The Department of Justice closed out a busy week with one of the most consequential indictments of the year — federal fraud charges against the Southern Poverty Law Center — alongside a coordinated international strike on Southeast Asian scam centers, a Russian military hacking takedown, and a string of healthcare and white-collar prosecutions across the country. Today’s DOJ Watch tracks eight of the most significant enforcement actions records show have been filed, unsealed, or announced during the past week, with direct links to the underlying public filings.
1. Southern Poverty Law Center indicted on wire fraud, money laundering counts
A federal grand jury in Montgomery, Alabama, returned an 11-count indictment on April 21, 2026, charging the Southern Poverty Law Center (SPLC) with wire fraud, false statements to a federally insured bank, and conspiracy to commit concealment money laundering, according to a Department of Justice announcement. Acting Attorney General Todd Blanche and FBI Director Kash Patel jointly announced the charges at DOJ headquarters.
The indictment alleges that the SPLC raised donations on the representation that it was working to dismantle racist and extremist groups, while records suggest at least $3 million was paid between 2014 and 2023 to individuals affiliated with organizations including the Ku Klux Klan, the United Klans of America and the National Socialist Party of America. Filings characterize the payments as part of a paid-informant program that, according to prosecutors, was concealed from donors and from a federally insured bank. The SPLC has confirmed the existence of the informant program and described it as an intelligence-gathering effort shared with law enforcement; the charges are allegations and the case is pending.
The case has significant implications for nonprofit oversight, donor disclosure obligations, and the line between confidential source programs and the false-statement statutes. Coverage from NPR and PBS NewsHour details the broader political reaction. TIJ flag: warrants deeper investigation into how the informant payments were classified on Form 990 filings.
2. Scam Center Strike Force restrains more than $700 million tied to Southeast Asian crypto fraud
The U.S. Attorney’s Office for the District of Columbia and DOJ’s Criminal Division announced sweeping enforcement actions through the new Scam Center Strike Force, including criminal charges against two Chinese nationals who allegedly managed the “Shunda” cryptocurrency-investment fraud compound in Burma and attempted to open a second compound in Cambodia, according to DOJ filings. The Strike Force seized a Telegram channel used to recruit human-trafficking victims and 503 fake cryptocurrency investment websites.
Records indicate that, collectively, federal authorities have now restrained more than $700 million in cryptocurrency tied to scam-center money laundering. A redacted forfeiture filing in United States v. The Domain “Tickmilleas” outlines the alleged “pig-butchering” cryptocurrency-investment-fraud (CIF) playbook, which directs U.S. victims to send funds from the United States to overseas-controlled cryptocurrency addresses.
The action represents one of the largest single-week disruptions of transnational financial fraud infrastructure on record. Independent analysis from Chainalysis notes that the coordinated action paired the criminal charges with new OFAC designations targeting Heng Feng Cambodia Bank and a web of holding companies linked to the compounds. The defendants are presumed innocent.
3. U.S. Army soldier charged with using classified information to bet on Polymarket
The U.S. Attorney’s Office for the Southern District of New York unsealed an indictment on April 23, 2026, charging an active-duty U.S. Army soldier identified in court papers as Van Dyke with using classified, nonpublic military information to place winning wagers on Polymarket, a prediction-market platform that operates as a binary-event swap market. The charges include violations of the Commodity Exchange Act’s anti-fraud and insider-trading-equivalent provisions, according to the DOJ press release.
The indictment alleges Van Dyke acquired material, nonpublic information by virtue of his government employment, that the information had pecuniary value and could affect the price of a commodity, future, or swap, and that he used it for personal financial gain. Filings describe binary event contracts as commodity swaps subject to CFTC jurisdiction. A Debevoise & Plimpton analysis calls the case the clearest signal yet that DOJ and the CFTC will treat prediction markets like other regulated derivatives venues.
The case has implications well beyond a single soldier. It is the first publicly disclosed federal prosecution treating event-contract trading as a covered “swap” for purposes of the Commodity Exchange Act, and is likely to be cited in future enforcement actions against political bettors who trade on nonpublic government information. The defendant is presumed innocent.
4. DOJ and FBI disable Russian GRU “APT28” router-hijacking network
On April 25, 2026, the Justice Department and the FBI announced a court-authorized technical operation to disable access by Russia’s GRU Unit 26165 — the cyber unit publicly tracked as APT28 — to a network of compromised home and small-business routers across the United States, according to a readout of the announcement. The operation reportedly remotely removed unauthorized GRU implants from the affected routers and severed command-and-control access.
“The FBI conducted a court-authorized operation to harden compromised routers across the United States. By working together, we can guard against nefarious nation-state actors trying to compromise our national security,” said Special Agent in Charge Ted Docks of the FBI Boston Field Office, according to filings. The operation was conducted under a warrant, and affected device owners are being notified.
The takedown is part of a broader U.S. counter-cyber posture against state-sponsored botnets that exploit small office/home office (SOHO) devices to launder attack traffic. The action’s significance lies less in arrests — there are none yet — and more in the precedent for proactive remote defensive cyber operations on private U.S. infrastructure under judicial oversight.
5. Chinese state-sponsored hacker Xu Zewei extradited from Italy on HAFNIUM-related charges
Xu Zewei, 34, of the People’s Republic of China, was extradited to the United States and made his initial appearance in U.S. District Court in Houston on a nine-count indictment alleging computer-intrusion offenses between February 2020 and June 2021, according to a DOJ Office of Public Affairs release. Charges include conspiracy to commit computer intrusion, wire fraud, and aggravated identity theft.
The indictment alleges Xu was a contract hacker working at the direction of China’s Ministry of State Security through its Shanghai State Security Bureau (SSSB). Filings tie him to the theft of COVID-19 research and to the sweeping “HAFNIUM” exploitation campaign against Microsoft Exchange Server vulnerabilities, which compromised tens of thousands of organizations worldwide. Records indicate Xu confirmed to an SSSB officer in February 2020 that he had compromised the network of a research university located in the Southern District of Texas.
The extradition is significant because it demonstrates that European partners — in this case, Italy’s Cyber Division of the National Police — are willing to deliver Chinese contract hackers operating abroad to U.S. federal court, even amid broader geopolitical tension. The defendant is presumed innocent.
6. Justice Department settles Carter Page FISA-surveillance lawsuit for $1.25 million
The Department of Justice has agreed to pay $1.25 million to settle a long-running civil lawsuit brought by Carter Page, a former Trump 2016 campaign foreign-policy adviser who was the subject of FBI Foreign Intelligence Surveillance Act (FISA) surveillance during the bureau’s Crossfire Hurricane investigation, according to reporting from the Associated Press carried by The Washington Post. The settlement was lodged on April 22, 2026.
The DOJ Inspector General’s 2019 report previously documented serious errors and omissions in the FISA applications targeting Page; two of the four FISA applications were later deemed invalid by the FISA Court itself. The settlement does not contain an admission of liability but resolves Page’s claims that his constitutional rights were violated by the surveillance.
The agreement is one of a handful of cash recoveries by individuals targeted in the Crossfire Hurricane investigation and is likely to be cited in pending oversight discussions about FISA reform and accountability for surveillance errors. TIJ flag: the underlying settlement papers — once docketed — warrant a closer look at the scope of the release and any non-monetary terms.
7. Two former Primary Health Network CEOs sentenced for defrauding nonprofit medical provider
Two former chief executives of Primary Health Network, a federally qualified health center serving rural Pennsylvania, were sentenced to federal prison on April 24, 2026, for their roles in defrauding the nonprofit medical provider, according to a U.S. Attorney’s Office for the Western District of Pennsylvania announcement. The case was brought as part of DOJ’s National Fraud Enforcement Division portfolio.
Filings indicate the executives engaged in self-dealing transactions and used network funds for personal benefit, in violation of fiduciary obligations owed to a federally subsidized health-center grantee. Sentencing memoranda detail restitution obligations and forfeiture orders; the precise prison terms are reflected in the public docket.
The case is part of a wave of healthcare-fraud prosecutions tied to the new DOJ National Fraud Enforcement Division (NFED), which the department announced on April 7, 2026. NFED secured a $300 million Special Attorneys Program funding opportunity in its first week, and DOJ data shows more than 20 NFED-aligned enforcement actions in the period — including the Primary Health Network sentencings, a Missouri chiropractor sentenced to more than eight years for a kickback scheme involving nearly 95,000 oxycodone pills, and a Minneapolis defendant sentenced to 43 months in the $250 million Feeding Our Future child-nutrition fraud.
8. Central Valley business owner sentenced to three years for $4.8 million livestock-feed theft
A Central Valley, California, business owner was sentenced to three years in federal prison on April 27, 2026, for his role in stealing $4.8 million worth of livestock-feed ingredients, according to a U.S. Attorney’s Office for the Eastern District of California announcement. The case was prosecuted as a wire-fraud and interstate-transportation-of-stolen-goods matter.
Records indicate the defendant participated in a scheme to obtain truckloads of feed ingredients on credit and divert them to undisclosed buyers, leaving the original suppliers unpaid. Sentencing filings reference restitution to multiple commercial victims and forfeiture of business assets.
The case is a useful data point for understanding the scope of agricultural commodities fraud — an underreported corner of federal white-collar enforcement that nonetheless involves multimillion-dollar losses to small and mid-size suppliers. TIJ flag: we plan to map the broader pattern of agricultural-commodity diversion cases across California’s Central Valley.
9. Bonus: 51-defendant homeland security indictment unsealed in Western District of Oklahoma
A federal indictment unsealed in the Western District of Oklahoma charged 51 defendants across 67 counts in connection with a conspiracy to manufacture black-market goods on a nationwide scale, according to a U.S. Attorney’s Office announcement. The case was brought through a Homeland Security Task Force investigation. The charging document is the kind of large-scale, multi-defendant indictment that typically signals an underlying transnational supply chain — one that DOJ will likely continue to dismantle through follow-on filings. All defendants are presumed innocent until proven otherwise.
What we are watching next
Three threads are worth tracking closely. First, the SPLC docket: filings indicate the indictment relies heavily on internal financial records, and motions practice over the privileged status of donor-communication materials is likely to shape the case. Second, the Scam Center Strike Force pipeline: with more than $700 million in cryptocurrency restrained and 503 fraud websites seized, additional indictments against compound operators and U.S.-based money mules are probable in the coming weeks. Third, the Polymarket prosecution: the legal theory treating event contracts as covered “swaps” will draw close scrutiny in any motion to dismiss, with implications for every U.S. user of overseas prediction-market platforms.
Records suggest the National Fraud Enforcement Division will continue to drive much of DOJ’s white-collar output through the rest of the spring, and TIJ will continue tracking each filing on the public docket.
Right of reply: TIJ has reviewed each cited public filing and welcomes corrections from any party identified in this digest. Pending cases are noted as such; allegations are not findings of fact.