Home / Security / Over 757K Fraudulently Obtained IPv4 Addresses Revoked by ARIN

Over 757K Fraudulently Obtained IPv4 Addresses Revoked by ARIN

Over 757K Fraudulently Obtained IPv4 Addresses Revoked by ARIN

The American Registry for Internet Numbers (ARIN) discovered a fraud scheme in late-2018 through which 757,760 IPv4 addresses worth between $9,850,880 and $14,397,440 were fraudulently obtained.

ARIN is a nonprofit corporation which distributes Internet number resources such as IPv4, IPv6, and Autonomous System numbers to organizations throughout the United States, Canada, and Caribbean and North Atlantic islands.

“On May 1, 2019, ARIN obtained a final and very favorable arbitration award which included revocation of all resources issued pursuant to fraud and $350,000 to ARIN for its legal fees,” says a press release issued by ARIN on May 13.

Twenty wire fraud counts indictment

ARIN was able to uncover and revoke the IPv4 addresses obtained through the fraud scheme following the arbitration [PDF] in the U.S. District Court for the Eastern District of Virginia, with the individual and the company behind the scheme being charged in federal court in a twenty-counts of wire fraud indictment.

As a Department of Justice (DoJ) press release issued today says, the two accused parties “created and utilized ‘Channel Partners,’ which purported to consist of several individual businesses, all of whom acquired the right to IP addresses from the American Registry of Internet Numbers (ARIN).”

The accused allegedly used multiple deceptive websites and false aliases posing as employees of 11 shelf companies across the United States as evidenced by an investigation conducted by the Federal Bureau of Investigation and the ARIN arbitration.

ARIN also states that some of the defrauded IPv4 addresses “had been transferred to bona-fide purchasers out of the ARIN region” but it did not go after “the recipients of those completed transactions.”

Wire fraud counts punishable by 20 years imprisonment each

“Fraud will not be tolerated. The vast majority of organizations obtain their address space from ARIN in good faith according to the policies set out by the community. However, ARIN detected fraud as a result of internal due diligence processes, and took action to respond in this particularly egregious case,” stated ARIN President and CEO John Curran

Also, “We are stepping up our efforts to actively investigate suspected cases of fraud against ARIN and will revoke resources and report unlawful activity to law enforcement whenever appropriate.”

According to the DoJ press release, each of the twenty counts of wire fraud the defendants were charged with are punishable by up to 20 years imprisonment.

Assistant U.S. Attorney Nathan Williams of the Charleston office who prosecutes the case stated that the two accused parties are presumed innocent until proven guilty in a court of law.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

x

Check Also

USN-3805-1: curl vulnerabilities | Ubuntu security notices

USN-3985-1: libvirt update | Ubuntu security notices

15 May 2019 libvirt update A security issue affects these releases of Ubuntu and its ...