Thursday, United States federal prosecutors charged five hackers involved in a credit card fraud ring. So far two of the men involved have been brought in. Several companies took a $300 million hit in what is being called the largest cybercrime case in the nation’s history. Also mentioned was a security attack on the NASDAQ, but were tight lipped on the specifics.
The companies hit were an A-list of money makers including J.C Penny, JetBlue Airways, Carrefour SA of France, and Visa Jordan. Feds have been hunting the hackers for years now and that they have ballparked that this Eastern European operation—Russia and Ukraine—to have nabbed roughly 160 million payment card numbers which churned out that $300 million loss.
The five-man ring is made up Russians Vladimir Drinkman (32), Roman Kotov (32), and Alexandr Kalinin (26) who did the heavy lifting of hacking networks and mining data. While Mikhail Rytikov (26) of Ukraine handled masking duties via anonymous web-hosting services. As far as moving the merchandise and making money, Dmitriy Smilianets (29) of Russia handled the selling of the information with a price pool of $10 for U.S cards, $15 for Canadian cards, and $50 for European ones which feature computer chips and make the job of getting the information more difficult.
U.S Attorney Paul J. Fishman (NJ) said of the crime, “This type of crime is the cutting edge. Those who have the expertise and the inclination to break into our computer networks threaten our economic wellbeing, our privacy and our national security.”
Albert Gonzalez was listed as a co-conspirator in this crime and is currently serving 20 years after being captured in Miami. He pled guilty for his role in snagging millions of dollars in credit cards and debit cards. According to prosecutors, the five hackers worked with Gonzalez and continued their operation after he was arrested.
In June 2012, Drinkman and Smilianets were captured while en route to the Netherlands. Smilianets was eventually extradited three months later and will be in New Jersey Federal court next week. Currently Drinkman is scheduled for a hearing on his extradition. The location of the other three conspirators wasn’t revealed by federal prosecutors. Kalinin and Drinkman were originally charged in 2009 in as “Hacker 1” and “Hacker 2” in the indictment against Gonzalez.
There were two other charges against Alexandr Kalinin in Manhattan. The first is that he hacked NASDAQ servers between November 2008 and October 2010. He supposedly installed malware that gave him and others in his operation the commands to delete, change, and steal data. Fortunately the actual trading platform that lets NASDAQ users buy and sell securities. The group did use their own door into the NASDAQ to make a landing page on one of the firm’s websites which then directed users there when they changed their passwords according to a source familiar with the breach.
The other indictment was revealed today and showed that Kalinin worked with another hacker—Nikolav Nasenkov (31) of Russia. Together the two stole bank account information from several thousand Citibank and PNC Bank customers between 2005 and 2008. An exact number on the haul wasn’t revealed, only that it was millions of dollars.
Federal prosecutors say that $200 million of those losses came from the 130 million credit card theft from U.S processor Heartland Payment Systems starting in December 2007. On the indictment Heartland stated, “We hope that this indictment further delivers the message that prolific hacking organizations worldwide will be pursued and charged for crimes such as this one.”
The other 30 million cards were snagged from UK-based payment processor Commidea Ltd in 2008 while 800,000 were snagged from Visa Jordan two years ago. The group also hit up Global Payment Systems in January 2011 which netted the group over 950,000 cards and gave them $93 million. The other firms that have numbers on them are France-based retailer Carrefour SA which lost two million credit card numbers starting around October 2007 and Dexia Bank Belgium which lost $1.7 million.
The Dow Jones, Wet Seal Inc., and 7-Eleven Inc. were all hit as well. Dow Jones issued a statement saying that no evidence exists that points to their customers or the Wall Street Journal’s customers having compromised information due to the breaches.