Attacks/Breaches

4/21/2017
07:15 PM
50%
50%

Russian Citizen Gets Record 27-Year Sentence for Hacking, Fraud Scheme

Roman Valeryevich gets 27 years for hacking PoS machines. Meanwhile, spam master Pyotr Levashov's indictment is unsealed.

A 32-year-old Russian citizen was sentenced today to 27 years in prison for a hacking and credit card fraud scheme that caused more than $169 million in damage to small businesses and financial organizations, the Department of Justice reports. It is the longest sentence given by the US judicial system for cybercrime offenses, to date.  

Roman Valeryevich Seleznev, also known as "Track2," of Vladivostok was convicted in August 2016 of 38 counts related to his operation of hacking into point-of-sale computers to steal credit card information and sell it on the dark web. According to evidence, he stole milions of credit card numbers from over 500 organizations, many of them small businesses, sold them on carding markets, and caused losses to approximately 3,700 financial institutions over his four-year scheme.

"This investigation, conviction and sentence demonstrates that the United States will bring the full force of the American justice system upon cybercriminals like Seleznev who victimize U.S. citizens and companies from afar," said Acting Assistant Attorney General Blanco.

Read more details here.

Alleged Kelihos Operator Indicted

In related news, the Department of Justice released more information about the specific indictment against Pyotr Yuryevick Levashov, who was arrested April 10 as part of a large effort to take down the Kelihos botnet, which Dark Reading reported on last week.

Kelihos was used to send hundreds of millions of fraudulent emails per year, harvest login credentials, distribute ransomware and banking Trojans, and send spam used in pump-and-dump schemes. There is also speculation that it had connections to US election tampering.

Levashov, 36 (aka Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov) of St. Petersburg, Russia, was charged in an 8-count indictment, including intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email and one count of aggravated identity theft.

Levashov was arrested in Barcelona by Spanish authorities April 7, after an arrest warrant was issued in March, and has been detained ever since. The US is seeking his extradition.

Alleged Click-fraud Schemer Extradited

The US successfully did secure the extradition of a different alleged cybercriminal, the Department of Justice announced today.

Italian citizen Fabio Gasperini, an IT professional based in Rome, has been charged with computer intrusion, wire fraud conspiracy, wire fraud, and money laundering conspiracy in relation to allegations of his creation of a global botnet and involvement in a click-fraud scheme.

He was arrested in Amsterdam in June and extradited Thursday.

 

Related Content:

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14332
PUBLISHED: 2018-07-19
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user...
CVE-2018-1529
PUBLISHED: 2018-07-19
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...
CVE-2018-1535
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...
CVE-2018-1536
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...
CVE-2018-1585
PUBLISHED: 2018-07-19
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri...