpose of the trip was to meet with medical device manufacturers and other businessmen. 

IJO assigned KOURANI an IJO handler, or mentor, responsible for providing him with taskings, debriefings, and arranging training.  KOURANI sometimes communicated with his handler using coded email communications, including messages sent by the handler that informed KOURANI of the need to return to Lebanon.  In order to establish contact with his handler when KOURANI returned to Lebanon, KOURANI called a telephone number associated with a pager (the “IJO Pager”) and provided a code that he understood was specific to him.  After contacting the IJO Pager, the handler would contact KOURANI to set up an in-person meeting by calling a phone belonging to one of KOURANI’s relatives.  The IJO also provided KOURANI with additional training in tradecraft, weapons, and tactics.  In 2011, for example, KOURANI attended a weapons training camp in the vicinity of Birkat Jabrur, Lebanon, where he used a rocket propelled grenade launcher, an AK-47 assault rifle, an MP5 submachine gun, a PKS machine gun (a Russian-made belt-fed weapon), and a Glock pistol.

Based on other taskings from IJO personnel, which IJO personnel conveyed during periodic in-person meetings when KOURANI returned to Lebanon, KOURANI conducted operations, which he understood to be aimed at preparing for potential future Hizballah attacks.   These covert activities included searching for weapons suppliers in the United States who could provide firearms to support IJO operations; identifying individuals affiliated with the Israeli Defense Force whom the IJO could either recruit or target for violence; gathering information regarding operations and security at airports in the United States and elsewhere, including JFK International Airport in New York; and surveilling U.S. military and law enforcement facilities in New York City, including the federal building at 26 Federal Plaza in Manhattan.  KOURANI transmitted some of the products of his surveillance and intelligence-gathering efforts back to IJO personnel in Lebanon using digital storage media. 

*                      *                      *

KOURANI, 34, of the Bronx, New York, was convicted of providing material support to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; conspiracy to provide material support and resources to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; receiving military-type training from a designated foreign terrorist organization, which carries a sentence of 10 years in prison or a fine; conspiracy to receive military-type training from a designated foreign terrorist organization, which carries a maximum sentence of five years in prison; conspiracy to possess, carry, and use firearms and destructive devices during and in relation to crimes of violence, which carries a maximum sentence of life in prison; making and receiving a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison; conspiracy to make and receive a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison; and naturalization fraud in connection with an act of international terrorism, which carries a maximum sentence of 25 years in prison.  The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as the defendant’s sentence will be determined by Judge Hellerstein.

Mr. Berman praised the outstanding efforts of the Federal Bureau of Investigation’s (“FBI”) New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the New York City Police Department.  Mr. Berman also thanked the Counterterrorism Section of the Department of Justice’s National Security Division.

This prosecution is being handled by the Office’s Terrorism and International Narcotics Unit.  Assistant U.S. Attorneys Emil J. Bove III and Amanda L. Houle, with assistance from Trial Attorney Bridget Behling of the Counterterrorism Section.

Damian Williams, the United States Attorney for the Southern District of New York, Matthew G. Olsen, the Assistant Attorney General for National Security, and Christie M. Curtis, the Acting Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today the unsealing of an eight-count Indictment charging GAL LUFT with offenses related to willfully failing to register under the Foreign Agents Registration Act (“FARA”), arms trafficking, Iranian sanctions violations, and making false statements to federal agents.  LUFT, a dual U.S.-Israeli citizen, was arrested on February 17, 2023, in the Republic of Cyprus based on the charges in the Indictment.  LUFT subsequently fled after being released on bail while extradition proceedings were pending and remains a fugitive.



U.S. Attorney Damian Williams said: “As alleged, Gal Luft, a dual U.S.-Israeli citizen and co-head of a Maryland think tank, engaged in multiple, serious criminal schemes.  He subverted foreign agent registration laws in the United States to seek to promote Chinese policies by acting through a former high-ranking U.S. Government official; he acted as a broker in deals for dangerous weapons and Iranian oil; and he told multiple lies about his crimes to law enforcement.  As the charges unsealed today reflect, our Office will continue to work vigorously with our law enforcement partners to detect and hold accountable those who surreptitiously attempt to perpetrate malign foreign influence campaigns here in the United States.”



FBI Acting Assistant Director in Charge Christie M. Curtis said: “As alleged, the defendant engaged in multiple schemes to evade sanctions and laws intended to protect our national security.   The FBI is determined to defend our nation by enforcing laws designed to promote transparency of foreign influence within the United States.”

According to the allegations contained in the Indictment, other filings, public information, and statements made during court proceedings:[1]

For years, LUFT, a dual U.S.-Israeli citizen who serves as the co-director of a Maryland-based think tank, engaged, along with others, in multiple international criminal schemes. 

First, LUFT conspired with others in an effort to act within the United States to advance the interests of the People’s Republic of China (“China”) as agents of China-based principals, without registering as foreign agents as required under U.S. law.  As part of this scheme, while serving as the co-director of a Maryland-based non-profit think tank, LUFT agreed to covertly recruit and pay, on behalf of principals based in China, a former high-ranking U.S. Government official (“Individual-1”), including in 2016 while the former official was an adviser to the then-President-elect, to publicly support certain policies with respect to China without LUFT or Individual-1 filing a registration statement as an agent of a foreign principal with the Attorney General of the United States, in violation of FARA.  Among other things, in the weeks before the 2016 U.S. presidential election, LUFT and a co-conspirator (“CC-1”), who is a Chinese national and worked for a Chinese nongovernmental organization affiliated with a Chinese energy company, created a written “dialogue” between CC-1 and Individual-1, in which LUFT wrote Individual-1’s responses and included information that was favorable to China.  The dialogue was then published in a Chinese newspaper online and sent to, among others, individuals in the United States, including a journalist and professors at multiple U.S. universities.  When LUFT was writing the dialogue, CC-1 told LUFT that “[i]n these articles, we do not want to spill all the beans yet, just enough to let ‘people’ know he [i.e., Individual-1] is in the corridor of power to be.  Just broad stroke policy consideration that leaves plenty of room for interpretation and imagination to be filled in later.”  After the purported “conversations” were published, LUFT told CC-1 that certain information, favorable to China, had been “tucked between the lines.”  Shortly after the 2016 election, LUFT and CC-1 also discussed possible roles Individual-1 might have in the incoming U.S. administration and discussed Individual-1 taking a “silent trip” to China.  LUFT responded that “[w]e are debating about his role in the new admin.  There are all kinds of considerations . . .We should talk ftf [i.e., face-to-face] as there can be a supremely unique opportunity for china.”

Second, LUFT conspired with others and attempted to broker illicit arms transactions with, among others, certain Chinese individuals and entities.  In his role as a broker or middleman, LUFT worked to find both buyers and sellers of certain weapons and other materials, without a license to do so as required under U.S. law, in violation of the Arms Export Control Act.  Among other things, LUFT worked to broker a deal for Chinese companies to sell certain weapons to Libya, including anti-tank launchers, grenade launchers, and mortar rounds (which LUFT and his associates referred to in coded language as “toys”).  LUFT also worked to broker deals for certain weapons to be sold to the United Arab Emirates, including aerial bombs and rockets.  LUFT further worked to broker deals for certain weapons to be sold by a Chinese company to Kenya, including unmanned aerial vehicles (“UAVs”) – and specifically “strike” UAVs, which LUFT acknowledged “[t]he US doesn’t want to sell[, . . .] hence the opportunity.”  LUFT also discussed brokering a deal for weapons to Qatar and told CC-1 that Israel was “not a good fit” as the middleman for the deal because it had the “[s]ame problem the [] Q [i.e., Qataris] have w uncle [i.e., the United States].  Need a third party.  . . .  I will activate.”  In his role as a broker for illicit arms deals, LUFT worked on a commission basis and traveled to meetings and received and passed on documentation needed to secure the deals.  During a voluntary interview with U.S. law enforcement in which he was asked questions about his involvement in arms trafficking, LUFT made multiple false statements, including that he had not sought to engage in or profit from arms deals.

Third, LUFT conspired with others and attempted to broker deals for Iranian oil – which he directed an associate to refer to as “Brazilian” oil in an effort to conceal the activity and evade sanctions – in violation of U.S. sanctions against Iran and the International Emergency Economic Powers Act.  In his role as a broker or middleman, LUFT solicited buyers and passed on pricing and other information.  One offer letter for Iranian oil that LUFT received noted that the “origin” of the oil was “Iranian / It can be presented as UAE origin without Iranian papers.”  He also assisted in setting up meetings between Iranian representatives and a Chinese energy company for the purpose of discussing oil deals.  During a voluntary interview with U.S. law enforcement in which he was asked about his role brokering deals in Iranian oil, LUFT made multiple false statements, including that he had tried to prevent oil deals with Iran and had not been present during meetings with the Chinese energy company and Iranians. 

*                *                *

LUFT, 57, a dual U.S.-Israeli citizen who formerly resided in both Maryland and Israel and is now a fugitive, has been charged with the following offenses, which carry the maximum prison terms listed below.  The statutory maximum penalties are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant would be determined by a judge.



Count





Charge





Maximum Prison Term





One





Conspiracy to violate the Foreign Agents Registration Act





Five years





Two





Conspiracy to violate the Arms Export Control Act





Five years





Three





Violation of the Arms Export Control Act (relating to Libya)





20 years





Four





Violation of the Arms Export Control Act (relating to the United Arab Emirates)





20 years





Five





Violation of the Arms Export Control Act (relating to Kenya)





20 years





Six





Making false statements





Five years





Seven





Conspiracy to violate the International Emergency Economic Powers Act





20 years





Eight





Making false statements





Five years



Mr. Williams praised the outstanding investigative work of the FBI and its New York Field Office, Counterintelligence Division.  Mr. Williams also thanked the Internal Revenue Service – Criminal Investigation, the Department of Justice’s National Security Division, and the Department of Justice’s Office of International Affairs for their assistance.

If you have any information about LUFT’s whereabouts, please contact your local FBI office or the nearest American Embassy or Consulate.  Tips can be reported anonymously and can also be reported online at tips.fbi.gov.

This matter is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorneys Daniel C. Richenthal and Catherine Ghosh are in charge of the prosecution, with assistance from Trial Attorney Scott Claffee of the National Security Division’s Counterintelligence and Export Control Section.

The charges contained in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.





[1] As the introductory phrase signifies, the Indictment and the description of the Indictment set forth herein constitute only allegations, and every fact described should be treated as an allegation.





U.S. v. Luft Indictment

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced that EVALDAS RIMASAUSKAS, a Lithuanian citizen, pled guilty today to wire fraud arising out of his orchestration of a fraudulent business email compromise scheme that induced two U.S.-based Internet companies (the “Victim Companies”) to wire a total of over $100 million to bank accounts he controlled.  RIMASAUSKAS entered his guilty plea today in Manhattan federal court before U.S. District Judge George B. Daniels. 

Manhattan U.S. Attorney Geoffrey S. Berman said:  “As Evaldas Rimasauskas admitted today, he devised a blatant scheme to fleece U.S. companies out of $100 million, and then siphoned those funds to bank accounts around the globe.  Rimasauskas thought he could hide behind a computer screen halfway across the world while he conducted his fraudulent scheme, but as he has learned, the arms of American justice are long, and he now faces significant time in a U.S. prison.”

According to the allegations contained in the Indictment:

From 2013 through 2015, RIMASAUSKAS orchestrated a fraudulent scheme designed to deceive the Victim Companies, including a multinational technology company and a multinational online social media company, into wiring funds to bank accounts controlled by RIMASAUSKAS.  Specifically, RIMASAUSKAS registered and incorporated a company in Latvia (“Company-2”) that bore the same name as an Asian-based computer hardware manufacturer (“Company-1”), and opened, maintained, and controlled various accounts at banks located in Latvia and Cyprus in the name of Company-2.  Thereafter, fraudulent phishing emails were sent to employees and agents of the Victim Companies, which regularly conducted multimillion-dollar transactions with Company-1, directing that money the Victim Companies owed Company-1 for legitimate goods and services be sent to Company-2’s bank accounts in Latvia and Cyprus, which were controlled by RIMASAUSKAS.  These emails purported to be from employees and agents of Company-1, and were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents of Company-1, but in truth and in fact, were neither sent nor authorized by Company-1.  This scheme succeeded in deceiving the Victim Companies into complying with the fraudulent wiring instructions.

After the Victim Companies wired funds intended for Company-1 to Company-2’s bank accounts in Latvia and Cyprus, RIMASAUSKAS caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.  RIMASAUSKAS also caused forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents of the Victim Companies, and which bore false corporate stamps embossed with the Victim Companies’ names, to be submitted to banks in support of the large volume of funds that were fraudulently transmitted via wire transfer.

Through these false and deceptive representations over the course of the scheme, RIMASAUSKAS caused the Victim Companies to transfer a total of over $100 million in U.S. currency from the Victim Companies’ bank accounts to Company-2’s bank accounts. 

RIMASAUSKAS was arrested by Lithuanian authorities in March 2017, pursuant to a provisional arrest warrant, and was extradited to the Southern District of New York in August 2017.

*                *                *

RIMASAUSKAS, 50, of Vilnius, Lithuania, pled guilty to one count of wire fraud, which carries a maximum sentence of 30 years in prison.  The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by the judge. 

RIMASAUSKAS is scheduled to be sentenced on July 24, 2019, at 10:00 a.m. before Judge Daniels. 

Mr. Berman praised the outstanding investigative work of the Federal Bureau of Investigation, and thanked the Prosecutor General’s Office of the Republic of Lithuania, the Lithuanian Criminal Police Bureau, the Vilnius District Prosecutor’s Office and the Economic Crime Investigation Board of Vilnius County Police Headquarters, the Prosecutor General’s Office of the Republic of Latvia, and the International Assistance Group at the Department of Justice, Canada, for their assistance in the investigation, arrests, and extradition, as well the Department of Justice’s Office of International Affairs.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorneys Eun Young Choi and Olga Zverovich are in charge of the prosecution. 

Damian Williams, the United States Attorney for the Southern District of New York; Lisa Monaco, the Deputy Attorney General of the United States; Matthew G. Olsen, the Assistant Attorney General of the Justice Department’s National Security Division; Christie M. Curtis, the Acting Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”); and Matthew S. Axelrod, the Assistant Secretary for Export Enforcement of the Commerce Department, announced today that ARTHUR PETROV, a dual Russian and German national, was extradited from the Republic of Cyprus after having been charged with export control violations, smuggling, wire fraud, and money laundering offenses in connection with his alleged participation in a scheme to procure U.S.-sourced microelectronics subject to U.S. export controls on behalf of a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  PETROV was arrested on August 26, 2023, in the Republic of Cyprus at the request of the U.S.  He arrived in the Southern District of New York yesterday and will be presented later today before U.S. Magistrate Judge Jennifer E. Willis.



U.S. Attorney Damian Williams said: “Arthur Petrov is charged with conspiring to smuggle microelectronics with military applications from U.S. distributors to Russia as part of an illicit Russian-based procurement network that supplies manufacturers for the Russian military.  As alleged, he concealed the ultimate destination of these sensitive materials, and he knew that these transactions and shipments were in violation of U.S. export controls relating to Russia.  Thanks to the efforts of our law enforcement partners here and abroad, Petrov is now in U.S. custody and will face justice in a U.S. courtroom.  This case demonstrates that we will work tirelessly with our law enforcement partners to protect national security and disrupt and prosecute the illicit supply of U.S.-sourced military technology to Russia.”



Deputy Attorney General Lisa Monaco said: “Today’s extradition demonstrates the Justice Department’s enduring commitment to cutting Russia off from the western technologies that fuel President Putin’s war machine.  Together with global partners, the Department’s Disruptive Technology Strike Force and Task Force KleptoCapture will vigorously investigate and prosecute efforts to evade the global sanctions and export controls imposed to counter Russia’s brutal war in Ukraine.  The defendant’s extradition is a vital step towards holding Russia accountable, and I am grateful to our Cypriot partners for their assistance in this matter.”

Assistant Attorney General Matthew G. Olsen said: “Our charges allege that, after Russia’s full-scale invasion of Ukraine, the defendant and his co-conspirators formed an elaborate tech-trafficking syndicate to supply microelectronics to Russia’s military-industrial complex.  Together with our international law enforcement partners, the Justice Department will now hold Petrov to account in a U.S. courtroom and continue dismantling criminal networks that threaten our collective security.”

Acting Assistant Director in Charge Christie M. Curtis said: “Arthur Petrov was brought to the United States to answer for allegedly participating in a global procurement scheme which secretly supplied Russia’s military industrial complex with critical U.S. technology, including the same types of microelectronics recovered from Russian weapons on Ukrainian battlefields.  This extradition underscores the dedication of the FBI and our international partners to maintaining the rule of law and holding accountable anyone attempting to evade international sanctions.  The FBI is committed to protecting our national security and bringing to justice anyone who attempts to undermine it, no matter where they are in the world.”

Assistant Secretary for Export Enforcement Matthew S. Axelrod said: “As demonstrated by today’s extradition, just because you’re located overseas doesn’t mean we won’t find you.  If you procure sensitive U.S. microelectronics with military applications for Russia, you risk the very real threat of facing justice in a U.S. courtroom.” 

According to the allegations contained in the Complaint and statements made during Court proceedings:[1]

PETROV is a dual Russian-German national who resided in Russia and Cyprus and worked for LLC Electrocom VPK (“Electrocom”), a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  PETROV and two co-conspirators (“CC-1” and “CC-2”), who are Russian nationals also working for Electrocom, operated an illicit procurement network in Russia and elsewhere overseas.  They have fraudulently procured from U.S. distributors large quantities of microelectronics subject to U.S. export controls on behalf of Electrocom.  To carry out the scheme, PETROV, CC-1, and CC-2 used shell companies and other deceptive means to conceal that the electronics components were destined for Russia.  The technology that PETROV and his co-conspirators have procured in contravention of export controls during the course of the conspiracy have significant military applications and include various types of electronics components of the sort that have been recovered in Russian military hardware on the battlefield in Ukraine, such as Russian guided missiles, drones, and electronic warfare and communications devices.

To perpetrate the scheme, PETROV first acquired the controlled microelectronics from U.S.-based electronics exporters using a Cyprus-based shell company, Astrafteros Technokosmos LTD (“Astrafteros”), which he operates.  PETROV procured these sensitive electronics components by falsely representing to the U.S. exporters that Astrafteros was purchasing the items for fire security systems, among other commercial uses, and that the ultimate end-users and destinations of the electronics are companies in Cyprus or other third countries — when in fact the components are destined for Electrocom in Russia, which supplies manufacturers for the Russian military.  The microelectronics that PETROV has procured as part of the conspiracy include, among other things, microcontrollers and integrated circuits that are on the Commerce Control List maintained by the Commerce Department and cannot lawfully be exported or reexported to Russia without a license from the Commerce Department.  Invoices provided to PETROV by the U.S. distributors expressly noted that these microcontrollers and integrated circuits are subject to U.S. export controls.

To evade these controls, PETROV, CC-1, and CC-2 worked together to transship the controlled items procured by PETROV using pass-through entities operated by CC-1 and CC-2 in third countries.  CC-1 and CC-2 then caused the items to be shipped, sometimes through yet another country, to the ultimate destination: Electrocom in Saint Petersburg, Russia.  At all times, PETROV, CC-1, and CC-2 concealed from the U.S. distributors that they were procuring the controlled electronics components on behalf of Electrocom and that the items were destined for Russia.  During the course of the conspiracy, PETROV, CC-1, and CC-2 procured from U.S. distributors and shipped to Russia more than $225,000 worth of controlled electronics components with military applications.

On August 26, 2023, PETROV was arrested and detained by the Cypriot authorities at the request of the U.S.  The U.S. thereafter submitted a formal extradition request.  On July 18, 2024, after extradition proceedings in the Cypriot courts concluded with extradition being approved, the Cypriot Minister of Justice and Public Order issued the extradition order.

*                *                *

PETROV, 33, a dual Russian-German citizen who has resided in Russia and Cyprus, is charged with one count of conspiracy to defraud the U.S., which carries a maximum sentence of five years in prison; one count of conspiracy to violate the Export Control Reform Act (“ECRA”), which carries a maximum sentence of 20 years in prison; three counts of violating the ECRA, each of which carries a maximum sentence of 20 years in prison; one count of conspiracy to smuggle goods from the U.S., which carries a maximum sentence of five years in prison; three counts of smuggling goods from the U.S., which each carry a maximum sentence of 10 years in prison; one count of conspiracy to commit wire fraud, which carries a maximum sentence of 20 years in prison; and one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison.

The statutory maximum penalties are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant would be determined by a judge.

Mr. Williams praised the outstanding investigative work of the FBI and its New York Field Office, Counterintelligence Division and the New York Field Office of the Bureau of Industry and Security of the Department of Commerce.  Mr. Williams also thanked the FBI’s Legal Attaché offices in Poland, Germany, and Athens, Greece; the Department of Justice’s National Security Division, Counterintelligence and Export Control Section; the Department of Justice’s Office of International Affairs; the Republic of Cyprus Ministry of Justice and Public Order; and the Law Office of the Republic for their assistance.  The Republic of Cyprus National Police also provided critical assistance in effecting the defendant’s arrest and detention at the request of the U.S.

This prosecution is coordinated through the Justice Department’s Task Force KleptoCapture and the Justice and Commerce Departments’ Disruptive Technology Strike Force.  Task Force KleptoCapture is an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export restrictions, and economic countermeasures that the U.S. has imposed, along with its allies and partners, in response to Russia’s unprovoked military invasion of Ukraine.  The Disruptive Technology Strike Force is an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation states.

This case is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorney Kevin Sullivan is in charge of the prosecution, with assistance from Trial Attorney Maria Fedor of the Counterintelligence and Export Control Section.

The charges in the Complaint are merely accusations, and the defendant is presumed innocent unless and until proven guilty.

 





[1] As the introductory phrase signifies, the entirety of the text of the Complaint and the description of the Complaint set forth herein constitute only allegations, and every fact described should be treated as an allegation.

Audrey Strauss, the United States Attorney for the Southern District of New York, and Jonathan D. Larsen, the Special Agent in Charge of the New York Field Office of the Internal Revenue Service, Criminal Investigation (“IRS-CI”), announced that CHRISTOPHER WRIGHT, a citizen of the United Kingdom, was extradited today from Spain.  WRIGHT is  charged with wire fraud and money laundering relating to his role in a telemarketing scheme involving the fraudulent sale of purported “carbon credits” to victims in the United Kingdom.   WRIGHT was arrested in Spain on January 27, 2021, and is the second defendant charged in the case.  WRIGHT is expected to be presented on Friday, April 23, 2021, before U.S. Magistrate Judge James L. Cott.  WRIGHT’s case is assigned to U.S. District Judge Jesse M. Furman. 

U.S. Attorney Audrey Strauss said:  “As alleged, Wright and his codefendants deceived retirees in the United Kingdom with false promises of big returns on restricted stock and environmentally friendly ‘carbon credits.’  Many of the victims lost their life savings, while Wright and his criminal associates allegedly hid the proceeds in the United States and overseas.  Thanks to the IRS and international cooperation, Wright is now in U.S. custody and facing charges in this District.”

IRS-CI Special Agent in Charge Jonathan D. Larsen said:  “The charges in this case are particularly troubling because this scam allegedly targeted the elderly and retirees, many of whom as a result have lost their hard-earned nest eggs.  This case is a painful reminder that cold-callers promising substantial investments are almost always looking to prey on the elderly. For those with elderly loved ones, take the time to warn them about these scams.”

According to the allegations in the Indictment:[1]

From in or about 2009 up to and including in or about 2015, WRIGHT and other co-conspirators engaged in a scheme to defraud victims in the United Kingdom through the sale of false, fraudulent, and materially misleading investments, and to launder the proceeds of the fraud through bank accounts in the United States and foreign countries.  WRIGHT used the services of telemarketing call centers to identify and cold-call potential victims, who were primarily elderly or retired individuals residing in the United Kingdom.  Over a series of telephone calls, the telemarketers persuaded victims to invest money under various false and misleading pretenses, including the promise of short-term, high-yield, no-risk returns, when in fact the investments were high-risk, illiquid, and in some instances, entirely fictitious.  Many victims were persuaded to make additional investments under the false pretense that they would not be permitted to sell their holdings until they purchased more.  In reliance on the false representations and promises, the victims wired funds to various bank accounts in the United States, including in the Southern District of New York, in the names of corporate entities controlled by one of Wright’s co-conspirators.  WRIGHT assisted in mailing and emailing of documents related to the fraudulent investments, including purchase contracts and investment certificates, to the victims.  Victims who tried to sell their investments found they were unable to do so.  The victims never received a refund on their principal or any return on their investments. 

In order to conceal the nature, location, source, ownership, and control of the proceeds of the fraudulent scheme, WRIGHT and his co-conspirators set up overseas bank accounts in Cyprus, Switzerland, and the United Kingdom, in the names of various shell companies, which were used to launder a substantial portion of the fraud proceeds.

The nature of the particular fraudulent investment vehicles being marketed to the victims changed over time.  From in or about 2009 until in or about 2011, WRIGHT and his co-conspirators sold the stock of Florida-based corporation DirectView Holdings, Inc. (“DirectView”), to the victims based on telemarketers’ false representations and promises that the shares were a no-risk, short-term investment in a debt-free company, and that the shares were likely to increase over 100 percent in value in a short period of time.  In fact, DirectView’s annual report filed with the United States Securities and Exchange Commission (“SEC”) for the year ending December 31, 2010, contained dire warnings about the poor fiscal health of DirectView and the risk attendant in purchasing stock, including that the company “may be forced to cease operations” due to losses and cash flow problems, and purchasers “may find it extremely difficult or impossible to resell our shares.”

From in or about 2011 until in or about 2015, WRIGHT and his co-conspirators engaged in the sale of fraudulent “carbon credits.”  “Carbon credits,” which are issued as part of governmental and voluntary regulatory regimes, are permits representing the right to emit a certain number of tons of carbon dioxide into the atmosphere.  “Carbon offsets,” which are tied to particular carbon-dioxide emissions reducing projects, represent a reduction in carbon dioxide emissions, and can be purchased by individuals and companies to “offset” their or third parties’ “carbon-footprints.”  The victims were falsely promised that the carbon-related investments they purchased could be easily sold, carried no risk, and would yield a significant, short-term return.  In fact, the carbon credits and offsets that were sold to the victims were fake, and did not represent any actual carbon credits or offsets.

*                      *                      *

WRIGHT, 48, a citizen of the United Kingdom, is charged with conspiracy to commit mail and wire fraud, substantive mail fraud, and substantive wire fraud, with a penalty enhancement for telemarketing, each of which carries a maximum sentence of 30 years; conspiracy to commit money laundering and two counts of money laundering, each of which carries a maximum sentence of 20 years; and one count of engaging in monetary transactions in property derived from specified unlawful activity, which carries a maximum sentence of 10 years.           

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

Ms. Strauss praised the outstanding investigative work of IRS Criminal Investigation in this case.

This case is being prosecuted by the Office’s Money Laundering and Transnational Criminal Enterprises and Complex Frauds and Cybercrime Units. Assistant U.S. Attorneys Jessica Feinstein and Olga I. Zverovich are in charge of the prosecution.

The charges contained in the Indictment are merely accusations and the defendant is presumed innocent unless and until proven guilty.

 



[1] As the introductory phrase signifies, the entirety of the text of the indictment, and the description of the indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.

Damian Williams, the United States Attorney for the Southern District of New York, James E. Dennehy, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), and Jonathan Carson, the Special Agent in Charge of the Office of Export Enforcement of the New York Field Office of the Bureau of Industry and Security of the U.S. Department of Commerce, announced today that ZHANNA SOLDATENKOVA and RUSLAN ALMETOV, both Russian nationals, were indicted along with ARTHUR PETROV, a dual Russian and German national, for export control violations, smuggling, wire fraud, and money laundering in connection with their alleged participation in a scheme to procure U.S.-sourced microelectronics subject to U.S. export controls on behalf of a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  PETROV, previously charged in a criminal Complaint, was arrested on August 26, 2023, in the Republic of Cyprus at the request of the U.S. and was extradited from the Republic of Cyprus earlier this year.  He arrived in the Southern District of New York on August 8, 2024, and was ordered detained.  SOLDATENKOVA and ALMETOV are at large.  The case is assigned to U.S. District Judge Alvin K. Hellerstein.The indictment can be read here.U.S. Attorney Damian Williams said: “Zhanna Soldatenkova and Ruslan Almetov are now charged, alongside previously charged Arthur Petrov, for conspiring to smuggle microelectronics with military applications from U.S. distributors to a Russian company that supplies manufacturers for the Russian military.  This Office is committed to exposing the full breadth of such illicit procurement networks and protecting our national security.”Assistant Director in Charge James E. Dennehy said: “Zhanna Soldatenkova and Ruslan Almetova, along with Arthur Petrov, allegedly conspired to evade export laws as members of an illegal international procurement network to help aid the Russian defense industry.  As alleged, by deliberately concealing the true nature of their business, they not only violated the law but ultimately put the national security of our country at risk.  The FBI, in concert with our partners, is determined to protect the United States and will hold accountable anyone attempting to harm our nation.”Special Agent in Charge Jonathan Carson said: “As this action demonstrates, we will work with our domestic and international law enforcement partners to charge alleged violators wherever they may be worldwide. Illegal global procurement networks that prop up the Russian war machine will not be tolerated. That’s why we and our law enforcement partners are working nonstop to ensure that those operating such networks face American justice.”According to the allegations contained in the Indictment returned in Manhattan federal court:[1]PETROV is a dual Russian-German national who previously resided in Russia and Cyprus and worked for LLC Electrocom VPK (“Electrocom”), a Russia-based supplier of critical electronics components for manufacturers supplying weaponry and other equipment to the Russian military.  SOLDATENKOVA is a Russian national who has resided in Russia and worked for Electrocom.  ALMETOV is also a Russian national who has resided in Russia and was the co-founder and served as General Director of Electrocom.PETROV, SOLDATENKOVA, and ALMETOV operated an illicit procurement network in Russia and elsewhere overseas.  More specifically, they fraudulently procured from U.S. distributors large quantities of microelectronics subject to U.S. export controls on behalf of Electrocom.  To carry out the scheme, PETROV, SOLDATENKOVA, and ALMETOV used shell companies and other deceptive means to conceal that the electronics components were destined for Russia.  The technology that the defendants procured in contravention of export controls had significant military applications and included various types of electronics components of the sort that have been recovered in Russian military hardware on the battlefield in Ukraine, such as Russian guided missiles, drones, and electronic warfare and communications devices.To perpetrate the scheme, PETROV first acquired the controlled microelectronics from U.S.-based electronics exporters using a Cyprus-based shell company, Astrafteros Technokosmos LTD (“Astrafteros”), which he operated.  PETROV procured these sensitive electronics components by falsely representing to the U.S. exporters that Astrafteros was purchasing the items for fire security systems, among other commercial uses, and that the ultimate end-users and destinations of the electronics are companies in Cyprus or other third countries — when in fact the components were destined for Electrocom in Russia, which supplies manufacturers for the Russian military.  The microelectronics that PETROV procured as part of the conspiracy included, among other things, microcontrollers and integrated circuits on the Commerce Control List maintained by the Commerce Department and which could not lawfully be exported or reexported to Russia without a license from the Commerce Department.  Invoices provided to PETROV by the U.S. distributors expressly noted that these microcontrollers and integrated circuits were subject to U.S. export controls.To evade these controls, PETROV, SOLDATENKOVA, and ALMETOV worked together to transship the controlled items procured by PETROV using pass-through entities operated by SOLDATENKOVA and ALMETOV in third countries.  SOLDATENKOVA and ALMETOV then caused the items to be shipped, sometimes through yet another country, to the ultimate destination: Electrocom in Saint Petersburg, Russia.  At all times, PETROV, SOLDATENKOVA, and ALMETOV concealed from the U.S. distributors that they were procuring the controlled electronics components on behalf of Electrocom and that the items were destined for Russia.  During the course of the conspiracy, PETROV, SOLDATENKOVA, and ALMETOV procured from U.S. distributors and shipped to Russia more than $225,000 worth of controlled electronics components with military applications.*                *                *A table containing the charges and maximum penalties for PETROV, 35, of Russia and Cyprus, SOLDATENKOVA, 36, of Russia, and ALMETOV, 43, of Russia, is set forth below.  The maximum penalties are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by a judge.ChargeDefendantsMaximum PenaltiesCount One:  Conspiracy to defraud the United States (18 U.S.C. § 371)PETROV, SOLDATENKOVA, and ALMETOV5 years’ imprisonmentCount Two:  Conspiracy to violate the Export Control Reform Act (“ECRA”) (50 U.S.C. §§ 4819(a)(1), 4819(a)(2)(A)-G), and 4819(b); 15 C.F.R. §§ 736.2(b)(1), 746.8(a)(1), and 764.2)PETROV, SOLDATENKOVA, and ALMETOV20 years’ imprisonmentCount Three:  Violation of ECRA (50 U.S.C. §§ 4819(a)(1), 4819(a)(2)(A)-G), and 4819(b); 15 C.F.R. §§ 736.2(b)(1), 746.8(a)(1), and 764.2)PETROV and SOLDATENKOVA20 years’ imprisonmentCount Four:  Violation of ECRA (50 U.S.C. §§ 4819(a)(1), 4819(a)(2)(A)-G), and 4819(b); 15 C.F.R. §§ 736.2(b)(1), 746.8(a)(1), and 764.2)PETROV and SOLDATENKOVA20 years’ imprisonmentCount Five:  Violation of ECRA (50 U.S.C. §§ 4819(a)(1), 4819(a)(2)(A)-G), and 4819(b); 15 C.F.R. §§ 736.2(b)(1), 746.8(a)(1), and 764.2)PETROV, SOLDATENKOVA, and ALMETOV20 years’ imprisonmentCount Six:  Conspiracy to smuggle goods from the United States (18 U.S.C. § 371)PETROV, SOLDATENKOVA, and ALMETOV5 years’ imprisonmentCount Seven:  Smuggling goods from the United States (18 U.S.C. §§ 554(a) and 2)PETROV and SOLDATENKOVA10 years’ imprisonmentCount Eight:  Smuggling goods from the United States (18 U.S.C. §§ 554(a) and 2)PETROV and SOLDATENKOVA10 years’ imprisonmentCount Nine:  Smuggling goods from the United States (18 U.S.C. §§ 554(a) and 2)PETROV, SOLDATENKOVA, and ALMETOV10 years’ imprisonmentCount Ten:  Conspiracy to commit wire fraud (18 U.S.C. § 1349)PETROV, SOLDATENKOVA, and ALMETOV20 years’ imprisonmentCount Eleven:  Conspiracy to commit money laundering (18 U.S.C. §§ 1956(h), 1956(f))PETROV, SOLDATENKOVA, and ALMETOV20 years’ imprisonmentMr. Williams praised the outstanding investigative work of the FBI and its New York Field Office, Counterintelligence Division and the New York Field Office of the Bureau of Industry and Security of the Department of Commerce.  Mr. Williams also thanked the FBI’s Legal Attaché offices in Poland, Germany, and Athens, Greece; the Department of Justice’s National Security Division, Counterintelligence and Export Control Section; the Department of Justice’s Office of International Affairs; the Republic of Cyprus Ministry of Justice and Public Order; and the Law Office of the Republic for their assistance.  The Republic of Cyprus National Police also provided critical assistance in effecting the defendant’s arrest and detention at the request of the U.S.This prosecution is coordinated through the Justice Department’s Task Force KleptoCapture and the Justice and Commerce Departments’ Disruptive Technology Strike Force.  Task Force KleptoCapture is an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export restrictions, and economic countermeasures that the U.S. has imposed, along with its allies and partners, in response to Russia’s unprovoked military invasion of Ukraine.  The Disruptive Technology Strike Force is an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation states.This case is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorney Kevin Sullivan is in charge of the prosecution, with assistance from Trial Attorney Maria Fedor of the Counterintelligence and Export Control Section.The charges in the Indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.[1] As the introductory phrase signifies, the entirety of the text of the Indictment and the description of the Indictment set forth herein constitute only allegations, and every fact described should be treated as an allegation.

Damian Williams, the United States Attorney for the Southern District of New York, announced that ALEXEI SAAB, a/k/a “Ali Hassan Saab,” a/k/a “Alex Saab,” a/k/a “Rachid,” was sentenced today to 12 years in prison for receiving military-type training from Hizballah, marriage fraud, and making false statements.  A jury convicted SAAB of those offenses in May 2022 after a two-week trial.  The sentence was imposed by the Honorable Paul G. Gardephe, who also presided over the trial.



U.S. Attorney Damian Williams said: “Alexei Saab’s actions as a Hizballah operative, both domestically and internationally, were deeply disturbing.  Saab trained extensively on military tactics and weapons use, he specialized in how to construct and detonate explosives, and he surveilled major American landmarks to identify potential attack sites.  But his apprehension by law enforcement before an attack could be carried out is a testament to the importance of our counterterrorism efforts.  We will continue to protect the American people by thwarting terrorist organizations’ pursuits of murder and mass destruction.  Thanks to the hard work of the career prosecutors of this Office and our law enforcement partners, Saab will now spend the coming 12 years in federal prison.”



According to court documents and evidence presented at trial:

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components.  Hizballah was founded in the 1980s with support from Iran after the 1982 Israeli invasion of Lebanon, and its mission includes establishing a fundamentalist Islamic state in Lebanon.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including U.S. citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2001, pursuant to Executive Order 13224, the U.S. Department of Treasury designated Hizballah a Specially Designated Global Terrorist entity.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world and a continued security threat to the U.S.

The Islamic Jihad Organization (“IJO”), which is also known as the External Security Organization and “910,” is a component of Hizballah responsible for the planning and coordination of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria.  The detonation killed six people and injured 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, and a seizure of similar chemicals in May 2015 in connection with the arrest of another IJO operative.  In June 2017, two IJO operatives were arrested in the U.S and charged with terrorism-related offenses in the Southern District of New York.  In May 2019, a jury convicted one of those two IJO operatives on all counts, and in December 2019, he was sentenced principally to 40-years in prison.

SAAB joined Hizballah in 1996.  SAAB’s first Hizballah operations occurred in Lebanon, where he was tasked with observing and reporting on the movements of Israeli and Southern Lebanese Army soldiers in Yaroun, Lebanon.  Among other things, SAAB reported on patrol schedules and formations, procedures at security checkpoints, and the vehicles used by soldiers.  SAAB also, alongside his brother, planted an improvised explosive device that detonated and hit Israeli soldiers, seriously injuring at least one.

In approximately 1999, SAAB attended his first Hizballah training.  The training was focused on the use of firearms, and SAAB handled and fired an AK-47, an M16 rifle, and a pistol, and threw grenades.  In 2000, SAAB transitioned to membership in Hizballah’s unit responsible for external operations, the IJO, and he then received extensive training in IJO tradecraft, weapons, and military tactics, including how to construct and detonate bombs and other explosive devices and how to best use these devices in attacks.  Specifically, SAAB received detailed instruction in, among other things, triggering mechanisms, explosive substances, detonators, and the assembly of circuits.  In pre-arrest interviews with the Federal Bureau of Investigation (“FBI”), SAAB was able to diagram multiple improvised explosive devices that would have been viable if constructed as diagrammed.

In 2000, SAAB entered the U.S.  While living in the U.S., SAAB remained an IJO operative, continued to receive military training in Lebanon, and conducted numerous operations for the IJO.  For example, SAAB surveilled dozens of locations in New York City — including the United Nations headquarters, the Statue of Liberty, Rockefeller Center, Times Square, the Empire State Building, and local airports, tunnels, and bridges — and provided detailed information on these locations, including photographs, to the IJO.  In particular, SAAB focused on the structural weaknesses of locations he surveilled in order to determine how a future attack could cause the most destruction.  SAAB’s reporting to the IJO included the materials used to construct a particular target, how close in proximity one could get to a target, and site weaknesses or “soft spots” that the IJO could exploit if it attacked a target in the future.  SAAB conducted similar intelligence gathering in a variety of large American cities, including Boston and Washington, D.C.   SAAB admitted that his surveillance was designed to best position the IJO to attack the U.S. in the future.  SAAB also was tasked by Hizballah with opening a front company that he could use to obtain fertilizer in the United States for use as an explosives precursor.

In addition to his attack-planning activities in the United States, SAAB conducted operations abroad.  For example, in or about 2003, SAAB attempted to murder a man he later understood to be a suspected Israeli spy.  SAAB pointed a firearm at the individual at close range and pulled the trigger twice, but the firearm did not fire.  SAAB also conducted surveillance in Istanbul, Turkey, and elsewhere. 

Finally, in or about 2012, SAAB entered into a fraudulent marriage in exchange for $20,000.  The purpose of the marriage was for SAAB’s purported wife to apply for her citizenship.  SAAB later falsely affirmed, under penalty of perjury, and in connection with his purported wife’s efforts to obtain status in the U.S., that the marriage was not for any immigration-related purposes. 

*                *               *

In addition to the prison term, SAAB, 46, was sentenced to 3 years of supervised release.

Mr. Williams praised the outstanding efforts of the Federal Bureau of Investigation’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the New York City Police Department.  Mr. Williams also thanked the Counterterrorism Section of the Department of Justice’s National Security Division.

This prosecution is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorneys Sam Adelsberg and Jason A. Richman are in charge of the prosecution, with assistance from Trial Attorneys Jessica Fender and Alexandra Hughes of the Counterterrorism Section.

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, John C. Demers, Assistant Attorney General for National Security, William F. Sweeney Jr., Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), and Dermot F. Shea, Commissioner of the New York City Police Department (“NYPD”), announced today that ALI KOURANI was sentenced to 40 years in prison based on terrorism, sanctions, and immigration convictions arising from KOURANI’s illicit work as an operative for the Islamic Jihad Organization, Hizballah’s external attack-planning component.

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Ali Kourani was recruited, trained, and deployed by Hizballah’s Islamic Jihad Organization to plan and execute acts of terrorism around New York City.  After spending years conducting surveillance on the City’s critical infrastructure, federal buildings, international airports, and even daycare centers, he is now the first Islamic Jihad Organization operative to be convicted and sentenced for his crimes against the United States.  The lengthy prison term imposed today on Kourani sends an important message to Hizballah and the Islamic Jihad Organization:  If you are caught planning harm against this City and its residents, you will face justice and be held accountable.”

Assistant Attorney General John C. Demers said:  “While living in the United States, Kourani served as an operative of Hizballah in order to help the foreign terrorist organization prepare for potential future attacks against the United States.  With today’s sentence, he is being held accountable for his crimes.  The evidence at trial showed that Kourani searched for suppliers who could provide weapons for such attacks, identified people who could be recruited or targeted for violence, and gathered information about and conducted surveillance of potential targets within our country.  Such covert activities conducted on U.S. soil are a clear threat to our national security and I applaud the agents, analysts, and prosecutors who are responsible for this investigation and prosecution.”

FBI Assistant Director William F. Sweeney Jr. said:  “Ali Kourani’s arrest was a reminder to us all that New York City and its surrounding areas remain primary targets for those looking to conduct a violent attack against our way of life.  His sentencing today, however, is also a reminder of the many successes of our FBI JTTFs nationwide, and their never-ending determination to disrupt the plans of those working to harm us.”  

Police Commissioner Dermot F. Shea said:  “This sentencing is an another example of the dedicated work of the New York Joint Terrorism Task Force and the close partnership with the U.S. Attorney’s Office, Southern District, to combat terror and hold accountable those who seek to support and promote terrorist groups.  I thank the NYPD investigators and our law enforcement partners whose hard work brought Mr. Kourani to justice.”

As reflected in the criminal Complaint, Indictment, court filings, and evidence presented at trial: 

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components that was founded in the 1980s with support from Iran.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including United States citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world, and a continued security threat to the United States.

The Islamic Jihad Organization (IJO), which is also known as the External Security Organization and “910,” is a highly compartmentalized component of Hizballah responsible for the planning, preparation, and execution of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, killing six people and injuring 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, including chemicals manufactured by a medical devices company based in Guangzhou, China (Guangzhou Company-1), and a similar seizure of chemicals manufactured by Guangzhou Company-1 in Cyprus in May 2015 in connection with the arrest of another IJO operative. 

KOURANI, who was born in Lebanon, attended Hizballah-sponsored weapons training in Lebanon in 2000 when he was approximately 16 years old.  After lawfully entering the United States in 2003, KOURANI obtained a Bachelor of Science in biomedical engineering in 2009, and a Master of Business Administration in 2013.

KOURANI and certain of his relatives were in Lebanon during the summer 2006 conflict between Israel and Hizballah, when a residence belonging to his family was destroyed.  At some point by 2008, IJO recruited KOURANI to its ranks.  In August 2008, KOURANI submitted an application for naturalization in the United States in which he falsely claimed, among other things, that he was not affiliated with a terrorist organization.  In April 2009, KOURANI became a naturalized citizen and was issued a United States passport.  Despite claiming in his passport application that he had no travel plans, KOURANI traveled to Guangzhou, China – the location of Guangzhou Company-1 – on May 3, 2009.  The purpose of the trip was to develop relationships that the IJO could rely on to obtain ammonium nitrate to be used as an explosive precursor chemical. 

IJO assigned KOURANI an IJO handler, or mentor, responsible for providing him with taskings, debriefings, and arranging training.  KOURANI sometimes communicated with his handler using coded email communications, including messages sent by the handler that informed KOURANI of the need to return to Lebanon.  In order to establish contact with his handler when KOURANI returned to Lebanon, KOURANI called a telephone number associated with a pager (the IJO Pager) and provided a code that he understood was specific to him.  After contacting the IJO Pager, the handler would contact KOURANI to set up an in-person meeting by calling a phone belonging to one of KOURANI’s relatives.  The IJO also provided KOURANI with additional training in tradecraft, weapons, and tactics.  In 2011, for example, KOURANI attended a weapons training camp in the vicinity of Birkat Jabrur, Lebanon, where he used a rocket-propelled grenade launcher, an AK-47 assault rifle, an MP5 submachine gun, a PKS machine gun (a Russian-made belt-fed weapon) and a Glock pistol.

Based on other taskings from IJO personnel, which IJO personnel conveyed during periodic in-person meetings when KOURANI returned to Lebanon, KOURANI conducted operations, which he understood to be aimed at preparing for potential future Hizballah attacks.   These covert activities included searching for weapons suppliers in the United States who could provide firearms to support IJO operations; identifying individuals affiliated with the Israeli Defense Force whom the IJO could either recruit or target for violence; gathering information regarding operations and security at airports in the United States and elsewhere, including JFK International Airport in New York; and surveilling U.S. military and law enforcement facilities in New York City, including the federal building at 26 Federal Plaza in Manhattan.  KOURANI transmitted some of the products of his surveillance and intelligence-gathering efforts back to IJO personnel in Lebanon using digital storage media.

*                      *                      *

In addition to the prison term, KOURANI, 35, was also sentenced to five years of supervised release. 

Mr. Berman praised the outstanding efforts of the FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the New York City Police Department.  Mr. Berman also thanked the Counterterrorism Section of the Department of Justice’s National Security Division.

This prosecution is being handled by the Office’s Terrorism and International Narcotics Unit.  Assistant U.S. Attorneys Amanda L. Houle and Emil J. Bove III are in charge of the case, with assistance from Trial Attorney Bridget Behling of the Counterterrorism Section.

Damian Williams, United States Attorney for the Southern District of New York, Philip R. Bartlett, Inspector in Charge of the New York Office of the U.S. Postal Inspection Service (“USPIS”), Thomas Fattorusso, Acting Special Agent in Charge of the New York Field Office of the Internal Revenue Service, Criminal Investigation (“IRS-CI”), and John Condon, Special Agent in Charge of the Tampa Office of Homeland Security Investigations (“HSI”), announced today the unsealing of Indictments charging NICHOLAS RUSSELL JAMES GILLIE, a/k/a “James William Carter,” NEOPHYTOS GEORGIOU, a/k/a “Nick,” a/k/a “PT,” a/k/a “The Boss,” URS MEISTERHANS, SCOTT STEVEN NEILSON, LIAM JAMES SMOUT, a/k/a “Pringle,” DANIEL NIELSEN, BRENDA LAVERTY, ANDREW GEORGIOU, a/k/a “Andy,” THOMAS ANDREW KENNY, a/k/a “Irish,” and JAKE MARDELL with conspiracy to commit wire fraud, conspiracy to commit money laundering, and aggravated identity theft, in connection with a scheme to impersonate prominent investment firms and individuals to defraud victim investors in countries around the world.  The case is assigned to U.S. District Judge J. Paul Oetken.

GILLIE, NEOPHYTOS GEORGIOU, LAVERTY, ANDREW GEORGIOU, and MARDELL were arrested in Cyprus in May 2021.  SMOUT was arrested in Spain in July 2021.  DANIEL NIELSEN was arrested in Romania in June 2021.  KENNY and SCOTT STEVEN NEILSON were arrested in the United Kingdom last month and earlier this month, respectively. 

In September 2021, DANIEL NIELSEN was extradited to the United States from Romania. Additional U.S. extradition requests remain pending.

MEISTERHANS, a Swiss national, remains at large and has been residing in Switzerland since May 2021 as a fugitive from U.S. justice. 

U.S. Attorney Damian Williams said: “As alleged, the defendants carried out an international scheme that fleeced investors out of more than $6 million, in part by impersonating legitimate investment firms and fabricating the trappings of real investment opportunities, including news articles, advertisements, and other online content, as well as fake contracts and other documents.  Now nine of the 10 are in custody, and all of the defendants are charged with multiple felonies in this district.”

USPIS Inspector-in-Charge Philip R. Bartlett said: “International criminals have had a field day on U.S. consumers and investors over the past few years. Whenever making an investment, it is strongly advised to dig deep and review everything you can find about the investment firm, managers and purported returns. Use the power of the internet to search for negative information about the company. In this case, the victims relied on the good names of successful financial firms, only to later realize they had been swindled. Postal Inspectors and their law enforcement partners will always be on the alert to alleged cons like these to maintain honest investment platforms and ensure those who allegedly commit crimes against investors are brought to justice.”

IRS-CI Acting Special Agent in Charge Fattorusso said: “This case demonstrates to the world that IRS-CI and our many law enforcement partners continue to uncover and expose fraud wherever it may be located.  This alleged scheme took advantage of victims with the promise of valuable financial assets when in reality the funds are alleged to have been stolen and laundered back to the criminal conspirators.  We would like to specifically thank HSI, U.S. Postal Inspectors, the U.S. Attorney’s Office for the Southern District of New York, as well as our International J5 partner agencies for their outstanding work in this case.”

HSI Tampa Special Agent in Charge John Condon said: “Thanks to a collaborative investigative effort between HSI, the IRS-Criminal Investigations and the U.S. Postal Inspectors, this international criminal conspiracy has been stopped.”

As alleged in the Indictments unsealed today[1]:

Beginning in at least 2015, NICHOLAS RUSSELL JAMES GILLIE, NEOPHYTOS GEORGIOU, URS MEISTERHANS, SCOTT STEVEN NEILSON, LIAM JAMES SMOUT, DANIEL NIELSEN, BRENDA LAVERTY, ANDREW GEORGIOU, THOMAS ANDREW KENNY, and JAKE MARDELL participated in a sophisticated international mass-marketing investment fraud scheme to defraud English-speaking investors from around the world of millions of dollars, and to launder the fraud proceeds and distribute those proceeds among the conspirators.  NEOPHYTOS GEORGIOU, who owns bars and restaurants in Cyprus, financed the costs of the investment fraud scheme, which was orchestrated by GILLIE, his longstanding partner in Cyprus.  MEISTERHANS was a key “banker” – that is, money launderer – in the scheme, who laundered victim funds through bank accounts in the United States and several other countries. 

As part of the investment fraud scheme, conspirators purported to be employees of successful financial investment firms and took sophisticated steps to convince victims of the firms’ existence and legitimacy.  Those steps commonly included impersonating real financial investment firms, creating fraudulent websites that appeared to be associated with the real firms, creating fraudulent email addresses that appeared to be associated with employees of the real firms, publishing fraudulent news articles relating to the fake firms and their supposed investments, utilizing a widely-used internet search engine to disseminate scheme-related online advertisements, creating fraudulent investment-related contracts and other financial and legal documents, and using the names, titles, signatures, email addresses, and likenesses of real individuals prominent in business and finance.  Employing those tactics, among others, and through hard-sell telemarketing calls and emails with victim-investors orchestrated from so-called “boiler rooms” located in Cyprus, Spain, Romania, and Cambodia, the conspirators convinced victims to transfer funds to one or more bank accounts under the conspirators’ control (the “Victim Depository Accounts”) for what the victims understood to be investments in various companies – that is, the purchase of company shares.  In reality, however, the conspirators’ purported financial investment firms were fake, the purported share purchases were fraudulent, and the money sent by victims was never returned.  The combined losses of victims exceeded $6 million.

Rather than being used to make investments, the funds that victims transferred to the Victim Depository Accounts were sent back to the conspirators by individuals sometimes referred to by conspirators as “bankers” (the “Bankers”), who were in fact responsible for laundering the proceeds of the investment fraud scheme.  For example, fraud proceeds were at times transferred from a Banker to bank accounts held in the names of individuals who do not actually exist, such as “James William Carter” and “Jonathan Timothy Turner,” but in whose names the conspirators had opened bank accounts using fake United Kingdom passports and other documents.  The fraud proceeds were then distributed among the conspirators, as salary or commission, for their participation in the investment fraud scheme. 

One component of the years-long investment fraud scheme involved the impersonation, in or about 2019, of a New York-based private investment fund (the “New York Fund”) founded by an internationally renowned billionaire investor (the “Founder”).  While impersonating the New York Fund, conspirators fraudulently induced victim-investors from Australia, Europe, and elsewhere to enter into various purported investments, including the supposed purchase of “pre-IPO” shares of a successful and relatively young international company that did not have its shares listed on a public stock exchange (“Company‑1”).

*                *                *

GILLIE, 51, a U.K. national, NEOPHYTOS GEORGIOU, 60, a dual U.K. and Cypriot national, MEISTERHANS, 60, a Swiss national, SCOTT STEVEN NEILSON, 34, a U.K. national, SMOUT, 26, a U.K. national, DANIEL NIELSEN, 32, a U.K. national, LAVERTY, 40, an Irish national, GEORGIOU, 62, a dual U.K. and Cypriot national, KENNY, 33, a U.K. national, and MARDELL, 25, a U.K. national, are each charged with one count of conspiracy to commit wire fraud, in violation of 18 U.S.C. § 1349, which carries a maximum sentence of 20 years in prison; one count of conspiracy to commit money laundering, in violation of 18 U.S.C. § 1956, which carries a maximum sentence of 20 years in prison; and one count of aggravated identity theft, in violation of 18 U.S.C. § 1028A, which carries a mandatory minimum sentence of two years in prison.  The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of these defendants would be determined by a judge.

Mr. Williams praised the outstanding investigative work of the USPIS and HSI, as well as IRS-CI and their partnership with the J5.  The J5, known as the Joint Chiefs of Global Tax Enforcement, works together to gather information, share intelligence and conduct coordinated operations against transnational financial crimes.  The J5 includes the Australian Taxation Office, the Canadian Revenue Agency, the Dutch Fiscal Information and Investigation Service, Her Majesty's Revenue and Customs from the U.K. and IRS-CI from the U.S.  The Justice Department’s Office of International Affairs provided substantial assistance in securing the arrests and extradition.

This case is being handled by the Office’s General Crimes Unit.  Assistant United States Attorneys Micah F. Fergenson and Andrew Jones are in charge of the prosecution.

 

[1] As the introductory phrase signifies, the entirety of the text of the Indictments and the description of the Indictments set forth in this release constitute only allegations, and every fact described should be treated as an allegation.

Leaders Within Iran’s IRGC, a Designated Terrorist Organization, Partnered with Iranian Officials and a Turkish Energy Group to Launder and Sell Iranian Oil to Government-Affiliated Buyers in China, Russia, and Syria, to Finance Iran’s Terror-Supporting Qods Force

In a Related Action, the U.S. Attorney Announces the Seizure of $108 Million Used as Part of the Scheme to Fund the IRGC’s Qods Force

Damian Williams, the United States Attorney for the Southern District of New York; Merrick B. Garland, the Attorney General of the United States; Lisa O. Monaco, the Deputy Attorney General of the United States; Christopher A. Wray, the Director of the Federal Bureau of Investigation (“FBI”); Matthew G. Olsen, the Assistant Attorney General for National Security; and James Smith, the Assistant Director in Charge of the New York Field Office of the FBI, announced today the unsealing of terrorism, sanctions-evasion, fraud, and money laundering charges against seven key figures in an oil-laundering network orchestrated by the Islamic Revolutionary Guard Corps (“IRGC”), a designated foreign terrorist organization, and its Qods Force.  The defendants include a senior Qods Force official, the son of a former Qods Force Commander and Iranian Minister of Petroleum, an Iranian shipping official, and an agent of the Qods Force, together with three Turkish nationals who operate an energy conglomerate that acted as a Qods Force front company.  The defendants, BEHNAM SHAHRIYARI, a/k/a “Seyed Aliakbar Mirvakili,” a/k/a “Husain,” a/k/a “Huseyini Hamid,” a/k/a “Seyed Hamid Reza Shahcheraghi”; MORTEZA ROSTAM GHASEMI; MOHAMMADREZA ALIAKBARI, a/k/a “Captain Aliakbari,” a/k/a “Abu Emad”; MOHAMMAD SADEGH KARIMIAN; SITKI AYAN; BAHADDIN AYAN; and KASIM OZTAS are charged in a five-count Indictment unsealed today in Manhattan federal court.  The defendants remain at large.

In addition to the unsealing of the charges contained in the Indictment, the U.S. Attorney for the Southern District of New York also announced the seizure of $108 million that IRGC front companies attempted to launder through correspondent transaction accounts at U.S. financial institutions in furtherance of the scheme to fund the Qods Force’s malign activities through the illicit sale of Iranian oil, which are subject to forfeiture to the United States.



U.S. Attorney Damian Williams said: “For years, the IRGC and its Qods Force have been instrumental in the Iranian regime’s violent suppression of political dissent, targeting of Iranian dissidents living abroad, and support of international terrorism — including groups like Hamas, Hizballah, and Palestinian Islamic Jihad.  Today’s charges show how, as alleged, the IRGC’s Qods force built a sprawling international network of front companies to launder sanctioned Iranian oil using lies, forgery, and threats of violence.  This alleged scheme to finance the Qods Force succeeds through the complicity of wealthy businessmen in countries like Turkey who are eager to turn a corrupt profit from supporting terror groups.  The Qods Force oil-laundering network allegedly delivered millions of barrels of Iranian oil to government-affiliated buyers in Russia, China, and Syria, and transferred billions of dollars through the U.S. financial system.  This Office has long served at the forefront of law enforcement efforts to fight terrorism and terror finance and to protect the integrity of the U.S. banking system.  I commend the tireless and outstanding efforts of our law enforcement partners in unraveling and disrupting the IRGC’s scheme.”



Attorney General Merrick B. Garland said: “Iran utilizes the proceeds of its black-market oil sales to fund its criminal activities, including its support of the IRGC, Hamas, Hizballah, and other Iranian aligned terrorist groups.  The Justice Department is targeting this funding source by seizing over $108 million and 500,000 barrels of fuel that would otherwise have enabled Iran to further its destabilizing activities that threaten our national security.  In addition to disrupting Iran’s unlawful funding streams, the Justice Department has also charged nine individuals for their roles in supporting Iran in violation of U.S. sanctions.  The Justice Department will continue to use every authority we have to cut off the illegal financing and enabling of Iran’s malicious activities, which have become even more evident in recent months.”

Deputy Attorney General Lisa O. Monaco said: “While Iran’s Islamic Revolutionary Guard Corps and its Qods Force are the regime’s terrorist strongarms, oil is its lifeblood.  Today’s enforcement actions show that the Justice Department is committed to using every tool – from criminal prosecutions to the lawful seizures of Iranian oil and oil profits – to shut down Iran’s pipeline of petroleum and profits.  The charges and seizures announced today strike at the core of the global oil smuggling network that Iran has built to fund its regime of terror and repression and deny the regime millions of dollars in proceeds to further its nefarious agenda.”

FBI Director Christopher A. Wray said: “Iran presents a constant threat to the United States – trying to murder Americans right here within our borders, conducting a cyber-attack on a children’s hospital, supporting terrorists around the world, and more.  All of Iran’s crimes cost money.  And the FBI will remain committed to enforcing U.S. sanctions that keep money out of its coffers.”

Assistant Attorney General Matthew G. Olsen said: “Today’s cases are part of the Department’s ongoing efforts to cut off the flow of black-market Iranian oil that funds the regime’s malign activity, threatening the United States and our interests around the world.  We remain focused on holding accountable those involved in these smuggling schemes, from the officials who oversee the laundering operations, to the network of shadowy businesses that enable them, to the brokers who help facilitate these unlawful transactions.”

FBI Assistant Director in Charge James Smith said: “The Government of Iran has repeatedly shown itself willing to engage in complex schemes to evade U.S. sanctions, which are imposed to protect America's national security interests.  These seven individuals allegedly led an audacious effort to fund the Qods Force through the sale of sanctioned Iranian oil to our adversaries.  Today's charges serve as a warning to anyone willing to ignore and evade sanctions that the FBI will use all the tools at our disposal to rigorously defend our nation.”

According to the allegations contained in the Indictment:[1] 

Overview of the Scheme

Following the imposition of U.S. sanctions against Iran’s petroleum sector in 2018, the Government of Iran’s ability to finance itself through sales of crude oil and petroleum products — Iran’s most important economic sector — was severely diminished.  In response, the IRGC Qods Force built a large-scale oil laundering network to give Iran’s government-owned National Iranian Oil Company (“NIOC”) illicit access to global markets to sell crude oil and petroleum products and to use the proceeds to finance the Qods Force.

The IRGC is an Iranian military and counterintelligence organization under the authority of the Supreme Leader of Iran, and the IRGC’s Qods Force is the Government of Iran’s primary arm for carrying out its policy of supporting terrorist and insurgent groups — including Hamas, Hizballah, Palestinian Islamic Jihad, and the Taliban — and insurgent forces in Iraq and Yemen, including Ansarallah, commonly referred to as the Houthis.  In the years since sanctions were imposed, the Qods Force partnered with individuals and companies located in Turkey, Lebanon, Russia, Oman, Greece, India, the United Arab Emirates (“UAE”), Cyprus, and elsewhere to conceal the Iranian origin of the oil — including through the use of falsified government records, contracts, and other documents, and by manipulating oil tanker location and identification information — and to then launder the proceeds of the sales through layered transactions, bulk cash smuggling, and trade-based money laundering using agricultural commodities.  Through this oil-laundering scheme, the Qods Force arranged the delivery of millions of barrels of Iranian crude oil and petroleum products to government-owned and -affiliated buyers in Syria, Russia, and China.  Participants in the scheme caused billions of dollars to be illegally transferred through the U.S. banking system.  

To sell NIOC crude oil to the regime of Bashar al-Assad in Syria, the network used an intermediary company in Lebanon to conceal the Government of Iran’s involvement in the oil sales and a ship management company based in India to buy, lease, and manage oil tankers to use in the scheme.  The oil tanker fleet was supervised by ALIAKBARI, and the key agreements between the Government of Iran and its foreign partners were authorized and approved by Qods Force Commander Rostam Ghasemi, who previously served as Iran’s Minister of Oil, Minister of Transportation and Urban Development, and the Iranian chair of the Iranian-Syrian Economic Relations Development Committee.

To sell NIOC crude oil to government-affiliated buyers in China, the network used the ASB Group of companies in Turkey, owned by SITKI AYAN, as well as intermediary companies in Oman, Greece, and elsewhere.  Commander Ghasemi again authorized and approved key agreements between the Government of Iran and its foreign partners and resolved financial disputes that arose among the participants in the scheme.  Companies in the ASB Group acted as intermediaries in the oil sales to conceal the Government of Iran’s role and the Iranian origin of the oil and leased oil tankers that were operated by co-conspirators.  SITKI AYAN’s son and senior ASB Group officer, BAHADDIN AYAN, assisted SITKI AYAN in the scheme and caused millions of dollars of wire transfers through the U.S. banking system for the leasing and operation of oil tankers.  OZTAS, who was a manager of the ASB Group of companies, also assisted SITKI AYAN in carrying out the scheme and finalizing agreements with ASB Group’s partners.  SHAHRIYARI, a senior Qods Force official; KARIMIAN, who acts as an agent of the Qods Force in oil laundering transactions; and ALIAKBARI participated in negotiations among the participants and monitored the progress of the oil sales, oil shipments, and the Qods Force’s receipt of the oil proceeds.

To sell NIOC crude oil to government-affiliated buyers in Russia, the network again used the ASB Group of companies, along with other companies in the UAE, Cyprus, Russia, and Turkey.  SHAHRIYARI and KARIMIAN organized a complex web of companies, with SITKI AYAN’s ASB Group of companies at the center, to launder NIOC oil and the proceeds through layered transactions with a Cypriot company and to launder the oil sales through bulk cash smuggling and trade-based money laundering involving Russian agricultural products.  Commander Ghasemi and his co-conspirators, including KARIMIAN, controlled the proceeds of the oil sales, which were collected in Russia and transferred through cash couriers, SITKI AYAN’s companies, or the Iranian Embassy in Moscow.

One of the key Qods Force front companies involved in the scheme was China Oil and Petroleum Company (“China Oil and Petroleum”), which, despite its name, was controlled from Iran by Commander Ghasemi and his associates, including KARIMIAN.  China Oil and Petroleum acted as an intermediary in sales of NIOC oil, including deals involving SITKI AYAN’s ASB Group of companies, in order to facilitate the ultimate delivery to government-affiliated buyers in China.  Between at least 2019 and the present, China Oil and Petroleum has been involved in the transfer of more than $2 billion through the U.S. financial system in furtherance of the scheme to finance the IRGC’s Qods Force.

The Defendants

BEHNAM SHAHRIYARI, a/k/a “Seyed Aliakbar Mirvakili,” a/k/a “Husain,” a/k/a “Huseyini Hamid,” a/k/a “Seyed Hamid Reza Shahcheraghi,” 58, an Iranian national, is a publicly identified IRGC Qods Force senior official.  In 2011, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) designated SHAHRIYARI as a Specially Designated National (“SDN”) under national security controls related to global terrorism for acting on behalf of an IRGC-linked shipping company that provided material support, including weapons, to Hizballah on behalf of the IRGC.

MORTEZA ROSTAM GHASEMI, 32, an Iranian national, is the son of IRGC Qods Force Commander Ghasemi.  In 2019, GHASEMI was designated by OFAC as an SDN under national security controls related to global terrorism.

MOHAMMADREZA ALIAKBARI, a/k/a “Captain Aliakbari,” a/k/a “Abu Emad,” 56, an Iranian national, is a senior officer with Safiran Payam Darya Shipping Company, which acts on behalf of the Government of Iran.  In 2019, ALIAKBARI was designated by OFAC as an SDN under national security controls related to global terrorism, including his alleged role as an interlocutor between the IRGC Qods Force and vessel managers to help the Qods Force evade sanctions.

MOHAMMAD SADEGH KARIMIAN, 36, an Iranian national, acts as an agent of the IRGC Qods Force.  KARIMIAN was designated in 2022 by OFAC as an SDN under national security controls relating to global terrorism and plays a principal role in overseeing the creation and use of intermediary companies to act on behalf of the IRGC and in organizing and supervising deals for the sale and transportation of Iranian crude oil and petroleum products. 

SITKI AYAN, 61, a Turkish national, has a long history of partnering with Iranian state-owned oil and gas companies.  AYAN is the chairman of the ASB Group of companies, which includes Som Petrol Ticaret A.S., Baslam Petrol Sanayi Ve Ticaret A.S., and Baslam Nakliyat Ve Dis Ticaret, Ltd. Sirketi, all of which have been designated by OFAC as SDNs along with AYAN in December 2022 under national security controls related to global terrorism.

BAHADDIN AYAN, 35, a Turkish national, is the son of SITKI AYAN and a vice president of the ASB Group of companies.  In December 2022, BAHADDIN AYAN was designated by OFAC as an SDN under national security controls related to global terrorism.

KASIM OZTAS, 41, a Turkish national, has been managing director of the ASB Group of companies.  In December 2022, KASIM OZTAS was designated by OFAC as an SDN under national security controls related to global terrorism.

*                *                *

The Indictment unsealed today charges each of the defendants with: (i) conspiring to provide material support to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; (ii) conspiring to violate the International Emergency Economic Powers Act and sanctions against the Governments of Iran and Syria, global terrorists and proliferators of weapons of mass destruction, which carries a maximum sentence of 20 years in prison; (iii) conspiring to commit bank and wire fraud, which carries a maximum sentence of 30 years in prison; (iv) conspiring to commit money laundering, which carries a maximum sentence of 20 years in prison; and (v) conspiring to defraud the United States, which carries a maximum sentence of five years in prison. 

The maximum potential sentences in this case are prescribed by Congress and provided here for informational purposes only, as any sentencing of the defendants would be imposed by a judge.

Mr. Williams praised the outstanding investigative work of the FBI’s New York Field Office Counterintelligence Division.  Mr. Williams also thanked the Department of Justice’s National Security Division, Counterintelligence and Export Control Section and Counterterrorism Section for their assistance.

This case is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorneys Michael D. Lockard, David W. Denton, Jr., and Nicholas S. Bradley are in charge of the prosecution, with assistance from Trial Attorneys Benjamin Hawk, Beaudre Barnes, and Christopher Magnani of the Counterintelligence and Export Control Section and Trial Attorneys Joshua Champagne and Jennifer Levy of the Counterterrorism Section.

The charges in the Indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.







[1] As the introductory phrase signifies, the Indictment and the description of the Indictment set forth herein constitute only allegations, and every fact described should be treated as an allegation.

Damian Williams, the United States Attorney for the Southern District of New York, Matthew G. Olsen, the Assistant Attorney General of the Justice Department’s National Security Division, James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), and Edward A. Caban, the Commissioner of the New York City Police Department (“NYPD”), announced the unsealing of terrorism charges against SAMUEL SALMAN EL REDA, a/k/a “Samuel Salman El Reda El Reda,” a/k/a “Salman Raouf Salman,” a/k/a “Sulayman Rammal,” a/k/a “Salman Ramal,” a/k/a “Salman Raouf Salman,” a/k/a “Hajj,” a dual Colombian-Lebanese citizen and member of Hizballah’s Islamic Jihad Organization (“IJO”), in connection with EL REDA’s alleged role leading decades of terrorist activity on behalf of Hizballah and the IJO.  EL REDA is charged with, among other offenses, conspiring to provide and providing material support to Hizballah, a designated foreign terrorist organization.  The charges are contained in an Indictment unsealed today in Manhattan federal court.  EL REDA is based in Lebanon and remains at large. 



U.S. Attorney Damian Williams said: “As alleged, for decades, Samuel Salman El Reda has led terrorist operations on behalf of the Islamic Jihad Organization of Hizballah, including a 1994 bombing in Buenos Aires that massacred 85 innocent victims.  The career prosecutors of this Office have not forgotten the pain and suffering that El Reda has allegedly caused, and we thank the dedication of our law enforcement partners for pursuing this important case.  The Southern District of New York continues to be a leader in prosecuting violent terrorists and terrorist organizations, and we will not rest until those who create chaos and destruction are brought to justice.”



Assistant Attorney General Matthew G. Olsen said: “Nearly three decades ago, long-time Hizballah terrorist operative Samuel Salman El Reda allegedly helped plan and execute the heinous attack on a Buenos Aires Jewish community center that murdered 85 innocent people and injured countless others.  This indictment serves as a message to those who engage in acts of terror: that the Justice Department’s memory is long, and we will not relent in our efforts to bring them to justice.”

FBI Assistant Director in Charge James Smith said: “The evil and horror wrought by terrorism reaches all corners of the globe.  Samuel Salman El Reda was allegedly involved in carrying out terrorist activity on behalf of Hizballah throughout the world.  The New York Joint Terrorism Task Force and our law enforcement partners are unwavering in our determination to bring any individual who supports the evils of terrorism to justice.”

NYPD Commissioner Edward A. Caban said: “As alleged, El Reda was an on-the-ground coordinator of the fatal attack against South America’s largest Jewish center nearly 30 years ago.  In the decades after that attack, he allegedly continued to direct and support terrorism activities in the Western Hemisphere on behalf of Hizballah and has been involved in plots all across the world.  We want this alleged killer brought to justice.”

According to the allegations contained in the Indictment charging the defendant and other public court documents:[1]

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components.  Hizballah was founded in the 1980s with support from Iran after the 1982 Israeli invasion of Lebanon, and its mission includes establishing a fundamentalist Islamic state in Lebanon.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including U.S. citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah as a foreign terrorist organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2001, pursuant to Executive Order 13224, the U.S. Department of the Treasury designated Hizballah as a Specially Designated Global Terrorist entity.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world and a continued security threat to the United States.

The IJO, which is also known as the External Security Organization and “Unit 910,” is a component of Hizballah responsible for the planning and coordination of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, killing six people and injuring 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including through the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, the seizure of similar chemicals in May 2015 in connection with the arrest of another IJO operative, and the seizure of approximately three tons of ammonium nitrate in London in the fall of 2015.  Since June 2017, multiple IJO operatives have been arrested, charged, and convicted in the Southern District of New York for terrorism-related offenses.

Beginning in at least 1993, EL REDA has led terrorist operations on behalf of Hizballah and the IJO in South America, Asia, and Lebanon.  EL REDA was responsible for, among other things, helping to plan and execute the July 18, 1994, bombing of the Asociaión Mutual Israelita Argentina (“AMIA”) building in Buenos Aires, Argentina, which killed 85 people and injured hundreds more.  EL REDA’s activities for Hizballah in connection with the AMIA bombing included relaying information to IJO operatives that was used for planning and executing the attack.  In the decades following the attack, EL REDA continued to engage in terrorist activity on Hizballah’s behalf by recruiting, training, and managing IJO operatives around the world.  EL REDA deployed IJO operatives to Thailand, Panama, and Peru, among other places, to help Hizballah and the IJO conduct pre-operational surveillance in support of attack planning and stockpile explosive precursor chemicals, including ammonium nitrate.  For example, in or about May 2009, EL REDA instructed an IJO operative to travel to Thailand to help destroy a cache of ammonium nitrate and other explosive materials that the IJO believed was under law enforcement surveillance.  In or about February 2011, EL REDA instructed an IJO operative to travel to Panama to surveil the Panama Canal and Embassies maintained by the United States and Israel, and in or about January 2012, EL REDA instructed an IJO operative to travel again to Panama to conduct additional pre-operational surveillance. 

*                *                *

EL REDA, 58, of Lebanon, has been charged with: (i) providing material support to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; (ii) conspiring to provide material support to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; (iii) aiding and abetting the receipt of military-type training from a designated foreign terrorist organization, which carries a maximum sentence of 10 years in prison or a fine; and (iv) conspiring to receive military-type training from a designated foreign terrorist organization, which carries a maximum sentence of five years in prison. 

The maximum potential sentences in this case are prescribed by Congress and provided here for informational purposes only, as any sentence would be imposed by a judge.

Mr. Williams praised the outstanding investigative work of the FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the NYPD.  Mr. Williams also thanked the Department of Justice’s National Security Division, Counterterrorism Section, and the Department of Justice’s Office of International Affairs, for their assistance.

This case is being handled by the Office’s National Security and International Narcotics Unit.  Assistant U.S. Attorneys Jacob H. Gutwillig and Jason A. Richman are in charge of the prosecution, with assistance from Deputy Chief Larry Schneider of the Counterterrorism Section.

The charges in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.





[1] As the introductory phrase signifies, the Indictment and the description of the Indictment set forth herein constitute only allegations, and every fact described should be treated as an allegation.

Damian Williams, the United States Attorney for the Southern District of New York, announced today the guilty plea of GEORGE BRIDI, a citizen of the United Kingdom, for his role in the Sparks Group, an international piracy group that illegally distributed movies and television shows on the Internet.  BRIDI pled guilty today before U.S. District Judge Richard M. Berman.

U.S. Attorney Damian Williams said: “As he admitted in court today, George Bridi participated in an international video piracy ring that illegally distributed worldwide on the Internet nearly every movie released by major production studios, as well as television shows.  Bridi circumvented copyright protections on DVDs and Blu-Ray discs to illegally share movies online, but he and his crew could not evade law enforcement scrutiny, and Bridi now awaits sentencing for his crime.”

As alleged in the Indictment and statements made in open court:

Between 2011 and the present, GEORGE BRIDI and others known and unknown were members of the Sparks Group, a criminal organization that disseminated on the Internet movies and television shows prior to their retail release date, including nearly every movie released by major production studios, after compromising the content’s copyright protections.

In furtherance of its scheme, the Sparks Group fraudulently obtained copyrighted DVDs and Blu-Ray discs from wholesale distributors in advance of their retail release date by, among other things, making various misrepresentations to the wholesale distributors concerning the reasons that they were obtaining the discs prior to the retail release date.  

Sparks Group members then used computers with specialized software to compromise the copyright protections on the discs, a process referred to as “cracking” or “ripping,” and to reproduce and encode the content in a format that could be easily copied and disseminated over the Internet.  Sparks Group members then uploaded copies of the copyrighted content onto servers controlled by the Sparks Group, where other members further reproduced and disseminated the content on streaming websites, peer-to-peer networks, torrent networks, and other servers accessible to public.  The Sparks Group identified its reproductions by encoding the filenames of reproduced copyrighted content with distinctive tags, and also uploaded photographs of the discs in their original packaging to demonstrate that the reproduced content originated from authentic DVDs and Blu-Ray discs.

BRIDI arranged for discs to be picked up, mailed, or delivered from distributors located in Manhattan, Brooklyn, and New Jersey to other members of the Sparks Group prior to their official release date.  BRIDI then reproduced, and aided and abetted the reproduction of, these discs by using computer software that circumvented copyright protections on the discs and reproducing the copyrighted content for further distribution on the Internet. 

The Sparks Group has caused tens of millions of dollars in losses to film production studios.                

*                *                *

BRIDI, 52, pled guilty to conspiracy to commit copyright infringement, which carries a maximum sentence of five years in prison.  The maximum potential sentence is prescribed by Congress and provided here for informational purposes only, as any sentencing of the defendants will be determined by the judge.

BRIDI is scheduled to be sentenced on January 20, 2022, at 12:00 p.m.

Mr. Williams praised the outstanding investigative work of Homeland Security Investigations and the U.S. Postal Inspection Service.  Mr. Williams also thanked Europol and Eurojust as well as law enforcement authorities in the following countries for their assistance in the investigation: Canada, Cyprus, Czech Republic, Denmark, France, Germany, Italy, Republic of Korea, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, and the United Kingdom.

This case is being handled by the Office’s Violent & Organized Crime Unit.  Assistant United States Attorneys Andrew K. Chan, Mollie Bracewell, and Christy Slavik are in charge of the prosecution.  The Justice Department’s Office of International Affairs (OIA) provided significant and ongoing assistance with facilitating the execution of dozens of mutual legal assistance requests in 18 different countries necessary for taking down servers and gathering evidence.  OIA also provided critical support in working with Eurojust and Europol in planning the coordinated operation in August 2020.

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, and Jonathan D. Larsen, the Special Agent in Charge of the New York Field Office of the Internal Revenue Service, Criminal Investigation (“IRS-CI”), announced today the unsealing of an indictment charging ROGER RALSTON – the CEO of DirectView, Inc., a video surveillance and security company based in Florida – with wire fraud and money laundering charges relating to his role in a telemarketing scheme involving the fraudulent sale of DirectView stock and carbon credits to victims in the United Kingdom.  RALSTON was arrested this morning in Orlando, Florida, and will be presented in Magistrate Court in the Middle District of Florida later today.  The case is assigned to United States District Judge Jesse M. Furman.

U.S. Attorney Geoffrey S. Berman said:  “As alleged, Roger Ralston preyed on retirees in the United Kingdom with promises of safe, environmentally friendly investments with big returns.  The victims allegedly received nothing but worthless paper certificates in exchange for their life savings, while Ralston and his criminal associates hid the proceeds in the United States and overseas.  After today, there is no more hiding for Ralston, who now faces many years in prison for his alleged crimes.”

IRS-CI Special Agent in Charge Jonathan D. Larsen said:  “The elderly members of society are too often the victims of financial fraud.  As alleged, Mr. Ralston defrauded these victims and then laundered the ill-gotten gains through domestic and foreign bank accounts.  IRS-CI special agents will continue to follow the money around the world and prosecute those individuals who prey on the elderly.”

According to the allegations in the Indictment unsealed today in Manhattan federal court and statements made during court proceedings:[1]

At all times relevant to the charges in the Indictment, RALSTON was the CEO of DirectView Holdings, Inc. (“DirectView”), a Florida-based corporation.

From in or about 2009 up to and including in or about 2015, RALSTON and other co-conspirators engaged in a scheme to defraud victims in the United Kingdom through the sale of false, fraudulent, and materially misleading investments, and to launder the proceeds through bank accounts in the United States and foreign countries.  RALSTON used the services of telemarketing call centers to identify and cold-call potential victims, who were primarily individuals residing in the United Kingdom.  Many of the victims were elderly or retired.  Over a series of telephone calls, the telemarketers persuaded victims to invest money under various false and misleading pretenses, including the promise of short-term, high-yield, no-risk returns, when in fact the investments were high-risk, illiquid, and in some instances, entirely fictitious.  Many victims were persuaded to make additional investments under the false pretense that they would not be permitted to sell their holdings until they purchased more.  In reliance on the false representations and promises, the victims wired funds to various bank accounts in the United States, including in the Southern District of New York, in the names of corporate entities controlled by RALSTON.  RALSTON then mailed and emailed documents related to the fraudulent investments, including purchase contracts and investment certificates, to the victims.  Victims who tried to sell their investments found they were unable to do so.  The victims never received a refund on their principal or any return on their investments.  In total, RALSTON’s accounts received approximately $9 million from victims. 

In order to conceal the nature, location, source, ownership, and control of the proceeds of the fraudulent scheme, RALSTON regularly transferred a substantial portion of the fraud proceeds from bank accounts in the United States, including in the Southern District of New York, to overseas bank accounts, including accounts in Cyprus, Switzerland, and the United Kingdom, in the names of various shell companies.

The nature of the particular fraudulent investment vehicles being marketed to the victims changed over time.  From in or about 2009 until in or about 2011, RALSTON and his co-conspirators sold DirectView stock to the victims based on telemarketers’ false representations and promises that the shares were a no-risk, short-term investment in a debt-free company, and that the shares were likely to increase over 100 percent in value in a short period of time.  In contrast to what RALSTON represented to victims, DirectView’s annual report filed with the United States Securities and Exchange Commission (“SEC”) for the year ending December 31, 2010, contained dire warnings about the poor fiscal health of DirectView and the risk attendant in purchasing stock, including that the company “may be forced to cease operations” due to losses and cash flow problems, and purchasers “may find it extremely difficult or impossible to resell our shares.”

From in or about 2011 until in or about 2015, RALSTON and his co-conspirators engaged in the sale of fraudulent “carbon credits.”  “Carbon credits,” which are issued as part of governmental and voluntary regulatory regimes, are permits representing the right to emit a certain number of tons of carbon dioxide into the atmosphere.  “Carbon offsets,” which are tied to particular carbon dioxide emissions-reducing projects, represent a reduction in carbon dioxide emissions, and can be purchased by individuals and companies to “offset” their or third parties’ “carbon-footprints.”  The victims were falsely promised that the carbon-related investments they purchased could be easily sold, carried no risk, and would yield a significant, short-term return.  In fact, the carbon credits and offsets that were sold to the victims were fake, and did not represent any actual carbon credits or offsets.

*                      *                      *

RALSTON, 51, of Riviera Beach, Florida, is charged with conspiracy to commit mail and wire fraud, substantive mail fraud, and substantive wire fraud, with a penalty enhancement for telemarketing, each of which carries a maximum sentence of 30 years; conspiracy to commit money laundering and two counts of money laundering, each of which carries a maximum sentence of 20 years; and one count of  engaging in monetary transactions in property derived from specified unlawful activity, which carries a maximum sentence of 10 years.           

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

Mr. Berman praised the outstanding investigative work of IRS Criminal Investigation in this case.

This case is being prosecuted by the Office’s Money Laundering and Transnational Criminal Enterprises and Complex Frauds and Cybercrime Units.  Assistant U.S. Attorneys Jessica Feinstein and Olga I. Zverovich are in charge of the prosecution.

 



[1] As the introductory phrase signifies, the entirety of the text of the Indictment and the description of the Indictment set forth below constitute only allegations, and every fact described should be treated as an allegation.

Joon H. Kim, the Acting United States Attorney for the Southern District of New York, Dana Boente, the Acting Assistant Attorney General for National Security, William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), and James P. O’Neill, the Commissioner of the Police Department for the City of New York (“NYPD”), announced that ALI KOURANI and SAMER EL DEBEK, a/k/a “Samer Eldebek,” were arrested on Thursday, June 1, 2017, on charges related to their alleged activities on behalf of Hizballah, a designated foreign terrorist organization. 

KOURANI was arrested in the Bronx for providing, attempting, and conspiring to provide material support to Hizballah; receiving and conspiring to receive military-type training from Hizballah; a related weapons offense that is alleged to have involved, among other weapons, a rocket-propelled grenade launcher and machine guns; violating and conspiring to violate the International Emergency Economic Powers Act (“IEEPA”); and naturalization fraud to facilitate an act of international terrorism.  KOURANI was presented on Friday, June 2, 2017, before Magistrate Judge Barbara Moses in Manhattan federal court.

EL DEBEK was arrested in Livonia, Michigan, outside of Detroit, for providing, attempting, and conspiring to provide material support to Hizballah; receiving and conspiring to receive military-type training from Hizballah; use of weapons in connection with a crime of violence that is alleged to have involved, among other weapons, explosives, a rocket-propelled grenade launcher, and machine guns; and violating and conspiring to violate IEEPA.  EL DEBEK was presented on Monday, June 5, 2017, before Magistrate Judge Henry Pitman in Manhattan federal court.

Acting Manhattan U.S. Attorney Joon H. Kim said:  “Today, we announce serious terrorism charges against two men who allegedly trained with and supported the Islamic Jihad Organization, a component of the foreign terrorist organization Hizballah.  Recruited as Hizballah operatives, Samer El Debek and Ali Kourani allegedly received military-style training, including in the use of weapons like rocket-propelled grenade launchers and machine guns for use in support of the group’s terrorist mission.  At the direction of his Hizballah handlers, El Debek allegedly conducted missions in Panama to locate the U.S. and Israeli Embassies and to assess the vulnerabilities of the Panama Canal and ships in the Canal.  Kourani allegedly conducted surveillance of potential targets in America, including military and law enforcement facilities in New York City.  Thanks to the outstanding work of the FBI and NYPD, the allegedly destructive designs of these two Hizballah operatives have been thwarted, and they will now face justice in a Manhattan federal court.”

FBI Assistant Director-in-Charge William F. Sweeney Jr. said:  “The charges announced today reveal once again that the New York City region remains a focus of many adversaries, demonstrated as alleged in this instance by followers of a sophisticated and determined organization with a long history of coordinating violent activities on behalf of Hizballah.  Our announcement today also reveals, however, that the dozens of agencies working together with our FBI JTTFs nationwide are just as determined to disrupt the plans of those working to harm our communities.  I’d like to thank the hundreds of investigators who comprise the FBI’s New York JTTF and display constant vigilance on our behalf, and I encourage the public to remain engaged and to immediately report suspicious activity to law enforcement.”

NYPD Commissioner James P. O’Neill said:  “As part of his work for Hezbollah, Kourani and others allegedly conducted covert surveillance of potential targets, including U.S. military bases and Israeli military personnel here in New York City.  Pre-operational surveillance is one of the hallmarks of Hezbollah in planning for future attacks.  As alleged, Kourani, on at least two occasions, received sophisticated military training overseas, including the use of a rocket propelled grenade. In addition, El Debek is charged in an unrelated complaint, for allegedly possessing extensive bomb making training received from Hezbollah. Today’s charges of two for their work on behalf of Hezbollah is a tribute to the collaborative work of the agents and detectives of the Joint Terrorism Task Force.”

As alleged in the criminal Complaints against KOURANI and EL DEBEK,[1] both of which were unsealed today in Manhattan federal court:

Background on Hizballah and the Islamic Jihad Organization

Hizballah is a Lebanon-based Shia Islamic organization with political, social, and terrorist components.  Hizballah was founded in the 1980s with support from Iran after the 1982 Israeli invasion of Lebanon, and its mission includes establishing a fundamentalist Islamic state in Lebanon.  Since Hizballah’s formation, the organization has been responsible for numerous terrorist attacks that have killed hundreds, including United States citizens and military personnel.  In 1997, the U.S. Department of State designated Hizballah a Foreign Terrorist Organization, pursuant to Section 219 of the Immigration and Nationality Act, and it remains so designated today.  In 2001, pursuant to Executive Order 13224, the U.S. Department of State designated Hizballah a Specially Designated Global Terrorist entity.  In 2010, State Department officials described Hizballah as the most technically capable terrorist group in the world, and a continued security threat to the United States.

The Islamic Jihad Organization (“IJO”), which is also known as the External Security Organization and “910,” is a component of Hizballah responsible for the planning and coordination of intelligence, counterintelligence, and terrorist activities on behalf of Hizballah outside of Lebanon.  In July 2012, an IJO operative detonated explosives on a bus transporting Israeli tourists in the vicinity of an airport in Burgas, Bulgaria, which killed six people and injured 32 others.  Law enforcement authorities have disrupted several other IJO attack-planning operations around the world, including the arrest of an IJO operative surveilling Israeli targets in Cyprus in 2012, the seizure of bomb-making precursor chemicals in Thailand in 2012, including chemicals manufactured by a medical devices company based in Guangzhou, China (“Guangzhou Company-1”), and a similar seizure of chemicals manufactured by Guangzhou Company-1 in Cyprus in May 2015 in connection with the arrest of another IJO operative. 

KOURANI’s Alleged Support of Hizballah

KOURANI, who was born in Lebanon, attended Hizballah-sponsored weapons training in Lebanon in 2000 when he was approximately 16 years old.  After lawfully entering the United States in 2003, KOURANI obtained a Bachelor of Science in biomedical engineering in 2009, and a Masters of Business Administration in 2013.

KOURANI and certain of his relatives were present during the summer 2006 conflict between Israel and Hizballah in Lebanon, when a residence belonging to his family was destroyed.  KOURANI was subsequently recruited to join the IJO by 2008.  In August 2008, KOURANI submitted an application for naturalization in the United States in which he falsely claimed, among other things, that he was not affiliated with a terrorist organization.  In April 2009, KOURANI became a naturalized citizen and was issued a United States passport.  Despite claiming in his passport application that he had no travel plans, KOURANI traveled to Guangzhou, China – the location of Guangzhou Company-1 – on May 3, 2009.  He later claimed to the FBI that the purpose of the trip was to meet with medical device manufacturers and other businessmen. 

KOURANI was assigned an IJO handler, or mentor, responsible for providing him with taskings, debriefings, and arranging training.  KOURANI sometimes communicated with his handler using coded email communications, including messages sent by the handler that informed KOURANI of the need to return to Lebanon.  In order to establish contact with his handler when KOURANI returned to Lebanon, KOURANI called a telephone number associated with a pager (the “IJO Pager”) and provided a code that he understood was specific to him.  After KOURANI called the IJO Pager, the handler would contact KOURANI to set up an in-person meeting by calling a phone belonging to one of KOURANI’s relatives.  The IJO also provided KOURANI with additional training in tradecraft, weapons, and tactics.  In 2011, for example, KOURANI attended an IJO military training camp located in the vicinity of Birkat Jabrur, Lebanon, where he was provided with military-tactics and weapons training, including training in the use of a rocket propelled grenade launcher, an AK-47 assault rifle, an MP5 submachine gun, a PKS machine gun (a Russian-made belt-fed weapon), and a Glock pistol.

Based on requests from IJO personnel, which were conveyed during periodic in-person meetings when KOURANI returned to Lebanon, KOURANI also conducted operations that included searching for weapons suppliers in the United States who could provide firearms to support IJO operations, identifying individuals affiliated with the Israeli Defense Force, gathering information regarding operations and security at airports in the United States and elsewhere, and surveilling U.S. military and law enforcement facilities in Manhattan and Brooklyn.  KOURANI transmitted some of the products of his surveillance and intelligence-gathering efforts back to IJO personnel in Lebanon using digital storage media. 

EL DEBEK’s Alleged Support of Hizballah

EL DEBEK, a naturalized U.S. citizen, was first recruited by Hizballah in late 2007 or early 2008, began to receive a salary from Hizballah shortly thereafter, and was paid by Hizballah through approximately 2015.  In July 2006, shortly before he was recruited by Hizballah, EL DEBEK expressed by email his support for Hassan Nasrallah, the leader of Hizballah. 

EL DEBEK received military training from Hizballah in Lebanon on several occasions, from approximately 2008 through approximately 2014.  EL DEBEK received training in basic military tactics, the handling of various weapons, surveillance and counter-surveillance techniques, and the creation and handling of explosives and explosive devices.  Based on information EL DEBEK provided to the FBI, FBI bomb technicians have assessed that EL DEBEK received extensive training as a bomb-maker, and has a high degree of technical sophistication in the area.  EL DEBEK received by email in 2010 a list of raw materials that could be sent from Syria or Dubai, including items often used in explosives and improvised explosive devices. 

EL DEBEK also conducted missions for Hizballah in Thailand and Panama.  In May 2009, EL DEBEK traveled from Lebanon, through Malaysia, to Thailand, where his mission was to clean up explosive precursors in a house in Bangkok that others had left because they were under surveillance.  EL DEBEK used his U.S. passport to enter and leave Thailand, consistent with his instructions from Hizballah to use his U.S. passport in that manner, so he could travel from Malaysia to Thailand without obtaining a visa.    

EL DEBEK first traveled to Panama for Hizballah in 2011, where his operational tasks included locating the U.S. and Israeli Embassies, casing security procedures at the Panama Canal and the Israeli Embassy, and locating hardware stores where explosive precursors could be purchased.  Shortly before traveling to Panama, EL DEBEK updated his status on Facebook with a post that read, in part, “Do not make peace or share food with those who killed your people.” 

In early 2012, EL DEBEK again traveled to Panama for Hizballah, passing through New York and New Jersey, and was asked to identify areas of weakness and construction at the Panama Canal, as well as provide information about how close someone could get to a ship passing through the Canal.  Upon his return from Panama, EL DEBEK’s IJO handlers asked him for photographs of the U.S. Embassy there and details about its security procedures.      

EL DEBEK has told the FBI that he was detained by Hizballah from December 2015 to April 2016 and falsely accused of spying for the United States.  Between November 2014 and February 2017, EL DEBEK, who received religious training from Hizballah, has conducted more than 250 Facebook searches using search terms such as “martyrs of the holy defense,” “martyrs of Islamic resistance,” “Hizballah martyrs,” and “martyrs of the Islamic resistance in Lebanon.” 

*                      *                      *

KOURANI, 32, of the Bronx, is charged with providing material support and resources to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; conspiracy to provide material support and resources to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; receiving military-type training from a designated foreign terrorist organization, which carries a sentence of 10 years in prison or a fine; conspiracy to receive military-type training from a designated foreign terrorist organization, which carries a maximum sentence of five years in prison; conspiracy to possess, carry, and use firearms and destructive devices during and in relation to crimes of violence, which carries a maximum sentence of life in prison; making and receiving a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison; conspiracy to make and receive a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison; and naturalization fraud in connection with an act of international terrorism, which carries a maximum sentence of 25 years in prison. 

EL DEBEK, 37, of Dearborn, Michigan, is charged with providing material support and resources to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; conspiracy to provide material support and resources to a designated foreign terrorist organization, which carries a maximum sentence of 20 years in prison; receiving military-type training from a designated foreign terrorist organization, which carries a sentence of 10 years in prison or a fine; conspiracy to receive military-type training from a designated foreign terrorist organization, which carries a maximum sentence of five years in prison; possessing, carrying, and using firearms and destructive devices during and in relation to crimes of violence, which carries a maximum sentence of life in prison; making and receiving a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison; and conspiracy to make and receive a contribution of funds, goods, and services to and from Hizballah, in violation of IEEPA, which carries a maximum sentence of 20 years in prison. 

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by a judge.

Mr. Kim praised the outstanding efforts of the FBI’s New York Joint Terrorism Task Force, which principally consists of agents from the FBI and detectives from the NYPD.  Mr. Kim also thanked the FBI’s Detroit Office and the Counterterrorism Section of the Department of Justice’s National Security Division.

These prosecutions are handled by the Office’s Terrorism and International Narcotics Unit.  Assistant U.S. Attorneys Emil J. Bove III and Amanda L. Houle are in charge of the prosecution of KOURANI, and Assistant U.S. Attorneys Andrew D. Beaty and Stephen J. Ritchin are in charge of the prosecution of EL DEBEK.  Trial Attorneys Lolita Lukose and Alexandra Hughes of the National Security Division’s Counterterrorism Section are assisting the prosecutions.

The charges contained in the Complaints are merely accusations, and the defendants are presumed innocent unless and until proven guilty.           

 



[1] As the introductory phrase signifies, the entirety of the text of the Complaints and the description of the Complaints set forth below constitute only allegations, and every fact described should be treated as an allegation.

Audrey Strauss, the Acting United States Attorney for the Southern District of New York, Peter C. Fitzhugh, Special Agent-in-Charge of the New York Field Office of Homeland Security Investigations (“HSI”), and Philip R. Bartlett, Inspector-in-Charge of the New York Office of the United States Postal Inspection Service (“USPIS”), announced today the unsealing of indictments charging UMAR AHMAD a/k/a “Artist,” GEORGE BRIDI, and JONATAN CORREA, a/k/a “Raid,” with copyright infringement, and as to BRIDI, wire fraud, for their involvement in the Sparks Group, an international piracy group involved in illegally distributing movies and television shows on the Internet.  BRIDI, a citizen of the United Kingdom, was arrested on Sunday in Cyprus on an INTERPOL Red Notice based on the U.S. criminal charges. The United States will seek BRIDI’s extradition to stand trial in the United States.  CORREA was arrested yesterday in Olathe, Kansas, where he will be presented in federal court.  AHMAD, a citizen of Norway, remains at large.  The case is assigned to United States District Judge Richard M. Berman. 

In coordination with law enforcement authorities in 18 other countries and supported by Eurojust and Europol, dozens of servers controlled by the Sparks Group were taken offline today around the world, including in North America, Europe, and Asia.  The Sparks Group utilized these servers to illegally store and disseminate copyrighted content to members around the globe. 

Acting U.S. Attorney Audrey Strauss said:  “As alleged, the defendants were members of an international video piracy ring that was sophisticated and widespread.  The group allegedly circumvented copyright protections on nearly every movie released by major production studios, as well as television shows, and distributed them by way of a worldwide network of servers.  Thanks to the efforts of HSI, the Postal Inspection Service, Eurojust, Europol, and our law enforcement partners in 18 countries on three continents, key members of this group are in custody, and the servers that were the pipeline for wholesale theft of intellectual property are now out of service.”

HSI Special Agent-in-Charge Fitzhugh said:  “As alleged, Sparks Group members reproduced and disseminated hundreds of movies and television shows prior to their retail release date, including nearly every movie released by major production studios, causing millions of dollars in losses to the film and television industry.  This investigation shows – in high definition – that despite the online platform and international nature of this scheme, we are committed to stop those who use the cyber world for illicit gain.  HSI New York’s El Dorado Task Force, in collaboration with the U.S. Postal Inspection Service, leveraged their global network of law enforcement partners to shut down this criminal organization’s cyber piracy network and arrest those allegedly responsible.”

USPIS Inspector-in-Charge Philip R. Bartlett said:  “Copyright criminals have come a long way from bootlegging movies in local theaters and selling inferior quality videos and DVD’s on the streets of New York City for $5.00.  The movies and TV shows allegedly stolen by these defendants not only represent a body of work ripped off from those who spent years developing their craft and working their way to stardom, but deprives the studios and actors of the fruits of their labor.”

Ladislav Hamran, President of Eurojust, said:  “This case is an excellent example of what can be achieved if we work together across borders and continents. Thanks to the long-standing partnership between the U.S. and the European authorities, we managed to deal a significant blow to online piracy. My sincere congratulations go out to all countries involved in yesterday’s joint action day.”

According to the allegations contained in the Indictments[[1]] unsealed yesterday in Manhattan federal court:

Between 2011 and the present, UMAR AHMAD a/k/a “Artist,” GEORGE BRIDI, JONATAN CORREA, a/k/a “Raid,” and others known and unknown were members of the Sparks Group, a criminal organization that disseminated on the Internet movies and television shows prior to their retail release date, including nearly every movie released by major production studios, after compromising the content’s copyright protections.

In furtherance of its scheme, the Sparks Group fraudulently obtained copyrighted DVDs and Blu-Ray discs from wholesale distributors in advance of their retail release date by, among other things, making various misrepresentations to the wholesale distributors concerning the reasons that they were obtaining the discs prior to the retail release date.   

Sparks Group members then used computers with specialized software to compromise the copyright protections on the discs, a process referred to as “cracking” or “ripping,” and to reproduce and encode the content in a format that could be easily copied and disseminated over the Internet.  They thereafter uploaded copies of the copyrighted content onto servers controlled by the Sparks Group, where other members further reproduced and disseminated the content on streaming websites, peer-to-peer networks, torrent networks, and other servers accessible to the public.  The Sparks Group identified its reproductions by encoding the filenames of reproduced copyrighted content with distinctive tags, and also uploaded photographs of the discs in their original packaging to demonstrate that the reproduced content originated from authentic DVDs and Blu-Ray discs.

AHMAD and BRIDI arranged for discs to be picked up, mailed, or delivered from distributors located in Manhattan, Brooklyn, and New Jersey to other members of the Sparks Group, including CORREA, prior to their official release date.  AHMAD, BRIDI, and CORREA then reproduced, and aided and abetted the reproduction of, these discs by using computer software that circumvented copyright protections on the discs and reproducing the copyrighted content for further distribution on the Internet. 

The Sparks Group has caused tens of millions of dollars in losses to film production studios.

*              *             *

AHMAD, 39, BRIDI, 50, and CORREA, 36, are each charged with copyright infringement conspiracy, which carries a maximum penalty of five years in prison.  BRIDI is also charged with wire fraud conspiracy, which carries a maximum penalty of 20 years in prison, and conspiracy to transport stolen property interstate, which carries a maximum penalty of five years in prison.    

The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by the judge.

 Ms. Strauss praised the outstanding work of HSI and USPIS.  She also thanked Europol and Eurojust as well as law enforcement authorities in the following countries for their assistance in the investigation:  Canada, Cyprus, Czech Republic, Denmark, France, Germany, Italy, Republic of Korea, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, and the United Kingdom. 

The case is being prosecuted by the Office’s Violent and Organized Crime Unit.  Assistant United States Attorneys Andrew K. Chan, Mollie Bracewell, and Christy Slavik are in charge of the prosecution.  The U.S. Department Justice’s Office of International Affairs (OIA) of the Department’s Criminal Division provided significant and ongoing assistance with facilitating the execution of dozens of mutual legal assistance requests in 18 different countries necessary for taking down servers and gathering evidence.  OIA also provided critical support in working with Eurojust and Europol in planning the coordinated operation yesterday.

The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

 



[1] As the introductory phrase signifies, the entirety of the texts of the Indictments and the description of the Indictments set forth herein constitute only allegations and every fact described should be treated as an allegation.

SAN FRANCISCO – A grand jury in the Northern District of California has indicted a Russian national and an organization he allegedly operated, BTC-e, for operating an unlicensed money service business, money laundering, and related crimes. The announcement was made by U.S. Attorney Brian J. Stretch for the Northern District of California; Acting Assistant Attorney General Kenneth A. Blanco of the Justice Department’s Criminal Division; Internal Revenue Service (IRS) Criminal Investigation Chief Don Fort; Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) Acting Executive Associate Director Derek Benner; Federal Bureau of Investigation (FBI) Special Agent in Charge of the Louisville Division Amy Hess; United States Secret Service (USSS) Special Agent in Charge of the Criminal Investigative Division Michael D’Ambrosio; Federal Deposit Insurance Corporation (FDIC), Office of the Inspector General, Inspector General Jay N. Lerner; and Acting Director of the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), Jamal El-Hindi.

“Cryptocurrencies such as Bitcoin provide people around the world new and innovative ways of engaging in legitimate commerce. As this case demonstrates, however, just as new computer technologies continue to change the way we engage each other and experience the world, so too will criminals subvert these new technologies to serve their own nefarious purposes,” said U.S. Attorney Stretch.  “This office will continue to devote the necessary resources to ensure that money launderers and cyber-criminals are detected, apprehended, and brought to justice wherever and however they use the internet to commit their crimes.”

"As this case demonstrates, the Criminal Division employs a multi-faceted approach to dismantling criminal enterprises, by prosecuting the criminal actors themselves, and by shutting down their ability to monetize their crimes through entities that facilitate money laundering," said Acting Assistant Attorney General Blanco.  "The Criminal Division will work tirelessly to identify those who use technology to conduct and obscure their criminal activity, as we ensure there are no safe havens from U.S. justice for those who seek to victimize Americans."

“Homeland Security Investigations is strongly committed to tracking down criminals who seek to strike at the foundations of global financial security through complex money laundering schemes,” said HSI Acting Executive Associate Director Derek Benner. “The resulting indictment is a clear representation of why our close law enforcement partnerships are vital to our shared missions. HSI will continue to aggressively target those who deliberately seek to exploit financial systems for personal gain."

“Mr. Vinnik is alleged to have committed and facilitated a wide range of crimes that go far beyond the lack of regulation of the bitcoin exchange he operated.  Through his actions, it is alleged that he stole identities, facilitated drug trafficking, and helped to launder criminal proceeds from syndicates around the world,” said Chief Don Fort, IRS Criminal Investigation.  “Exchanges like this are not only illegal, but they are a breeding ground for stolen identity refund fraud schemes and other types of tax fraud.  When there is no regulation and criminals are left unchecked, this scenario is all too common. The takedown of this large virtual currency exchange should send a strong message to cyber-criminals and other unregulated exchanges across the globe.”

“BTC-e was noted for its role in numerous ransomware and other cyber-criminal activity; its take-down is a significant accomplishment, and should serve as a reminder of our global reach in combating transnational cyber crime,” said Special Agent in Charge of the USSS Criminal Investigative Division Michael D’Ambrosio. “We are grateful for the efforts of our law enforcement partners in achieving this significant result.”

"The arrest of Alexander Vinnik is the result of a multi-national effort and clearly displays the benefits of global cooperation among US and international law enforcement,” said FBI Special Agent in Charge Hess.  “This investigation demonstrates the long-term commitment given to identifying and pursuing criminals world-wide with a whole of government approach. This was a highly complex investigation that has only reached this stage due to the persistent and dedicated efforts of all the parties involved.  We must continue to impose real costs on criminals, no matter who they are or where they attempt to hide."

“The Federal Deposit Insurance Corporation Office of Inspector General works to ensure the integrity of the financial service sector and is committed to holding accountable those involved in criminal activity that undermine its integrity,” said Inspector General Lerner.  “This investigation demonstrates what can be achieved among the cooperative partnerships in the domestic and international law enforcement community.”

The indictment describes Alexander Vinnik, 37, a Russian citizen, as the owner and operator of multiple BTC-e accounts, including administrator accounts, and also a primary beneficial owner of BTC-e’s managing shell company, Canton Business Corporation. According to the indictment, numerous withdrawals from BTC-e administrator accounts went directly to Vinnik’s personal bank accounts. The indictment further alleges that proceeds from well-known hacks and thefts from bitcoin exchanges were funded through a BTC-e administrator account associated with Vinnik.  Vinnik was arrested in Greece on July 25.  

According to the indictment unsealed today, BTC-e, founded in 2011, was one of the world’s largest and most widely used digital currency exchanges.  The indictment alleges that BTC-e allowed its users to trade in the digital currency “Bitcoin” with high levels of anonymity.  The indictment alleges that although Bitcoin has known legitimate uses, the virtual currency, like cash, can be used to facilitate illicit transactions and to launder criminal proceeds.  According to the indictment, since its inception, Vinnik and others developed a customer base for BTC-e that was heavily reliant on criminals, including by not requiring users to validate their identity, obscuring and anonymizing transactions and source of funds, and by lacking any anti-money laundering processes. The indictment alleges BTC-e was operated to facilitate transactions for cybercriminals worldwide and received the criminal proceeds of numerous computer intrusions and hacking incidents, ransomware scams, identity theft schemes, corrupt public officials, and narcotics distribution rings.  Thus, the indictment alleges, BTC-e was used to facilitate crimes ranging from computer hacking, to fraud, identity theft, tax refund fraud schemes, public corruption, and drug trafficking. The investigation has revealed that BTC-e received more than $4 billion worth of bitcoin over the course of its operation.

As to Vinnik, the indictment alleges that he received funds from the infamous computer intrusion or “hack” of Mt. Gox – an earlier digital currency exchange that eventually failed, in part due to losses attributable to hacking.  The indictment alleges that Vinnik obtained funds from the hack of Mt. Gox and laundered those funds through various online exchanges, including his own BTC-e and a now defunct digital currency exchange, Tradehill, based in San Francisco, California.  The indictment alleges that by moving funds through BTC-e, Vinnik sought to conceal and disguise his connection with the proceeds from the hacking of Mt. Gox and the resulting investigation.

As for defendant BTC-e, the indictment alleges that, despite doing substantial business in the United States, BTC-e was not registered as a money services business with the U.S. Department of the Treasury, had no anti-money laundering process, no system for appropriate “know your customer” or “KYC” verification, and no anti-money laundering program as required by federal law.  According to the company’s website, BTC-e is located in Bulgaria but organized or otherwise subject to the laws of Cyprus.  The exchange allegedly maintains a base of operations in the Seychelles Islands and its web domains are registered to shell companies in, among other places, Singapore, the British Virgin Islands, France, and New Zealand. 

The indictment charges BTC-e and Vinnik with one count of operation of an unlicensed money service business, in violation of 18 U.S.C. § 1960, and one count of conspiracy to commit money laundering, in violation of 18 U.S.C. § 1956(h).  In addition, the indictment charges Vinnik with seventeen counts of money laundering, in violation of 18 U.S.C. § 1956(a)(1), and two counts of engaging in unlawful monetary transactions, in violation of 18 U.S.C. § 1957. An indictment merely alleges that crimes have been committed, and the defendants are presumed innocent until proven guilty beyond a reasonable doubt.  

FinCEN today assessed a $110 million civil money penalty against BTC-e  for willfully violating U.S. anti-money laundering (AML) laws.  Alexander Vinnik was assessed $12 million for his role in the violations.

“We will hold accountable foreign-located money transmitters, including virtual currency exchangers, that do business in the United States when they willfully violate U.S. AML laws,” said Acting FinCEN Director Jamal El-Hindi.  “Today’s action should be a strong deterrent to anyone who thinks that they can facilitate ransomware, dark net drug sales, or conduct other illicit activity using encrypted virtual currency.  Treasury’s FinCEN team and our law enforcement partners will work with foreign counterparts across the globe to appropriately oversee virtual currency exchangers and administrators who attempt to subvert U.S. law and avoid complying with U.S. AML safeguards.”  

If convicted of these crimes, Vinnik faces the following maximum penalties:      

 



Violation





Statute





Maximum Penalty





operation of an unlicensed money service business





18 U.S.C. § 1960





5 years of imprisonment





conspiracy to commit money laundering





18 U.S.C. § 1956(h)





20 years of imprisonment and a $500,000 fine or twice the value of the property involved in the transaction





money laundering





18 U.S.C. § 1956(a)(1)





20 years of imprisonment and a $500,000 fine or twice the value of the property involved in the transaction (each count)





engaging in unlawful monetary transactions





18 U.S.C. § 1957





10 years of imprisonment and a $500,000 fine or twice the value of the property involved in the transaction (each count)



 

Additional fines, restitution, and supervised release also may be ordered.  However, any sentence will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

This case is being investigated by the Internal Revenue Service (the Oakland Calif., Field Office and Cyber Crime Unit in Washington, D.C.); Department of Homeland Security, Homeland Security Investigations; FBI; U.S. Secret Service Criminal Investigative Division; and Federal Deposit Insurance Corporation, Office of the Inspector General.  The case is being prosecuted by the U.S. Attorney’s Office for the Northern District of California and the Criminal Division’s Computer Crime and Intellectual Property Section.  The Criminal Division’s Office of International Affairs provided substantial assistance on the case.

SAN FRANCISCO–  The Department of Justice filed a civil complaint in federal court against digital currency exchange BTC-e, also known as Canton Business Corporation, and one of its chief owners and operators Alexander Vinnik, announced United States Attorney David L. Anderson and U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) Director Kenneth A. Blanco.  The complaint seeks to enforce monetary penalties FinCEN assessed against BTC-e and Vinnik for alleged violations of the Bank Secrecy Act (BSA), 31 U.S.C. §§ 5311-14 and 5316-32.  

BTC-e is a digital currency exchange organized as a corporation under the laws of Cyprus and/or the Seychelles Islands.  BTC-e operated in Bulgaria, the Seychelles Islands, and other jurisdictions, including the Northern District of California, and allowed its users to buy and sell bitcoin and other digital currencies anonymously through its web domain, btc-e.com.  Vinnik, a Russian national, occupied a senior leadership position within BTC-e, controlled multiple BTC-e administrative accounts used to process BTC-e’s transactions, and participated in the direction and supervision of BTC-e’s operations and finances.  The civil complaint alleges that Vinnik operated several BTC-e accounts, including some tied to thefts from other virtual currency exchanges such as Mt. Gox.  Vinnik is currently incarcerated in Greece and is the subject of an extradition request to the Northern District of California in connection with criminal charges filed in this district.

On July 26, 2017, FinCEN assessed monetary penalties against BTC-e and Vinnik for violations of the BSA.  FinCEN assessed $12 million in penalties against Vinnick and $88,596,314 in penalties against BTC-e for BTC-e’s alleged willful violations of the BSA.  The civil complaint seeks to enforce the monetary penalties issued by FinCEN.  

According to the complaint, FinCEN assessed penalties based, in part, on the following conduct: 

Failure to Register as an MSB:  BTC-e did not register with FinCEN as a Money Services Business (MSB).  The BSA defines an MSB and requires, among other things, MSBs to register with FinCEN within 180 days of beginning operations.  In this case, FinCen assessed penalties, in part, because the agency concluded BTC-e was an MSB and failed to register with the agency. 

Failure to Establish Anti-Money Laundering Programs and Procedures:  Under the BSA, an MSB must develop, implement, and maintain an effective anti-money laundering (AML) program that is reasonably designed to prevent the MSB from being used to facilitate money laundering and the financing of terrorist activities.  FinCEN’s fines were based, in part, on BTC-e’s failure to have reasonable AML policies or procedures in place to prevent criminal activity on the digital currency exchange.  

Failure to File Suspicious Activity Reports:  Under the BSA, an MSB must file a suspicious activity report (SAR) if it becomes aware of transactions that the MSB “knows, suspects, or has reason to suspect” are suspicious where those transactions involve the MSB and aggregate to at least $2,000 in value.  FinCEN’s penalties were assessed, in part, because BTC-e did not file SARs and instead received proceeds from ransomware schemes, transferred funds to and from known dark net marketplaces, and deposited funds stolen from other digital currency exchanges into BTC-e accounts that Vinnik controlled.

This case is being handled by Assistant United States Attorney Kirstin Ault and U.S. Department of Justice Trial Attorney John Siemietkowski with assistance from Tina Louie.

 

Four defendants were arrested today on charges of securities fraud conspiracy and money laundering conspiracy for their involvement in schemes to fraudulently manipulate the stock of BioCube, Inc. (BioCube), a U.S. publicly traded company, and to launder approximately $2 million in illegal proceeds using offshore bank and brokerage accounts.  Since 2010, BioCube has purported to have a series of different business purposes, including, most recently, planning to market and distribute devices for detecting marijuana on a user’s breath.  The charged individuals are: Chris Messalas, a former securities broker previously barred by the Securities and Exchange Commission (SEC); Boris Rubizhevky, the former Chief Executive Officer of BioCube; Michael Garnick, a Philadelphia-based attorney; and Dimitrios Argyros, an anti-money laundering consultant.  Messalas, Rubizhevsky and Garnick were charged with securities fraud conspiracy.  Messalas and Argyros were charged with money laundering conspiracy.      

Argyros was arrested at JFK International Airport after arriving on a flight from Cyprus via London, Messalas was arrested at his home in New York and Rubizhevsky was arrested in New Jersey.  Their initial appearances are scheduled for this afternoon before United States Magistrate Judge Cheryl L. Pollak at the federal courthouse in Brooklyn.  Garnick was arrested in Pennsylvania.  His initial appearance is scheduled for this afternoon before Magistrate Judge Thomas J. Rueter at the federal courthouse in Philadelphia, Pennsylvania. 

The charges were announced by Bridget M. Rohde, Acting United States Attorney for the Eastern District of New York, William F. Sweeney, Jr., Assistant Director-in-Charge, Federal Bureau of Investigation, New York Field Office (FBI), and Kathy A. Enstrom, Acting Special Agent-in-Charge, United States Internal Revenue Service, Criminal Investigation, New York (IRS-CI).

 “As alleged in the criminal complaint, the defendants planned a pump and dump scheme, and money laundering of the proceeds, using offshore accounts and an anti-money laundering consultant to avoid detection by law enforcement,” stated Acting United States Attorney Rohde.  “Together with our law enforcement partners, we will continue our efforts to protect the investing public, safeguard the financial integrity of our banking system and prevent the use of offshore bank and brokerage accounts to subvert U.S. laws and regulations.”  Ms. Rohde thanked the Securities and Exchange Commission for its cooperation and assistance on the investigation.

“When would-be stockholders purchased shares of BioCube, Inc., they knew about the market risks involved in investing,” stated Assistant Director-in-Charge Sweeney. “What they didn’t know was that the odds had already been stacked against them, as alleged, in this ruse concocted by the four individuals charged today. Those who employ schemes to capitalize on other people’s losses will most certainly be brought to justice, and we’re here to remind criminals that this type of dishonorable behavior will never be acceptable.  As such, the FBI and our partners will continue to uphold the promise we made to those who invest their trust in us.”

“At this time of year, when hard working citizens are sitting down to prepare their tax returns, IRS-Criminal Investigation (IRS-CI) remains vigilant in our pursuit of those unscrupulous individuals that defraud the American public as well as the government,” stated Acting Special Agent-in-Charge Enstrom. “IRS-CI is proud to bring our forensic accounting skills to this joint venture and help put a stop to this and other types of white collar crime, as alleged in the criminal complaint.”

According to the complaint unsealed today in Brooklyn federal court, Messalas, Rubizhevsky and Garnick engaged in a scheme to defraud BioCube’s investors and potential investors by concealing Messalas’s beneficial ownership and control of BioCube shares, so that Messalas could exercise control over the price and trading of BioCube’s stock. 

As the complaint further alleges, Messalas and Argyros engaged in a related conspiracy to launder approximately $2 million in proceeds of the BioCube “pump and dump” scheme by depositing BioCube shares into offshore accounts in the names of nominees in locations including Cyprus and the Bahamas.  The scheme was designed to launder a portion of the fraudulent proceeds from the stock manipulation scheme from the United States through offshore accounts, and circumvent the IRS’s reporting requirements under the Foreign Account Tax Compliance Act (FATCA).  As alleged in the complaint, Argyros touted his ability to capitalize on his anti-money laundering expertise during conversations with an individual posing as a co-conspirator in the money laundering scheme who, unbeknownst to Argyros, was working with the FBI.  

The charges in the complaint are merely allegations, and the defendants are presumed innocent unless and until proven guilty.  If convicted of the charges against them, Messalas faces a maximum sentence of 25 years’ imprisonment, Rubizhevsky and Garnick face maximum sentences of five years’ imprisonment, and Argyros faces a maximum sentence of 20 years’ imprisonment.

*          *          *

The government’s case is being handled by the Office’s Business and Securities Fraud Section.  Assistant United States Attorneys Tyler Smith, Alicyn Cooley and Jack Dennehy are in charge of the prosecution.

 

*          *          *

The Defendants:

 

CHRIS MESSALAS

Age:  50

Staten Island, New York

 

BORIS RUBIZHEVSKY

Age:  66

Closter, New Jersey

 

MICHAEL GARNICK

Age:  58

Philadelphia, Pennsylvania

 

DIMITRIOS ARGYROS

Age:  50

Ho-Ho-Kus, New Jersey

 

E.D.N.Y. Docket No. 17-MJ-321