Attacks/Breaches

12/1/2017
09:40 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Russian Cybercriminal Sentenced to 14 Years in Prison for Role in Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft and $9 Million Bank Fraud Conspiracy

A Russian cyber-criminal was sentenced today to 14 years in prison  for his role in a $50 million cyberfraud ring and for defrauding banks of $9 million through a hacking scheme.

Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division, Acting U.S. Attorney Steven W. Myhre of the District of Nevada, U.S. Attorney Byung J. Pak of the Northern District of Georgia, Assistant Special Agent in Charge Michael Harris of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (ICE HSI), Special Agent in Charge Brian Spellacy of the U.S. Secret Service in Las Vegas, and FBI Special Agent in Charge David J. LeValley in Atlanta made the announcement.

Roman Valeryevich Seleznev aka Track2, Bulba and Ncux, 33, was sentenced by U.S. District Judge Steve C. Jones of the Northern District of Georgia to serve 168 months in prison for one count of participation in a racketeering enterprise pursuant to an indictment returned in the District of Nevada, and to 168 months in prisonfor one count of conspiracy to commit bank fraud pursuant to an indictment returned in the Northern District of Georgia, with the sentences to run concurrent to one another. In both cases, Seleznev was ordered three years of supervised release to run concurrently.  He was also ordered restitution in the amount of $50,893,166.35 in the Nevada case and $2,178,349 in the Georgia case.Seleznev pleaded guilty to the charges on Sept. 7. 

In connection with his guilty plea in the Nevada case, Seleznev admitted that he became associated with the Carder.su organization, an identify theft and credit card fraud ring, in January 2009.  According to Seleznev’s admissions in his plea agreement, Carder.su was an Internet-based, international criminal enterprise whose members trafficked in compromised credit card account data and counterfeit identifications and committed identity theft, bank fraud, and computer crimes.  Seleznev admitted that the group tried to protect the anonymity and the security of the enterprise from both rival organizations and law enforcement.  For example, members communicated through various secure and encrypted forums, such as chatrooms, private messaging systems, encrypted email, proxies and encrypted virtual private networks. Gaining membership in the group required the recommendation of two current members in good standing.

Seleznev further admitted that he sold compromised credit card account data and other personal identifying information to fellow Carder.su members.  The defendant sold members such a large volume of product that he created an automated website, which he advertised on the Carder.su organization’s websites.  His automated website allowed members to log into and purchase stolen credit card account data.  The defendant’s website had a simple interface that allowed members to search for the particular type of credit card information they wanted to buy, add the number of accounts they wished to purchase to their “shopping cart” and upon check out, download the purchased credit card information.  Payment of funds was automatically deducted from an established account funded through L.R., an online digital currency payment system.

Seleznev further admitted that he sold each account number for approximately $20.  The Carder.su organization’s criminal activities resulted in loss to its victims of at least $50,893,166.35.

In connection with his guilty plea in the Northern District of Georgia case, Seleznev admitted that he acted as a “casher” who worked with hackers to coordinate a scheme to defraud an Atlanta-based company that processed credit and debit card transactions on behalf of financial institutions.  Seleznev admitted that pursuant to the scheme, in November 2008, hackers infiltrated the company’s computer systems and accessed 45.5 million debit card numbers, certain of which they used to fraudulently withdraw over $9.4 million from 2,100 ATMs in 280 cities around the world in less than 12 hours.

Fifty-five individuals were charged in four separate indictments in Operation Open Market, which targeted the Carder.su organization. To date, 33 individuals have been convicted and the rest are either fugitives or are pending trial.

The cases were investigated by HSI, the U.S. Secret Service, and FBI.  The Nevada case was prosecuted by Trial Attorney Catherine K. Dick of the Criminal Division’s Organized Crime and Gang Section and Assistant U.S. Attorney Kimberly M. Frayn of the District of Nevada.  The Northern District of Georgia case was prosecuted by Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia.

Seleznev is also a defendant in a wire fraud and computer hacking case brought by the Department of Justice in the U.S. District Court for the Western District of Washington.  On Aug. 25, 2016, a federal jury convicted Seleznev of 38 counts related to his role in a scheme to hack into point-of-sale computers to steal and sell credit card numbers to the criminal underworld.  On April 21, Seleznev was sentenced to 27 years in prison for those crimes, which will run concurrent to his sentences today.    

Press Release Number: 
17-1354

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12959
PUBLISHED: 2018-07-19
The approveAndCall function of a smart contract implementation for Aditus (ADI), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all contract balances into their account).
CVE-2018-14336
PUBLISHED: 2018-07-19
TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC addresses.
CVE-2018-10620
PUBLISHED: 2018-07-19
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code t...
CVE-2018-14423
PUBLISHED: 2018-07-19
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
CVE-2018-3857
PUBLISHED: 2018-07-19
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain...