The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices.

Benjamin Paley, 75, a resident of Plymouth in Minnesota, and co-owner of IT company GEN8 Services, has been indicted in the U.S. for his participation in an international conspiracy to traffic counterfeit networking devices.

According to an announcement by the U.S. Department of Justice (DoJ), Benjamin Paley, 75, along with co-conspirators Wade Huber and David Rosenblatt, ran a scheme between 2014 and 2022 to sell counterfeit software license keys for Brocade switches.

Brocade Communications Systems is a Californian networking products vendor that manufactures switches for critical environments such as government organizations, hospitals, and educational institutes.

Customers can legally buy licenses from Brocade and its reseller network for $1,400 to up to $100,000, depending on the selected features, deployment scale, and the level of support and services chosen.

Through specialized software tools, cybercriminals can crack the code of the license generation system and create phony keys still accepted by the program as valid, fueling an illegal market of counterfeit keys.

Paley and his co-conspirators allegedly used such programs to generate and sell at least 3,637 forged Brocade switch licenses for prices well below their standard market rate, causing Brocade between $5 million and $363 million in financial losses.

"As part of the scheme, Rosenblatt and Huber routinely communicated with and obtained information from clients and prospective customers who wanted to purchase switches and license keys," reads the U.S. DoJ announcement.

"Paley used that information to procure counterfeit license keys that enabled additional ports or functionality on the switches to be accessible to their clients."

"In total, Paley possessed and sold at least 3,637 counterfeit license keys for switches at amounts substantially below the market rate for legitimate license key sales, resulting in millions of dollars in financial losses to Brocade."

Paley now faces charges for one count of conspiracy to commit access device fraud and three counts of access device fraud, incurring a maximum punishment of 5 years for the conspiracy and 15 years of imprisonment for each count, respectively.

Additionally, there could be fines of up to $250,000 per count or twice the amount of the financial gain/loss from the committed offenses.

The conviction and sentence are to be decided by Magistrate Judge Douglas L. Micko on October 10, 2024.

Paley's co-conspirators previously pleaded guilty to one count of conspiracy to commit access device fraud, and their sentence is scheduled for later.

Related Articles:

CISA: Network switch RCE flaw impacts critical infrastructure

Hacker gets 10 years in prison for extorting US healthcare provider

US indicts Snowflake hackers who extorted $2.5 million from 3 victims

D-Link won’t fix critical bug in 60,000 exposed EoL modems

Canada orders TikTok to shut down over national risk concerns