<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>crime &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/crime/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Wed, 30 Jul 2025 16:16:13 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>First Sentencing in Scheme to Help North Koreans Infiltrate US Companies</title>
		<link>https://noise.getoto.net/2025/08/04/first-sentencing-in-scheme-to-help-north-koreans-infiltrate-us-companies/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 04 Aug 2025 11:01:27 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[cyberespionage]]></category>
		<category><![CDATA[espionage]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[north korea]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70539</guid>

					<description><![CDATA[<p>An Arizona woman was <a href="https://www.justice.gov/opa/pr/arizona-woman-sentenced-17m-information-technology-worker-fraud-scheme-generated-revenue">sentenced</a> to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers.</p>
<p>From an <a href="https://www.bleepingcomputer.com/news/security/us-woman-sentenced-to-8-years-in-prison-for-running-laptop-farm-helping-north-koreans-infiltrate-300-firms/">article</a>:</p>
<blockquote><p>According to <a href="https://www.justice.gov/usao-dc/media/1352191/dl">court documents</a>, Chapman hosted the North Korean IT workers’ computers in her own home between October 2020 and October 2023, creating a so-called “laptop farm” which was used to make it appear as though the devices were located in the United States.</p>
<p>The North Koreans were hired as remote software and application developers with multiple Fortune 500 companies, including an aerospace and defense company, a major television network, a Silicon Valley technology company, and a high-profile company...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Gift Card Fraud</title>
		<link>https://noise.getoto.net/2024/12/31/gift-card-fraud/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 31 Dec 2024 12:02:13 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[fraud]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69725</guid>

					<description><![CDATA[<p>It’s becoming an <a href="https://www.propublica.org/article/chinese-organized-crime-gift-cards-american-retail">organized crime tactic</a>:</p>
<blockquote><p>Card draining is when criminals remove gift cards from a store display, open them in a separate location, and either record the card numbers and PINs or replace them with a new barcode. The crooks then repair the packaging, return to a store and place the cards back on a rack. When a customer unwittingly selects and loads money onto a tampered card, the criminal is able to access the card online and steal the balance.</p>
<p>[…]</p>
<p>In card draining, the runners assist with removing, tampering and restocking of gift cards, according to court documents and investigators...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Criminal Gang Physically Assaulting People for Their Cryptocurrency</title>
		<link>https://noise.getoto.net/2024/07/18/criminal-gang-physically-assaulting-people-for-their-cryptocurrency/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 18 Jul 2024 15:33:18 +0000</pubDate>
				<category><![CDATA[Bitcoin]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[extortion]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[physical security]]></category>
		<category><![CDATA[torture]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69175</guid>

					<description><![CDATA[<p>This is <a href="https://www.wired.com/story/crypto-home-invasion-crime-ring/">pretty horrific</a>:</p>
<blockquote><p>…a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North Carolina couple, whose home St. Felix and one of his accomplices broke into before physically assaulting the two victims—­both in their seventies—­and forcing them to transfer more than $150,000 in Bitcoin and Ether to the thieves’ crypto wallets...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The Justice Department Took Down the 911 S5 Botnet</title>
		<link>https://noise.getoto.net/2024/06/07/the-justice-department-took-down-the-911-s5-botnet/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 07 Jun 2024 11:04:46 +0000</pubDate>
				<category><![CDATA[botnets]]></category>
		<category><![CDATA[courts]]></category>
		<category><![CDATA[COVID-19]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69002</guid>

					<description><![CDATA[<p>The US Justice Department has <a href="https://www.justice.gov/opa/pr/911-s5-botnet-dismantled-and-its-administrator-arrested-coordinated-international-operation">dismantled</a> an enormous botnet:</p>
<blockquote><p>According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million unique IP addresses, including 613,841 IP addresses located in the United States. Wang then generated millions of dollars by offering cybercriminals access to these infected IP addresses for a fee...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Smuggling Gold by Disguising it as Machine Parts</title>
		<link>https://noise.getoto.net/2024/04/12/smuggling-gold-by-disguising-it-as-machine-parts/</link>
		
		<dc:creator><![CDATA[B. Schneier]]></dc:creator>
		<pubDate>Fri, 12 Apr 2024 11:01:18 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[smuggling]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68776</guid>

					<description><![CDATA[Someone got caught trying to smuggle 322 pounds of gold (that&#8217;s about a quarter of a cubic foot) out of Hong Kong. It was disguised as machine parts:
On March 27, customs officials x-rayed two air compressors and discovered that they contained go...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Tracking Down a Suspect through Cell Phone Records</title>
		<link>https://noise.getoto.net/2023/07/17/tracking-down-a-suspect-through-cell-phone-records/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 17 Jul 2023 11:13:03 +0000</pubDate>
				<category><![CDATA[cell phones]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[Forensics]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67549</guid>

					<description><![CDATA[<p>Interesting <a href="https://www.cnn.com/2023/07/14/us/gilgo-beach-murders-suspect-arrest/index.html">forensics</a> in connection with a serial killer arrest:</p>
<blockquote><p>Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island—two areas connected to a “burner phone” they had tied to the killings. (In court, prosecutors later said the burner phone was identified via an email account used to “solicit and arrange for sexual activity.” The victims had all been Craigslist escorts, according to officials.)</p>
<p>They then narrowed records collected by cell towers to thousands, then to hundreds, and finally down to a handful of people who could match a suspect in the killings...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Self-Driving Cars Are Surveillance Cameras on Wheels</title>
		<link>https://noise.getoto.net/2023/07/03/self-driving-cars-are-surveillance-cameras-on-wheels/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 03 Jul 2023 11:04:40 +0000</pubDate>
				<category><![CDATA[cars]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67500</guid>

					<description><![CDATA[<p>Police are <a href="https://www.bloomberg.com/news/articles/2023-06-29/self-driving-car-video-from-waymo-cruise-give-police-crime-evidence?sref=P6Q0mxvj">already using</a> self-driving car footage as video evidence:</p>
<blockquote><p>While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement ­ and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage. And it’s easier for law enforcement to turn to one company with a large repository of videos and a dedicated response team than to reach out to all the businesses in a neighborhood with security systems...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Typing Incriminating Evidence in the Memo Field</title>
		<link>https://noise.getoto.net/2023/06/27/typing-incriminating-evidence-in-the-memo-field/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 27 Jun 2023 20:36:50 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[Forensics]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67488</guid>

					<description><![CDATA[<p>Don’t <a href="https://onefoottsunami.com/2023/06/26/fun-with-the-memo-field-while-committing-abhorrent-crimes/">do it</a>:</p>
<blockquote><p>Recently, the manager of the Harvard Med School morgue was accused of stealing and selling human body parts. Cedric Lodge and his wife Denise were among a half-dozen people <a href="https://www.wbur.org/news/2023/06/14/cedric-lodge-massachusetts-nh-harvard-morgue-cadavers-indictment">arrested for some pretty grotesque crimes</a>. This part is also at least a little bit funny though:</p>
<blockquote><p>Over a three-year period, Taylor appeared to pay Denise Lodge more than $37,000 for human remains. One payment, for $1,000 included the memo “head number 7.” Another, for $200, read “braiiiiiins.”</p></blockquote>
</blockquote>
<p>It’s so easy to think that you won’t get caught.</p>
...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Ransomware Payments Are Down</title>
		<link>https://noise.getoto.net/2023/01/31/ransomware-payments-are-down/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 31 Jan 2023 12:03:28 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[extortion]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66684</guid>

					<description><![CDATA[<p>Chainalysis <a href="https://blog.chainalysis.com/reports/crypto-ransomware-revenue-down-as-victims-refuse-to-pay/">reports</a> that worldwide ransomware payments were down in 2022.</p>
<blockquote><p>Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before.</p>
<p>As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified on the blockchain and incorporated into our data. When we published last year’s version of this report, for example, we had only identified $602 million in <a href="https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-ransomware/">ransomware payments in 2021...</a></p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Drone Deliveries into Prisons</title>
		<link>https://noise.getoto.net/2022/08/03/drone-deliveries-into-prisons/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 03 Aug 2022 11:50:32 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[drones]]></category>
		<category><![CDATA[prisons]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65747</guid>

					<description><![CDATA[Seems it&#8217;s now common to sneak contraband into prisons with a drone.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Textbook Rental Scam</title>
		<link>https://noise.getoto.net/2021/10/20/textbook-rental-scam/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 20 Oct 2021 11:16:42 +0000</pubDate>
				<category><![CDATA[amazon]]></category>
		<category><![CDATA[courts]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[fraud]]></category>
		<category><![CDATA[scams]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63795</guid>

					<description><![CDATA[<p>Here’s a story of <a href="https://www.theregister.com/2021/10/15/amazon_textbook_rental/">someone</a> who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned books. They also used various aliases and other tricks to bypass Amazon’s fifteen-book limit. In all, they stole 14,000 textbooks worth over $1.5 million.</p>
<p>The article doesn’t link to the indictment, so I don’t know how they were discovered.</p>
...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>T-Mobile Data Breach</title>
		<link>https://noise.getoto.net/2021/08/19/t-mobile-data-breach/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 19 Aug 2021 11:17:56 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Phishing]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63593</guid>

					<description><![CDATA[<p>It’s a <a href="https://www.wired.com/story/t-mobile-hack-data-phishing/">big one</a>:</p>
<blockquote><p>As first reported <a href="https://www.vice.com/en/article/akg8wg/tmobile-investigating-customer-data-breach-100-million">by Motherboard</a> on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove includes not only names, phone numbers, and physical addresses but <a href="https://www.wired.com/story/t-mobile-breach-much-worse-than-it-had-to-be/">also more sensitive data like social security numbers</a>, driver’s license information, and <a href="https://www.wired.com/story/phone-numbers-indentification-authentication/">IMEI numbers</a>, unique identifiers tied to each mobile device. <a href="https://www.vice.com/en/article/akg8wg/tmobile-investigating-customer-data-breach-100-million">Motherboard confirmed</a> that samples of the data “contained accurate information on T-Mobile customers.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Disrupting Ransomware by Disrupting Bitcoin</title>
		<link>https://noise.getoto.net/2021/07/26/disrupting-ransomware-by-disrupting-bitcoin/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 26 Jul 2021 11:30:39 +0000</pubDate>
				<category><![CDATA[Bitcoin]]></category>
		<category><![CDATA[crime]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63493</guid>

					<description><![CDATA[<p>Ransomware isn’t new; the idea dates back to 1986 with the <a href="https://en.wikipedia.org/wiki/Brain_(computer_virus)">“Brain” computer virus</a>. Now, it’s become <em>the</em> criminal business model of the internet for two reasons. The first is the realization that no one values data more than its original owner, and it makes more sense to ransom it back to them — sometimes with the added extortion of threatening to make it public — than it does to sell it to anyone else. The second is a safe way of collecting ransoms: bitcoin.</p>
<p>This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from. Lee Reiners, executive director of the Global Financial Markets Center at Duke Law, ...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Ransomware Profitability</title>
		<link>https://noise.getoto.net/2021/02/10/ransomware-profitability/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 10 Feb 2021 13:39:41 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=61897</guid>

					<description><![CDATA[Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.
Based on the company&#8217;s data, among last year&#8217;s top earners, there were groups like Ryuk, Maz...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Zodiac Killer Cipher Solved</title>
		<link>https://noise.getoto.net/2020/12/16/zodiac-killer-cipher-solved/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 16 Dec 2020 13:01:54 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[cryptanalysis]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60594</guid>

					<description><![CDATA[<p>The <i>SF Chronicle</i> is <a href="https://www.sfchronicle.com/crime/amp/Zodiac-340-cypher-cracked-by-code-expert-51-years-15794943.php">reporting</a> (more details <a href="https://www.abc.net.au/news/2020-12-12/melbourne-mathematician-cracks-zodiac-killer-cipher/12978106">here</a>), and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the Zodiac Killer to the newspaper.</p>
<p>There&#8217;s no paper yet, but there are a bunch of details in the news articles.</p>
<p>Here&#8217;s an <a href="https://www.vice.com/en/article/k7a3gz/what-a-mathematician-learned-from-cracking-the-zodiac-killers-code">interview</a> with one of the researchers:</p>
<blockquote><p>Cryptologist David Oranchak, who has been trying to crack the notorious &#8220;340 cipher&#8221; (it contains 340 characters) for more than a decade, made a crucial breakthrough earlier this year when applied mathematician Sam Blake came up with about 650,000 different possible ways in which the code could be read. From there, using code-breaking software designed by Jarl Van Eycke, the team&#8217;s third member, they came up with a small number of valuable clues that helped them piece together a message in the cipher ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How the FIN7 Cybercrime Gang Operates</title>
		<link>https://noise.getoto.net/2020/09/16/how-the-fin7-cybercrime-gang-operates/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 16 Sep 2020 11:00:01 +0000</pubDate>
				<category><![CDATA[crime]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60195</guid>

					<description><![CDATA[<p>The Grugq has written an <a href="https://sec.okta.com/articles/2020/08/crimeops-operational-art-cyber-crime">excellent essay</a> on how the Russian cybercriminal gang FIN7 operates. An excerpt:</p>
<blockquote><p>The secret of FIN7&#8217;s success is their <b>operational art of cyber crime.</b> They managed their resources and operations effectively, allowing them to successfully attack and exploit hundreds of victim organizations. FIN7 was not the most elite hacker group, but they developed a number of fascinating innovations. Looking at the process triangle (people, process, technology), their technology wasn&#8217;t sophisticated, but their people management and business processes were...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 42/247 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-07 10:24:58 by W3 Total Cache
-->