GEORGIA
A Lebanese national wanted in Florida who is alleged involved in the laundering of drug money through the use of the black market peso exchange in support of Hezbollah’s global criminal support network was extradited to the U.S, federal prosecutors stated.
Also a Cypriot national wanted in Georgia and Arizona for cyber intrusion and extortion, were both extradited yesterday from the Republic of Cyprus to the United States.
“These successful extraditions demonstrate the commitment of the Department of Justice to support local, state and federal law enforcement agencies throughout the United States and our strong working relationship with dedicated foreign partners who assist in apprehending foreign fugitives wherever they may be hiding,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division.
Adding, “Thanks to the efforts of our law enforcement partners in Cyprus, Ghassan Diab and Joshua Polloso Epifaniou will now be held accountable in the United States for their alleged crimes.”
Ghassan Diab, 37, a citizen of Lebanon, arrived in Miami last week after being extradited from the Republic of Cyprus.
Diab is charged with two counts of money laundering over $100,000, two counts of conspiracy to launder over $100,000, two counts of unlicensed transmission of currency over $100,000, and two counts of unlawful use of a two-way communications device for money laundering.
Diab was previously identified as an alleged Hezbollah associate by authorities.
On October 2016 as a part of the Drug Enforcement Administration (DEA) Miami Field Division’s “Operation Reconquista,” a joint State/Federal partnership to attack money laundering which resulted in the arrest of two co-defendants.
At that time, Ghassan Diab’s specific whereabouts were unknown, officials stated.
Diab was provisionally arrested in Cyprus for purposes of extradition on March 9, 2019, at the Larnaca International Airport upon his arrival from Beirut, Lebanon, based on a request from the United States in accordance with the U.S.-Cyprus Extradition Treaty.
On Sept. 27, 2019, the court in Cyprus found him extraditable to the United States.
Joshua Polloso Epifaniou, 21, a resident of Nicosia, Cyprus, arrived at John F. Kennedy Airport in New York last week after being extradited from Cyprus, where he was arrested in February 2018.
Epifaniou is the first Cypriot national extradited by Cyprus to the United States.
Cyprus amended its Constitution in 2013 to allow for the extradition of Cypriot nationals to a European country or to a third country on the basis of a European arrest warrant or on the basis of a bilateral or multilateral treaty that the Republic of Cyprus has signed, with the understanding that the corresponding country would extradite its citizens as well.
In 2003, the United States and the European Union entered into an extradition agreement.
A five-count indictment charges Epifaniou with conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud and identity theft, and extortion related to a protected computer.
According to the indictment, between approximately October 2014 and November 2016, Epifaniou worked with co-conspirators to steal personal identifying information from user and customer databases at victim websites in order to extort the websites into paying ransoms under threat of public disclosure of the sensitive data.
Epifaniou allegedly obtained confidential personal identifying information from these websites and other websites:
A free online game publisher based in Irvine, California
A hardware company based in New York, New York
An online employment website headquartered in Innsbrook, Virginia
An online sports news website owned by Turner Broadcasting System Inc. in Atlanta, Georgia.
After obtaining the personal identifying information, Epifaniou allegedly used proxy servers located in foreign countries to log into online email accounts and send messages to the victim websites threatening to leak the sensitive data unless a ransom was paid.
He is alleged to have defrauded the entities of $56,850 in bitcoin, and two victims incurred losses of over $530,000 from remediation costs associated with the incident.
Epifanou is scheduled for his arraignment on Monday in federal court.
He is named in a 24-count indictment charged with conspiracy to commit computer hacking, obtaining information from a protected computer, intentional damage to a protected computer, and threatening to damage a protected computer.
The indictment alleges that on Oct. 30, 2016, Epifaniou obtained unauthorized access to the database of Ripoff Report (ROR), a company located in Phoenix, Arizona, through a brute force attack.
A brute force attack is a trial-and-error method used to get information, such as a user password or personal identification number.
Epifaniou allegedly used the attack to successfully override ROR’s login and password protection to access its database through an existing account for a ROR employee.
On Nov. 18, 2016, Epifaniou emailed ROR’s CEO using an email address, threatening to publicly disseminate stolen ROR data unless the company paid him $90,000 within 48 hours.
According to the indictment, Epifaniou emailed again the following day with a hyperlink to a video recording demonstrating Epifaniou’s unauthorized access to the ROR CEO’s account.
The indictment additionally alleges that between October 2016 and May 2017, Epifaniou worked with an associate at “SEO Company,” which was a search engine marketing company based in Glendale, California, to identify companies that might be interested in paying for removal of complaints posted on ROR’s website.
Epifaniou would then illegally remove through unauthorized access to the ROR database. Epifaniou and his co-conspirator removed at least 100 complaints from the ROR database, charging SEO Company’s “clients” approximately $3,000 to $5,000 for removal of each complaint.
The defendants are presumed innocent unless proven guilty.