US nuke sub plans leaked on SD card hidden in peanut butter sandwich, claims FBI
Docs were smuggled past security and sold for $110K of Monero after ProtonMail exchanges between 'Alice and 'Bob'
The United States Department of Justice has announced a leak of information pertaining to the design of the nuclear-powered Virginia-class submarine, and the arrest of the alleged leakers.
A court filing and announcement allege that a chap named Jonathan Toebbe, an employee of the Department of the Navy who served as a nuclear engineer, contacted a foreign power and offered to sell "Restricted Data concerning the design of a nuclear-powered warship".
That foreign power shared the communication with an FBI legal attaché, which found itself looking at a letter sent by Toebbe in April 2020. The letter included some US Navy documents and instructions on how to establish a secure channel between a foreign nation and Toebbe.
"Please forward this letter to your military intelligence agency. I believe this information will be of great value to your nation," the letter stated, helpfully adding "This is not a hoax" - because it kind of reads like it would be.
- Anonymous: We've leaked disk images stolen from far-right-friendly web host Epik
- Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed
- Ex-US intel, military trio were cyber-mercenaries for UAE, say prosecutors
The FBI appears to have decided to string Toebbe along. After some clandestine back and forth, plenty of encrypted email, and a payment of $10,000 in cryptocurrency, Toebbe and his wife Diana loaded the relevant info onto an SD card and left it at a dead drop.
"The SD card was wrapped in plastic and placed between two slices of bread on a half of a peanut butter sandwich," the DoJ's Criminal Complaint states
Another SD card was later delivered, hidden in a packet of chewing gum. After that delivery, Toebbe was sent another $70K in crypto.
After each delivery Toebbe sent a decryption key. The keys worked and the FBI determined that the cards contained "Restricted Data related to submarine nuclear reactors".
The Toebbes were arrested and charged on October 9th.
The accused pair used ProtonMail to communicate with their "buyer" and used the pseudonym "Alice" in mails to their "buyer". The FBI, showing a tiny bit of network and crypto savvy, used the pseudonym "Bob" to reply.
The Toebbes liked the info Bob fed to them, especially when arrangements for dead drops were suggested, praising the care their buyer employed.
The FBI also kept the pair onside by paying them plenty of money — $110,000 worth of Monero made its way from the Bureau to the Toebbes, who advised the cryptocurrency offered "excellent deniability".
During correspondence between Alice and Bob, Jonathan Toebbe is alleged to have explained how he got the Restricted info as follows:
This information was slowly and carefully collected over several years in the normal course of my job to avoid attracting attention and smuggled past security checkpoints a few pages at a time.
Some security personnel probably aren't getting a pay rise this year.
But at least those personnel aren't alone in having failed to protect military secrets escaping: admins in the forums for vehicular combat game "War Thunder" have had to remind posters not to share classified documents after a former member of France's military allegedly shared a manual for the Leclerc battle tank to settle an argument about whether its performance was represented accurately in the game. ®