Court Shuts Down Lexington Blue Roofing Company After Fraud Case Involving Hundreds of Victims
FRANKFORT, Ky. — A Fayette County judge has issued a default judgment against the roofing company Lexington Blue and several affiliated businesses, finding they violated state consumer protection laws and permanently barring them from operating in Kentucky.
The ruling, announced by Russell Coleman, the state’s attorney general, follows an investigation that found the company took millions of dollars from homeowners for roofing projects that were never completed.
According to the complaint, Lexington Blue accepted about $4.8 million in payments in 2024 alone for more than 300 roofing projects, most of which were never carried out. More than 332 Kentucky consumers filed complaints with the attorney general’s Office of Consumer Protection, many reporting they paid substantial deposits but never received the promised work.
“Finally, Lexington Blue’s predatory business practices have come to an end,” Coleman said in a statement. “So many Kentuckians have been taken advantage of by this company, and I’m proud our office was able to step in to help.”
The court found the company and its affiliated entities liable for violations of the Kentucky Consumer Protection Act and unjust enrichment after the defendants failed to respond to the lawsuit or mount a defense.
Under the order, the companies are permanently prohibited from conducting business in Kentucky and must pay restitution to consumers who were harmed. The court also directed the businesses to disgorge funds obtained through the unlawful conduct and face civil penalties that could reach up to $2,000 per violation — or $10,000 per violation when victims are 60 or older.
A hearing scheduled for Feb. 13 in Fayette County Circuit Court will determine the total amount of damages, restitution and penalties owed.
Former Defense Contractor Executive Sentenced to Over 7 Years for Selling Cyber Trade Secrets to Russian Broker
WASHINGTON — A former general manager at a U.S. defense contractor was sentenced on Tuesday to over seven years in federal prison for stealing sensitive cyber technology and selling it to a Russian cyber-tools broker, according to the Justice Department.
Peter Williams, 39, an Australian citizen, received a sentence of 87 months in prison from Judge Amir H. AliKhan in the U.S. District Court for the District of Columbia. The judge also mandated three years of supervised release, the forfeiture of $1.3 million, cryptocurrency assets, and property—including a home and luxury items like watches and jewelry. A restitution hearing is set for May 12.
Williams entered a guilty plea in October 2025 to two counts of theft of trade secrets. Prosecutors indicated that he pilfered eight cyber-exploit components over a span of three years from the defense contractor where he was employed and sold them to a Russian broker who provides cyber tools to clients, including the Russian government.
The stolen software, which was developed for national security and intelligence operations, was meant to be sold exclusively to the U.S. government and its allied nations. Authorities reported that Williams transmitted the tools via encrypted communications and received payments in cryptocurrency, which he then used for luxury travel, clothing, jewelry, and real estate.
John A. Eisenberg said Williams abused his senior position to profit from technology meant to protect national security. “The tools he compromised were intended to protect this nation; instead, he auctioned them off to a Russian bidder,” Eisenberg said.
Prosecutors claim that Williams signed written contracts with the broker, which outlined payments for the initial software sale as well as extra compensation for continued support. Officials indicated that these tools might have allowed access to millions of digital devices.
Authorities estimate that the theft resulted in approximately $35 million in losses for the defense contractor, impacting customers such as the U.S. government and allied intelligence agencies.
Florida Man Sentenced to Six Years for Role in Nationwide Bank Fraud Scheme
A Florida man was sentenced to six years in federal prison for his role in a transnational fraud scheme that stole millions of dollars from consumers’ bank accounts across the United States, the U.S. Department of Justice announced.
Michael Young, 44, of Hollywood, Florida, participated in a criminal enterprise that used stolen banking information to make unauthorized withdrawals from victims’ accounts, according to court documents. Young pleaded guilty in June 2025 to one count of conspiracy to violate the Racketeer Influenced and Corrupt Organizations Act.
Authorities said the network obtained “lead lists” containing victims’ banking information, some of which came from payday loan applications. Members of the scheme used the information to initiate unauthorized debits from victims’ accounts while falsely claiming to banks that the transactions had been approved.
Prosecutors said the enterprise relied on shell companies and other money-laundering techniques to conceal the fraud. For several years, Young worked for a co-conspirator based in Southern California who managed the domestic portion of the operation. In that role, Young helped foreign co-conspirators obtain lead lists, establish banking relationships in the United States and recruit nominal account holders, known as “signers,” for shell companies used to process the fraudulent transactions.
Investigators said Young was involved in nearly every aspect of the scheme and later began running a similar operation himself in an effort to increase profits.
Federal officials said the network targeted consumers nationwide and was responsible for stealing millions of dollars. The case is part of a broader prosecution involving 22 defendants charged in four federal districts; seven have been convicted so far.
Authorities urged consumers to regularly review bank and credit card statements for unauthorized charges and to report suspected fraud to law enforcement or the Federal Trade Commission.
Notices of upcoming hearings may be found here.
U.S.-Led Operation Shuts Down Major Cybercrime Forum LeakBase
An international law enforcement operation led by the United States has dismantled Leak Base, one of the world’s largest online forums used by cybercriminals to trade stolen data and hacking tools, the Justice Department announced Wednesday.
Authorities said the forum hosted more than 142,000 members and contained over 215,000 messages exchanged among users who bought and sold stolen databases, financial information and cybercrime services.
Investigators said the site maintained a massive archive of hacked databases tied to high-profile cyberattacks, including hundreds of millions of compromised account credentials. According to a recently unsealed affidavit, users sold sensitive data taken from U.S. companies and individuals, including credit and debit card numbers, bank account information, usernames and passwords, and other personal and business records.
On March 3 and 4, law enforcement agencies from 14 countries carried out synchronized actions against the forum in a coordinated operation organized by Europol in The Hague. Officials said authorities shut down the website, seized its database and two domain names used by the forum, and posted seizure notices on the site.
Investigators also sent warning messages to members of the platform and collected evidence including user accounts, posts, financial information, private messages and IP logs.
Officials said the takedown targeted a key hub used by cybercriminals to monetize stolen information. The Justice Department said the forum served as a marketplace for illegally obtained financial records and other personally identifiable information that could be used to commit fraud and additional cyberattacks.
U.S. Sanctions Russian Exploit Broker in First Use of New IP Protection Law
The U.S. Treasury on Thursday sanctioned Russian national Sergey Sergeyevich Zelenyuk and his St. Petersburg–based company Matrix LLC, which operates as Operation Zero, for trafficking in stolen U.S. government cyber tools and other software exploits that officials say threaten national security.
According to the Treasury’s Office of Foreign Assets Control, Operation Zero bought at least eight proprietary cyber tools that a U.S. defense contractor had developed exclusively for the U.S. government and select allies, then resold them to at least one unauthorized customer. The tools were stolen between 2022 and 2025 by former company manager Peter Williams, an Australian national who pleaded guilty in October 2025 to two counts of theft of trade secrets and received millions in cryptocurrency payments for the exploits.
Please refer to the Department of State’s press release for more information about this action under PAIPA.
The designations, issued under a cyber sanctions executive order, freeze any U.S.-linked assets of Zelenyuk, Operation Zero and five associated individuals and entities, and generally bar U.S. persons from doing business with them. In a parallel move, the State Department imposed additional penalties on Zelenyuk, Operation Zero and UAE-based Special Technology Services LLC under the Protecting American Intellectual Property Act, marking the first-ever use of that 2022 law targeting significant trade-secret theft tied to national security risks.
OFAC previously designated members of the Trickbot group in February 2023 and September 2023.
Treasury said Operation Zero has openly offered million-dollar bounties for zero-day exploits in widely used U.S. software and encrypted messaging apps, refused to disclose vulnerabilities to vendors, and marketed its services to foreign intelligence services in non-NATO countries. The network also includes UAE- and Uzbekistan-linked firm Advance Security Solutions and individuals with ties to the Trickbot cybercrime gang, which has carried out ransomware attacks on U.S. government agencies and hospitals.
All designated parties now face sweeping U.S. financial restrictions, and Treasury warned that both U.S. and foreign actors risk civil or criminal penalties if they aid the sanctioned network. Officials stressed that the goal of the sanctions regime is to change behavior, noting that blacklisted entities can petition for removal if they cease the conduct at issue.