DEV Community

Cover image for Sundar Pichai Might be Arrested for Securities Fraud
Thomas Hansen
Thomas Hansen

Posted on • Edited on

Sundar Pichai Might be Arrested for Securities Fraud

OK, I thought I had found rock bottom. Unfortunately I hadn't even been close. Apparently CoffeeZilla watched "Julia_TradesCrypto" on YouTube, and outdid me by a mile. Julia is an AI generated garbage influencer, and doesn't actually exist - And there are probably thousands of versions of her out there, so don't get hung up on this particular YouTube user.

Julia has a video on how she's using ChatGPT to create MEV trading bots. Then she leads her viewers to a code snippet you're supposed to copy and execute into your trading platform, apparently to create a trading bot. This bot will according to Julia make you $1,500 per day. This video is being sold as an ad on YouTube.

1. The ad Steals your Crypto

The problem is that instead of creating a trading bot for you, the thing will install malware on your machine. This malware again will transfer all your crypto to some wallet instead of trading for you.

There are 3 interesting parts to this story. First of all, I'm not sure of what's most shocking here, the theft itself, the fact that YouTube allows these ads, or the fact that I suspect "Julia" offered me a job a couple of days ago. Let's start with the last part.

Julia offering me a job

This of course explains how she's got 1.2 million subs I guess, in addition to how she's able to generate hundreds of thousands of comments on other channels, to funnel people into her own channel. So basically, "Julia" has an army of mindless robots and 3rd world country zoombies, who's job it is to literally sit and create fake YouTube usernames all day, to subscribe to her channel, and comment on other channels.

Then she's buying YouTube ads to trick people into watching her YouTube video. The sole purpose of the video is to trick ignorant idiots incapable of understanding computer code to copy and paste a code snippet to their own machines, and execute it such that she can steal their crypto.

2. YouTube might be complicit in multiple Federal Crimes

Now let's look at the 2nd part, which is the fact that YouTube have allowed for these ads to run for months. In fact, I reported an exact replica of this video earlier today myself. An hour later I came back to YouTube and discovered it was still there. See proof of me reporting it below.

Reporting the scam

Implying basically that YouTube doesn't give a sjit. They will happily take Julia's advertisement money, allowing her to use their platform, to commit federal crimes. This makes YouTube complicit may I add, and those having their crypto stolen by Julia can in theory sue Google and YouTube for damages.

Then there's the 1st part, using the FOMO of AI, ChatGPT, and crypto, to literally install malware on other people's computers that steals your money.

3. Sundar Pichai might be complicit in Federal Crimes

So basically, the following 3 chains of events leads to the 4th.

  1. YouTube ads installs malware
  2. The malware steals your crypto
  3. YouTube is therefor possibly complicit
  4. Sundar Pichai might therefor be implicated

Watch CoffeeZilla break down the details in the following video ...

Sundar Pichai might be considered complicit in multiple federal crimes. And after Crypto was partially regulated in the US a couple of weeks ago, it's actually a security and regulated by SEC - Implying laws previously ignorant of crypto now takes effect similarly to how they have effect for FIAT money

ChatGPT's opinion

I went to ChatGPT and asked it indirectly if Sundar Pichai was guilty of securities fraud. Below are my questions and its answer.

Question

If crypto is considered a security according to the SEC, and a company is showing ads to a video that tricks people into installing malware that steals their private crypto key such that they can steal their crypto currency, is the CEO of the company showing the ads guilty of securities fraud according to US law?

Answer

In the scenario where cryptocurrency is classified as a security by the Securities and Exchange Commission (SEC), and a company displays ads leading viewers to malware that steals their private keys for cryptocurrency theft, determining the CEO's legal culpability for securities fraud under U.S. law involves several nuanced factors.

Securities fraud in the U.S. involves deceptive practices in the securities markets, including false information to investors or manipulating stock prices. If cryptocurrency is deemed a security, stealing it through malware could be considered a form of securities fraud. However, directly linking the CEO of the company showing such ads to securities fraud charges requires establishing specific legal elements:

Knowledge and Intent: It must be proven that the CEO knowingly and intentionally participated in, directed, or was willfully blind to the fraudulent scheme. Simply showing ads, without evidence of the CEO's awareness or involvement in the scheme, might not be enough for securities fraud charges.

Material Misrepresentation or Omission: The fraud must involve a significant misrepresentation or omission of facts relevant to the investors' decisions. If the CEO was aware that the ads were part of a scheme to steal cryptocurrency by misleading viewers, this criterion might be met.

Connection to the Purchase or Sale of Securities: The fraudulent activity must be directly related to the purchase or sale of securities. In this context, if cryptocurrency is classified as a security and the malware is used to steal it, this connection could potentially be established.

Reliance and Damages: Typically, for securities fraud, it must be shown that investors relied on the fraudulent conduct and suffered damages as a result. Victims of the malware theft would need to demonstrate how their reliance on the misleading ads led to their losses.

The SEC, Department of Justice (DOJ), or other regulatory bodies would investigate such cases, examining the evidence to determine the CEO's involvement and intent. If the CEO was found to have knowingly facilitated or promoted the fraudulent scheme, they could face securities fraud charges. However, if the CEO was unaware of the deceptive nature of the ads and had no involvement in the scheme, proving personal liability would be significantly more challenging.

Legal outcomes depend on specific facts, evidence, and interpretations of the law. Therefore, each case would need to be evaluated individually, considering the details of the CEO's actions, the nature of the ads, and the structure of the fraud. It's also worth noting that regulatory and legal frameworks around cryptocurrency are evolving, and interpretations of what constitutes a security can vary.

Question

The ad was reported to the site showing the video, yet the site didn't remove the ad. Explain your reasoning and arguments in details

Answer

When an ad promoting malware, aimed at stealing cryptocurrency, is reported to the platform hosting the video and the platform fails to remove the ad, several legal and ethical considerations come into play. The responsibility and potential liability of the platform depend on various factors, including the nature of the platform's policies, its responsiveness to reports of malicious content, and existing legal frameworks governing digital content and advertising. Here's a detailed exploration of the reasoning and arguments regarding the platform's actions (or inaction):

Legal Frameworks and Safe Harbors

Section 230 of the Communications Decency Act (CDA): In the United States, Section 230 provides immunity to online platforms from liability for content posted by their users. It means that if a user posts something illegal or harmful, the platform typically isn't held responsible just for hosting the content. However, this immunity doesn't cover everything, especially if the platform is directly involved in creating or curating illegal content.

Due Diligence and Reasonable Care: Platforms are expected to exercise a degree of diligence and care in monitoring and responding to reports of illegal or harmful content. If a platform has been notified about specific content being malicious (such as an ad leading to malware) and fails to take reasonable steps to investigate or remove it, this could be interpreted as negligence.

Ethical Considerations and Corporate Responsibility
Trust and Safety
: Platforms have an ethical responsibility to ensure the safety and security of their users. Ignoring reports of ads that facilitate theft or fraud can erode user trust and compromise the platform's integrity.

Proactive Measures: Ethically, platforms should have mechanisms in place to proactively detect and mitigate the spread of malicious content. This includes not only reacting to reports but also implementing preventive measures.

Legal Arguments Against the Platform

Negligence: If it can be demonstrated that the platform failed to act on a credible report about a malicious ad, victims might argue that the platform was negligent. This negligence could potentially open the platform to civil lawsuits, especially if the victims suffered financial losses as a direct result of the platform's inaction.

Aiding and Abetting: In extreme cases, if it's proven that the platform consistently ignored reports of malicious content and did not take basic steps to prevent harm, an argument could be made that the platform is aiding and abetting criminal activity. However, this is a higher bar to meet and requires clear evidence of the platform's knowledge and intent.

Consumer Protection Laws: Violations of consumer protection laws might also be considered if the platform's failure to remove the ad could be seen as facilitating deceptive or fraudulent practices.

Defenses for the Platform

Rapid Response and Effort: The platform might argue that it takes all reports seriously and acts in a timely manner, but due to the volume of content, some reports take longer to investigate.

Technical Challenges: There could be technical challenges in identifying and removing specific ads, especially if they're served through complex advertising networks.

Section 230 Protections: The platform may lean on Section 230 protections, asserting that they are not the publisher or speaker of the user-generated content and thus not liable for its content.

Conclusion

While platforms have a certain level of legal protection under laws like Section 230 of the CDA, they also have ethical and possibly legal responsibilities to respond to reports of harmful content. Failure to remove an ad reported to involve malicious intent, such as stealing cryptocurrency, could expose the platform to legal scrutiny, potential civil liability, and damage to its reputation. The balance between protecting free speech and preventing harm is delicate, requiring platforms to act responsibly and diligently in moderating content.

Question

Does this imply the CEO could in theory be liable for criminal prosecution?

Answer

Yes, in theory, the CEO could potentially face criminal prosecution if there's sufficient evidence to show direct involvement, complicity, or willful negligence in the operations leading to the distribution of malicious ads, especially when these ads result in financial crimes like fraud or theft. The path to establishing criminal liability for a CEO in such scenarios involves demonstrating a clear link between the CEO's actions (or lack thereof) and the criminal activity facilitated by the platform they oversee. Here are several key points that could underpin such liability:

Direct Involvement or Complicity

If the CEO directly participated in, approved, or encouraged the distribution of malicious ads, this could constitute direct involvement in criminal activities. For instance, if the CEO was aware that the ads were part of a scheme to steal cryptocurrency and did nothing to stop them or actively hid this fact, they could be criminally liable.

Willful Negligence or Reckless Disregard

Criminal liability could also stem from a CEO's willful negligence or reckless disregard for the harm that the malicious ads could cause. If it's proven that the CEO ignored repeated warnings or clear evidence indicating that the ads were malicious, this could be construed as a deliberate avoidance of legal responsibility, potentially amounting to criminal negligence.

Violations of Specific Laws

Certain laws could directly apply to the CEO's actions, depending on the specifics of the case:

Securities Fraud: If cryptocurrencies are classified as securities and the CEO's actions led to manipulation or theft of these assets, there could be grounds for securities fraud charges.

Computer Fraud and Abuse Act (CFAA): If the CEO was involved in disseminating malware, they could potentially be charged under the CFAA, which targets the distribution of harmful software.

Money Laundering and Wire Fraud: Depending on how the stolen cryptocurrency was handled, charges related to money laundering or wire fraud could also apply.

Legal Defenses and Challenges

The CEO could potentially defend against such charges by demonstrating a lack of knowledge, proving diligent efforts to prevent such incidents, or highlighting compliance with legal advice. The complexities of digital advertising, the decentralized nature of cryptocurrency, and the intricacies of proving intent and knowledge make such cases challenging for both prosecution and defense.

Conclusion

While theoretically possible, the prosecution of a CEO for criminal liability in the context of malicious ads leading to cryptocurrency theft would hinge on specific facts, including the CEO's level of awareness, involvement, and the measures taken to prevent such activities. Legal precedents, the evolving nature of digital and cryptocurrency regulations, and the specifics of each case would all play crucial roles in determining the outcome.

Conclusion

According to ChatGPT, Sundar Pichai might be guilty of the following federal crimes under US law:

  1. Securities Fraud
  2. Computer Fraud and Abuse Act (CFAA)
  3. Money Laundering and Wire Fraud

Then I asked ChatGPT;"What's the maximum penalty for these laws under US laws?"

Its answer was;

Under U.S. law, the maximum penalties for the crimes related to securities fraud, computer fraud, wire fraud, and money laundering can be severe, including substantial fines and lengthy prison sentences. The specifics can vary depending on the nature of the crime, the amounts involved, the number of offenses, and whether there are any aggravating factors. Here's a general overview of the maximum penalties for these crimes as of my last update:

Securities Fraud

Securities fraud can carry significant penalties, including both fines and imprisonment. Under federal law, individuals convicted of securities fraud can face up to 20 years in prison and fines of up to $5 million per violation, depending on the specifics of the fraud and the statutes under which they are charged.

Computer Fraud and Abuse Act (CFAA)

Violations of the CFAA, particularly those involving distributing malware or unauthorized access to computers, can result in severe penalties. For crimes involving damage to a protected computer, the penalties can include up to 10 years in prison for a first offense and up to 20 years for subsequent offenses. Fines can also be imposed, and they are typically substantial, although the exact amounts can vary based on the specifics of the case and the federal sentencing guidelines.

Wire Fraud

Wire fraud is a serious offense that involves using interstate communications to commit a fraud. The maximum penalty for wire fraud is up to 20 years in prison. However, if the wire fraud affects a financial institution or is connected to a declared major disaster or emergency, the maximum penalty can increase to 30 years in prison and a fine of up to $1 million.

Money Laundering

Money laundering carries heavy penalties, with individuals facing up to 20 years in prison. Fines can be up to $500,000 or twice the value of the laundered money, whichever is greater. In certain cases, where specific statutes apply, the penalties can be even more severe.

Aggravating Factors

It's important to note that specific circumstances surrounding the crime can lead to enhancements in sentencing. For example, if the fraud resulted in significant financial losses to victims, or if it involved sophisticated means, the courts might impose harsher sentences. Additionally, penalties can be compounded if the defendant is found guilty of multiple charges.

Restitution and Forfeiture

Beyond prison sentences and fines, convicted individuals may also be ordered to pay restitution to the victims of their crimes, compensating them for their losses. Forfeiture of assets obtained through illegal activities is also a common penalty.

The specifics of sentencing can vary widely based on the details of each case, the applicable laws, and judicial discretion within the guidelines provided by law. Judges often consider a variety of factors, including the defendant's prior criminal history, the impact on victims, and any mitigating or aggravating circumstances when determining the final sentence.

Question

Can you summarize your conclusion in one paragraph?

Answer

In conclusion, under U.S. law, individuals, including CEOs, who are found guilty of participating in or facilitating schemes involving securities fraud, computer fraud, wire fraud, or money laundering related to malicious advertisements and cryptocurrency theft can face severe penalties. These penalties can include up to 20 years in prison for securities fraud, up to 20 years for computer fraud and wire fraud (30 years if affecting a financial institution), and up to 20 years for money laundering, with fines reaching millions of dollars or twice the amount of the laundered money, depending on the crime. Additionally, convictions may result in orders for restitution to victims and forfeiture of assets. The actual sentencing can vary based on the specifics of the crime, including the amount of money involved, the number of victims, and any aggravating factors, underscoring the serious legal risks associated with such activities.

Edit

I went to YouTube to try to find one of these ads, and immediately I found the following.

YouTube ad

Notice, this is the exact same account I reported an ad for yesterday, so they're still active. The ad features a man that speaks with a Russian dialect, so I doubt he will be possible to extradite for US securities fraud for obvious reasons. You can find the YouTube video itself here.

I went through the script he is linking to in the description of the video, trying to analyse it, you can find the script here. The dubious parts are linked in below as a screenshot.

Malware code

Notice how it transfers the balance of the this inside the recoverTokens function. I am not experienced enough with trading scripts to analyse it in details, but according to this article from Coin Telegraph, the above seems to be the modified parts that transfers your crypto to the scammer's wallet.

So the script is a modified legitimate trading bot script, with one or two lines of code added, that ends up stealing all your crypto.

I have seen these ads for similar accounts for months now. I've never cared about them, because I'm as far away from being vested in the crypto space as is possible. However, if you look at the comments for the video, it's obviously garbage and manufactured comments, created by bots or human zoombies paid in crypto to comment and like.

Comments

YouTube failing to deal with this can (according to ChatGPT) render Sundar Pichai guilty of wire fraud, money laundering, securities fraud, and the computer fraud and the abuse act - In addition to the money probably being transferred to Russia, rendering him guilty of violating international money laundering laws and international trade agreements due to the war between Russia and Ukraine.

Below is the receipt I got from YouTube proving that I reported the ad just now. Implying unless Sundar Pichai deletes this ad in "a timely manner", it might actually end up in "jail time" for him ...

Receipt for reporting

Edit 2

I went to the YouTube video, it's still up, hours after I reported it, and I commented on the first 50+ comments I could find. My comment was as follows:

Congratulation, you are now complicit in a federal crime in the US, with a maximum penalty of up to 70 years in prison. Where do you live? Does your country have extradition deals with the US? https://dev.to/polterguy/sundar-pichai-might-be-arrested-for-securities-fraud-4cnc

Below is a screenshot showing my comments.

My comments

Then I added the following comment to the 50+ next comments, until there were no more comments left to comment on.

Image description

Psst, if you want to leverage AI to something actual useful, you can check out our AI chatbot here

Top comments (4)

Collapse
 
programcrafter profile image
ProgramCrafter

That is unlikely to actually go all the way through to conviction, isn't it?

Collapse
 
polterguy profile image
Thomas Hansen

Yes, but it'll scare the living crap out of them, forcing them to "clean up their shit" - Especially since a lot points to that the money is going to Russia ...

I'm revealing more in my next article about it, with much more details, photos of the mastermind, etc ...

Collapse
 
programcrafter profile image
ProgramCrafter

Actually, choice of Russia as the intermediate country is quite strange:

  • they're creating problems for Sundar Pichai if his willful ignorance or involvement is proved;
  • while also facing risks of unsuccessful tax evasion, meaning that assets are highly likely to be confiscated by tax services.

As a person interested in more money spent by Russian government on various projects, I'd be interested in see how that turns out!

Thread Thread
 
polterguy profile image
Thomas Hansen

I've got lots of Russian friends, honest hard working people. I personally don't care if the guy is from Russia, Norway, or the US, but I must admit for this particular incident, it's "convenient" for obvious reasons ...

However, I suspect there's 1,000+ of these scams out there. The "Julia_TradingCrypto" account CoffeeZilla pointed out for instance had 1.2 million subs on her account. The guy I'm writing about only has like 1,600 or something ...

However, the MO is the same, so it's obviously "a well known method" to steal from people ...

Still rubbish. What makes me angry about it though, is that first of all there are so many ChatGPT-related scams out there, that people tend to believe my company is a scam too - And that they guy is using our keywords, resulting in that our ads becomes more expensive, and it becomes more difficult for us to be noticed.

We're basically drowning in this garbage ...

So from our point of view it's about self-preservation and self-defence ... :/