The FBI uses information from a DHS source—a foreign national convicted of a child sexual abuse material crime—to chase down a hairdresser who paid $10,000 in bitcoin for a hitman to kill her niece’s father, investigators claim.
In 2021, a person going by the username Bonfire offered to pay thousands to have a Louisiana man killed on a dark web hitman-for-hire site. They wanted it to look like an accidental drug overdose. But Bonfire was unwittingly walking into two traps. Not only was the site a scam — where the admins simply took users’ money and provided no hitmen — but it had also been hacked. Details of Bonfire’s illicit purchase were going to be passed along to federal investigators.
This is all according to a search warrant unearthed by Forbes, which detailed an investigation into the woman believed by the FBI to be behind the Bonfire persona: Julia Coda, a Los Angeles hairdresser and beautician school founder, who is accused of ordering the assassination on the target because she believed he had forcefully kidnapped her niece following the death of Coda’s sister earlier in 2021. Coda has pleaded not guilty and declined to comment.
Core to the government’s warrant is evidence provided by a hacker who’d breached the hitman-for-hire site. But this hacker has their own dark past. Acquired as far back as 2018 as a source by the Department of Homeland Security Investigations agency, they had been previously convicted of crimes related to child sexual abuse material in a foreign country, according to the search warrant. Referred to in the warrant simply as an “HSI source,” no further details of their crimes or past work with the DHS were provided in the warrant, but questions remain over whether the government should have relied on a source with a prior conviction and who had just allegedly committed another illegal act: hacking into a website without authorization.
Even the FBI expressed concerns about the DHS source. In a footnote for a search of Coda’s Google account, the FBI wrote that “in 2018 the FBI considered working with the HSI source as a confidential human source, but chose not to due to concerns about controlling the HSI source’s activities.”
The DOJ declined to comment. The DHS didn’t respond to a request for comment.
“The FBI clearly don’t want to get into litigation over whether the sub-source is credible…”
Tim Howard, a former Justice Department prosecutor, said the legality of using data from such a source would be dependent on whether or not the government encouraged the hacker in any capacity. “If a computer hacker with no prior relationship [with the government] dumps a pile of documents, the FBI can use those materials,” Howard said. But if the government in any way incentivised a source, such as promising not to convict for crimes that led to information pertinent to an ongoing investigation, investigators may find themselves in what Howard called a “gray area.”
The search warrant notes that the DHS didn’t pay the source, but had signed a “proffer agreement,” which typically sees the government offer promises about how or if they will prosecute an informant.
In Coda’s case, Howard said it appeared the government likely acted in line with the law. The hacker was a “sub-source” whose information came to the FBI via a separate anonymous informant. That distance from the hacker indicates that the government didn’t encourage any unlawful hacking and likely saved the agency from any violation of the fourth amendment, which protects citizens from unreasonable searches, Howard added.
“It’s interesting how insistent [the FBI] are that they are relying on the source and not the sub-source,” said Jennifer Granick, counsel at the American Civil Liberties Union. “They clearly don’t want to get into litigation over whether the sub-source is credible.”
The FBI was also clear in the warrant that while the tip kicked off the investigation, it had gathered enough evidence from interviews and through tracing cryptocurrency from the scam dark web site that it could pursue the investigation without any need to rely on information from the informant. In particular, the FBI said it managed to trace six bitcoin payments totalling nearly $10,000 sent from Coda’s Coinbase account to the hit-for-hire scammers. Investigators said she had used her real name to sign up for Coinbase so they were quickly able to determine her identity and location, according to the warrant.
Looking back at its records, the FBI also claimed in the warrant that Coda herself had previously tipped its agents using an alias, Gigi Bombelle. Under that persona, the FBI said she claimed her father had kidnapped her niece and taken her to Louisiana. The FBI said she could provide no credible evidence of the crimes.
After investigators discovered her real identity, Coda later admitted to the FBI that she was Bombelle, but changed her story to claim that it was, in fact, her niece’s father, not her own dad, who had kidnapped the child and taken her to the southern state, according to the search warrant. Again, the Justice Department said it had no evidence to support those allegations.
Prior to being arrested, Coda had quit her job at a salon she’d founded in the mid-2010s. In her goodbye note, she’d asked for help getting in touch with the FBI or other law enforcement agencies to help rescue her niece. While Coda awaits trial, the status of the child is unknown.
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here