We need to talk about the May 27th Criminal Information Diana Lebeau

Why? Because I’m going to walk you through why and it’s important that you read what I’m going to detail

What this space - closely…

On May 27, 2021 the Justice Department released the following - which reads in part:

FBI Boston @FBIBoston

Following an #FBI Boston investigation, Diana Lebeau, of Cranston, RI, was charged today with sending phishing emails to candidates for political office & others, including members of one candidate's staff, the candidate's spouse & the spouse's coworkers.

ow.lyRhode Island Woman Charged with Phishing SchemeA Rhode Island woman was charged today with sending phishing emails to candidates for political office and others.

6:27 PM ∙ May 27, 2021

---

Diana Lebeau, 21, of Cranston, R.I., was charged in an Information with attempted unauthorized access to a protected computer. Lebeau will make an initial appearance in federal court in Boston

a criminal information is not a criminal complaint or indictment - typically a “criminal information” tends to accompany a plea agreement. There are some inconsistencies with the DOJ-OPA versus the Criminal Information. For example the -DOJ-OPA

attempted unauthorized access to a protected computer.

Which likely means the FBI and DOJ Cyber Task Force thwarted her cyber-crimes before “any real damage” but what’s curious is in the Criminal Information it’s very specific January to March 2020. Which is why I found her April 23, 2021 GoFundMe Campaign to “buy more advance equipment” seems rather curious.

…in January 2020, Lebeau sent phishing emails to approximately 22 members of the campaign staff of a candidate for political office. The emails, which purported to be from either the campaign’s managers or one of the campaign’s co-chairs, directed the recipients to put their account credentials into an attached spreadsheet, or to click a link that connected them to a Google Form that solicited the same credentials.

Grifters gotta GoFundMe for new hardware

For unknown reasons some seemed to overlooked Defendant Lebeau”s - GoFundMe campaign which she created on April 23, 2021. It is kind of curious what Defendant LEBEAU disclosed in her GoFundMe campaign.

Especially when you cross reference with her LinkedIn Account biography. https://www.gofundme.com/f/help-diana-raise-money-for-hardware - also achieved (don’t be an archive jerk —not my issue the person who previously archived didn’t do the outlinks)

The way the idea works is that use the language AutoHotKey to develop a program to do a keylogging attack and also emailing using these things called com objects. For those reading this that don't understand what it is, basically you plug in the usb into the computer and it runs software more silently on its own to install and run program.

My other idea is to figure out if a USB mouse could be used as an attack vector. In other words, you plug in a USB mouse and it runs programs in the background.

I also have an idea of using drones with an attached long range RFID scanner to scan for RFID tag…

Another idea is using one or more drones as a way to scan and possibly try to get access to other wifi. The idea is to use them in a format like a triangle and sit on top of buildings for twenty minutes collecting information before coming back down to the owner.

Diana Lebeau Criminal Information

Again this was filed (and unsealed) on May 27, 2021 - you’ll note the criminal information (via ECF: https://ecf.mad.uscourts.gov/doc1/095110564970 ) only list one Count: Attempted Unauthorized Access to Protected Computers - 18 U.S.C. §§ 1030(a)(2)(c), (b) & (c)(2)(A) ¹- so let’s break down the statute and subsection;

• 18 U.S.C. §1030(a)(2)(c): intentionally accesses a computer with￾out authorization or exceeds authorized ac￾cess, and thereby obtains

• 18 U.S.C. §1030(b): Whoever conspires to commit or attempts to commit an offense under subsection (a) of this section shall be punished as provided in sub￾section (c) of this section.

• 18 U.S.C. §1030(c)(2)(b): except as provided in subparagraph (B), a fine under this title or imprisonment for not more than one year, or both, in the case ofan offense under subsection (a)(2), (a)(3)…

18 U.S.C. §1030(c)(2)(b)

Now why does this matter? If I’m reading this correctly Lebeau had others either helping or directing her. The §1030(c)(2)(b) —means Defendant Lebeau was charged with a misdemeanor (up to one year in prison) versus a felony under 18 U.S.C. §1030 (up to twenty years in prison)

Defendant LEBEAU appears to have created a multi-stage cyber purloining operation

• First Stage; In January of 2020 Defendant Lebreau sent two sets of phishing emails. One batch appeared to the unwittingly (and likely) appeared as coming from the campaign’s managers or one of the campaign’s co-chairs. The emails requested the recipients to type in their account credentials, into an attached spreadsheet - or simply click (the fraudulent) web-link that redirected the recipients to a Google Form, where they were instructed to add their credentials to the aforementioned Google Form.

  • Additionally, Defendant Lebeau allegedly targeted the candidate’s spouse and other co-workers with messages. By creating an email that appeared to be either from Microsoft’s “Security Team” or from an employee of the workplace’s IT help desk.

  • LEBEAU also placed several phone calls and sent other phishing emails to the workplace’s technology helpdesk, asking in each instance that the helpdesk reset an employee’s email account and provide a new password

“The emails… requested that recipients provide account credentials or other information about their computers by adding it to attached spreadsheets or on a website that mimicked the appearance of the employer’s legitimate website,”

• Stage Two In March of 2020 - Defendant Lebeau sent phishing emails targeting a separate candidate running for political office. The emails claimed to be from the candidate’s cable and internet provider. These emails included a fraudulent/false log-in link. The inference is Defendant LEBEAU created this second set of fraudulent phishing emails, ostensibly for “the purpose of addressing an issue with the candidate’s account that required the recipient to provide login credentials”

• Stage Three - Defendant Lebeau then impersonated one of her victims, which was a candidate for political office, this onerous behavior occurred in online chats with the cable and internet provider. With the goal of the Cable & Internet Provider would reset and obtain the candidate’s account password.

So the naturally my questions are:

• Who did she give up to get this kind of misdemeanor charge?

• Did she have other co-conspirators and did they instruct Lebeau?

• Who wrote the code and/or “fake websites” and/or Google Form?

Read what I’ve highlighted and underlined in Lebeau’s Criminal Information because this matters and no this is not me playing semantics.

Criminal Information Defendant LEBEAU Page 1

Furthermore (as detailed in paragraphs 2 and 3) to me it’s clear Lebeau obtained credentials and then used (some) of that information to create accounts, trick recipients into providing passwords… “LEBEAU used the candidate’s name to register the email accounts and the Google Form.” Because that one could argue the Government could have charged her with 18 U.S.C. §1028A-Aggravated Identity Theft (Max 5 years imprisonment per count or per identity used) and/or 18 U.S.C. 1343 -Fraud by wire, radio, or television (Max 20 years -per incident/victim) because it certainly reads that Defendant LEBEAU’s actions may have satisfied all four elements -especially the following;

“Wire fraud requires proof of (1) a scheme to defraud; and (2) the use of an interstate wire communication to further the scheme..”

Lebeau Criminal Information May 27, 2021 page 2

Lebeau sent several phishing emails to the candidate’s spouse and to others at the spouse’s workplace. The emails, which purported to be either from Microsoft’s “Security Team” or from an employee of the workplace’s technology helpdesk, requested that recipients provide account credentials or other information about their computers by adding it to attached spreadsheets or on a website that mimicked the appearance of the employer’s legitimate website.

LEBEAU also impersonated this candidate in online chats with the cable and internet provider, in an attempt to reset and obtain the candidate’s account password.

Okie Dokie but come on who’s needs a foreign hostile adversary when you have American Citizens doing this for who and what and why? Because paragraph 8 isn’t something you normally read in a criminal information - but thanks for clearing that up…said no sane person ever..

Criminal Information Defendant LEBEAU

What - Fresh - Hell - Is - This?!?

LEBEAU also impersonated this candidate in online chats with the cable and internet provider, in an attempt to reset and obtain the candidate’s account password.

Okie Dokie I guess that’s super clear…definitely a misdemeanor which bears repeating - who/what/why did she give up? As previously explained the U.S.C. Cited has varying “punishments” ranging misdemeanors <1 year in prison and felony 20 years max imprisonment. And this is a misdemeanor Criminal Information.

Criminal Information Defendant LEBEAU

Now did it occur to you why I started off by pointing out Defendant Lebeau’s April 2021 GoFundMe? Beyond she was looking for investors by way as donors to her cyber crimes - here take a look at the forfeiture of the various computers, hard drives;

a. One Black DELL Inspiron bearing serial number 16808940794;

b. One My Passport external hard drive bearing serial number WX11A29725CP;

c. One Black HTC Phone (Model: 2Q5W100);

d. One Microsoft Surface Pro gray in color;

e. One book entitled the Art of Exploitation (Hacking) with notes;

f. Two micro SD cards;

g. One Blue Memorex flash drive;

h. Black Memorex flash drive;

i. One Dell Optiplex 7010 computer; and

j. Miscellaneous papers and notebooks.

Oh and if you think I’m off the mark concerning her April 2021 GoFundMe Campaign - here’s her recent LinkedIn -in 2019 she worked for CVS Pharmacy as an;

• Information Technology Help Desk at CVS Health

• LinkedIn Bio: “…female who is a hobbyist in Cyber Security. Interest include hardware and building unique attack hardware (Rubber Ducky, Raspberry Pi, mini routers), finding unique and less common attack vectors, physical penetration theory and finding unique ways to get into buildings (With an affidavit). I love to learn from my peers & on my own. I prefer positivity than negativity when it comes to approaching a problem. I have some experience with C, Python, Bash, Docker, Virtualbox, Vagrant, Linux, Windows, and Window Servers.”

On April 23, 2020 a local ABC news affiliate reported that the FBI raided a Cranston, Rhode Island home, see the ABC6 footage

Again you can pay for the May 27, 2021 - criminal information via ECF: https://ecf.mad.uscourts.gov/doc1/095110564970 or you can pull it down from my public drive -and thus far I haven’t been able to make a deduction of who the candidate was/is or the spouse. I could take a guess but I’d rather wait and see if the USAO-MA or Boston FBI release any information —because facts matter and I’d rather wait for the facts versus taking an educated guess.

And lastly -Defendant LaBeau is scheduled for her Initial Appearance Hearing is set for June 9, 2021 at 2:00 p.m. by Remote Proceeding at Boston before Magistrate Judge Jennifer C. Boal.

1

a highlighted and red line copy of 18 U.S.C. §1030 pdf can be found on my public drive

Comments

[Julie Kay]

Fascinating. She sounds like a wannabe hacker who thankfully was caught. I look forward to hearing who the political candidate is.