U.S. Department of Justice, Criminal Division

Former CEO Indicted for Role in Bribing Japanese Officials and BIT Mining Ltd. Resolves Foreign Bribery Investigation An indictment was unsealed today charging the former CEO of 500. com (now BIT Mining Ltd.), Zhengming Pan, a Chinese national, with violations of the Foreign Corrupt Practices Act (FCPA). BIT Mining Ltd. has agreed to resolve investigations by the Justice Department and the Securities and Exchange Commission (SEC) into related FCPA violations arising from the company’s participation in a corrupt scheme to pay bribes to Japanese government officials. BIT Mining entered into a three-year deferred prosecution agreement (DPA) in connection with a criminal information filed in the District of New Jersey charging BIT Mining with one count of conspiracy to violate the anti-bribery and books and records provisions of the FCPA and one count of violating the books and records provisions of the FCPA. Read more: https://lnkd.in/dKXbJZsX

Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges Russian National Alleged to Have Coordinated Sale, Distribution, and Operation of Phobos Ransomware as Part of International Hacking and Extortion Conspiracy The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the U.S. District Court for the District of Maryland on Nov. 4 after being extradited from South Korea. Phobos ransomware, through its affiliates, victimized more than 1,000 public and private entities in the United States and around the world, and extorted ransom payments worth more than $16 million dollars. “The Justice Department is committed to leveraging the full range of our international partnerships to combat the threats posed by ransomware like Phobos,” said Deputy Attorney General Lisa Monaco. “Evgenii Ptitsyn allegedly extorted millions of dollars of ransom payments from thousands of victims and now faces justice in the United States thanks to the hard work and ingenuity of law enforcement agencies around the world — from the Republic of Korea to Japan to Europe and finally to Baltimore, Maryland. Together with our partners across the globe, we will continue to hold cybercriminals accountable and protect innocent victims.” Read more: https://lnkd.in/gCCEhsrM

Operator of Helix Darknet Cryptocurrency “Mixer” Sentenced in Money Laundering Conspiracy and Ordered to Forfeit Over $400M in Assets An Ohio man was sentenced today to three years in prison for his operation of the darknet cryptocurrency “mixer” Helix, which processed transactions involving over $300 million worth of cryptocurrency from 2014 to 2017. According to court documents, Larry Dean Harmon, 41, of Akron, ran Helix, a darknet mixer that laundered customers’ bitcoin. Helix was connected to Grams, a darknet search engine also run by Harmon. Helix was one of the most popular mixing services on the darknet and was highly sought after by online drug dealers who needed to launder their illicit proceeds. Helix processed at least approximately 354,468 bitcoin — the equivalent of approximately $311,145,854 in U.S. dollars at the time of the transactions — on behalf of its customers, including customers in the District of Columbia. Much of those funds were coming from or going to darknet drug markets. Harmon retained a percentage of these transactions as his commissions and fees for operating Helix. Harmon worked to ensure Grams and Helix connected to or otherwise supported all of the major darknet markets at the time. Harmon developed an Application Program Interface (API) to allow darknet markets to integrate Helix directly into their bitcoin withdrawal systems. Harmon also customized features of Helix to ensure compatibility with significant markets. Investigators traced tens of millions of dollars from darknet markets to Helix. On Aug. 18, 2021, Harmon pleaded guilty to conspiracy to commit money laundering. Read more: https://lnkd.in/gA3whjrY

International Fugitive Home Health Care Owner Sentenced for Fraudulently Billing Medicare A Michigan home health care company owner was sentenced yesterday to three years and five months in prison for his role in a health care fraud conspiracy that resulted in almost $7.9 million in false and fraudulent claims for home health care services paid by Medicare Part A. According to court documents, Muhammad Zafar, 53, of Wayne County, owned and operated a home health care business in Michigan. Together with three doctors and two other home health care company owners, Zafar offered kickbacks, bribes, and other inducements to beneficiary recruiters in exchange for Medicare beneficiary information. Zafar and his co-conspirators used this information to bill Medicare for services that were medically unnecessary and not provided. Zafar pleaded guilty to submitting approximately $393,500 in claims to Medicare from his home health care company for services that were medically unnecessary, ineligible for Medicare reimbursement, and not provided as represented. On the same day that Zafar appeared in court for his initial appearance on June 17, 2015, he violated his court-issued bond, crossed the international border into Canada, and shortly thereafter flew to Pakistan. Zafar remained an international fugitive for approximately seven and a half years before returning to the United States to face the charges against him. On May 29, Zafar pleaded guilty to conspiracy to commit health care fraud and wire fraud. Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division; Special Agent in Charge Mario Pinto of the Department of Health and Human Services Office of Inspector General (HHS-OIG); and Special Agent in Charge Cheyvoryea Gibson of the FBI Detroit Field Office made the announcement. HHS-OIG and the FBI Detroit Field Office investigated the case. Trial Attorney Jeffrey A. Crapko of the Criminal Division’s Fraud Section prosecuted the case. The Fraud Section leads the Criminal Division’s efforts to combat health care fraud through the Health Care Fraud Strike Force Program. Since March 2007, this program, currently comprised of nine strike forces operating in 27 federal districts, has charged more than 5,400 defendants who collectively have billed federal health care programs and private insurers more than $27 billion. In addition, the Centers for Medicare & Medicaid Services, working in conjunction with HHS-OIG, are taking steps to hold providers accountable for their involvement in health care fraud schemes. More information can be found at https://lnkd.in/ee_ABes8. Press Release: https://lnkd.in/gtNqbHGc

Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange. According to court documents, Lichtenstein, 35, hacked into Bitfinex’s network in 2016, using advanced hacking tools and techniques. Once inside the network, Lichtenstein fraudulently authorized more than 2,000 transactions transferring 119,754 bitcoin from Bitfinex to a cryptocurrency wallet in Lichtenstein’s control. Lichtenstein then took steps to cover his tracks by deleting from Bitfinex’s network access credentials and other log files that could have revealed his conduct to law enforcement. Following the hack, Lichtenstein enlisted the help of his wife, Heather Morgan, in laundering the stolen funds. Read more: https://lnkd.in/ggcrVFkX

Colorado Recidivist Sex Offender Sentenced to 35 Years in Prison for Crimes Against Children A Colorado man was sentenced yesterday to 35 years in prison and a lifetime term of supervised release for his distribution of child sexual abuse material (CSAM) and involvement with a dark-web website dedicated to CSAM. Read more: https://lnkd.in/gVbmPMmA

Idaho Man Sentenced for Computer Hacking and Extortion Scheme An Idaho man was sentenced today to 10 years in prison for hacking into the computer servers of 19 victims across the United States, stealing personally identifiable information (PII) belonging to more than 132,000 people, and attempting to extort a Florida orthodontist for payment in Bitcoin by threatening to disclose stolen patient records and other PII. According to court documents, in June 2017, Robert Purbeck, 45, of Meridian, purchased access to the computer server of a Griffin, Georgia, medical clinic on a darknet marketplace. He then used the stolen credentials to illegally access the computers of the medical clinic and removed records that contained sensitive PII for over 43,000 individuals, including names, addresses, birth dates, and social security numbers. In February 2018, Purbeck purchased access to a City of Newnan, Georgia, Police Department server on a darknet marketplace. Purbeck used the stolen credentials to hack into the City of Newnan computer systems and stole police reports and other documents, including PII for over 14,000 people. Purbeck also attempted to extort a Florida orthodontist in July 2018, demanding a ransom payment in Bitcoin in return for his stolen patient files, threatening to sell the patient and personal information unless the orthodontist paid the ransom. Additionally, Purbeck threatened to sell the PII of the orthodontist’s minor child. Purbeck harassed the orthodontist and his patients for 10 days with numerous threatening emails and text messages. Read more: https://lnkd.in/g38tW325

Two Chicago Residents Sentenced for Sex Trafficking a Minor A Chicago man was sentenced today to 30 years in prison for sex trafficking a minor victim and distributing child sexual abuse material. His co-defendant, a Chicago woman, was sentenced previously to 19 years in prison for conspiracy to sex traffic the minor. Read more: https://lnkd.in/gSbuN2dm

Foreign National Pleads Guilty to Laundering Millions in Proceeds from Cryptocurrency Investment Scams Daren Li, 41, a dual citizen of China and St. Kitts and Nevis, and a resident of China, Cambodia, and the United Arab Emirates, pleaded guilty today to one count of conspiracy to commit money laundering for his role in a scheme to launder millions of dollars in proceeds of cryptocurrency investment scams. “Daren Li and his co-conspirators laundered over $73 million from the victims of cryptocurrency investment scams, using a web of shell companies and international bank accounts,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Although Li committed this offense from outside the United States, he was not beyond the reach of the Justice Department. Today’s plea reflects our ongoing commitment to working with our domestic and international partners to hold accountable anyone responsible for cryptocurrency investment fraud against U.S. victims — wherever the perpetrators are located.” Li was arrested on April 12 at Hartsfield-Jackson Atlanta International Airport and subsequently transported to the Central District of California. According to court documents, Li admitted that he conspired with others to launder funds obtained from victims through cryptocurrency scams and related fraud. In furtherance of the conspiracy, he communicated with his co-conspirators through encrypted messaging services. In order to conceal or disguise the nature, location, source, ownership, and control of the fraudulently obtained victim funds, Li would instruct co-conspirators to open U.S. bank accounts established on behalf of shell companies and would monitor the receipt and execution of interstate and international wire transfers of victim funds. Li and other co-conspirators would receive victim funds in financial accounts they controlled, and then monitor the conversion of victim funds to virtual currency, specifically Tether (USDT), and the subsequent distribution of that virtual currency to cryptocurrency wallets controlled by Li and his co-conspirators. Read more: https://lnkd.in/gd7gTvVm

Ex-Banker Pleads Guilty in $16M International Bribery and Money Laundering Scheme Involving Former Comptroller General of Ecuador A Miami man pleaded guilty yesterday for his role in a multimillion-dollar international bribery and money laundering scheme. According to court documents, John Christopher Polit, 43, a former banker, laundered the bribe proceeds paid for the benefit of his father, Carlos Ramon Polit Faggioni, the former Comptroller General of Ecuador, through the U.S. financial system and into various investments in South Florida. From approximately 2010 to 2015, Carlos Polit solicited and received bribe payments from Odebrecht S.A., the Brazil-based construction conglomerate, in exchange for using his official position to remove fines and not impose fines in order to benefit Odebrecht and its business in Ecuador. Additionally, Carlos Polit received a bribe from an Ecuadorian businessman in or around 2015 in exchange for assisting the businessman and his company in connection with certain contracts from the state-owned insurance company of Ecuador. Between approximately 2010 and 2018, John Polit helped his father launder these bribe proceeds. John Polit caused the bribe proceeds to “disappear” by layering transactions through Panamanian accounts of intermediary companies and using Florida companies registered in the names of certain associates. John Polit used the laundered funds from his father’s bribery scheme to purchase and renovate real estate in South Florida and elsewhere and to purchase restaurants, a dry cleaner, and other businesses. John Polit pleaded guilty to one count of conspiracy to commit money laundering. He is scheduled to be sentenced on Jan. 30, 2025, and faces a maximum penalty of 10 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors. On Oct. 1, Carlos Polit was sentenced to 10 years in prison following his April trial conviction. Read more: https://lnkd.in/g-eXZ3h5