03:15 PM
Connect Directly

International Cybercrime Ring Busted

Officials from the United States and Romania announced that 38 individuals in the two countries have been charged with computer and credit card fraud.

On Monday, the U.S. Department of Justice charged 38 individuals in the United States and Romania with ties to organized crime in two separate indictments involving computer and credit card fraud.

The alleged fraud includes charges of phishing -- soliciting personal information for illegal use via e-mail -- and "smishing" -- soliciting personal information for illegal use via Short Message Service (SMS) text messages.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy Attorney General Mark R. Filip said in a statement. "Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either. Through cooperation with our international partners, we can disrupt and dismantle these enterprises, just as we have done today with these indictments and arrests."

The deputy attorney general made the announcement in Bucharest, Romania, in conjunction with Romanian Prosecutor General Laura Codruta Kövesi to call attention to increased efforts by U.S. authorities to combat international organized crime.

On April 23, U.S. Attorney General Michael B. Mukasey announced a new strategy to deal with transnational criminals that stresses increased information sharing and cooperation with foreign authorities.

Thirty-three individuals were charged in a 65-count indictment unsealed in Los Angeles on Monday. The indictment alleges that the individuals participated in an international racketeering scheme that relied on the Internet to facilitate the theft and misuse of credit card numbers.

Seven were charged in a two-count indictment for phishing in New Haven, Conn., that was filed in January. Two of those seven were also listed in the Los Angeles case.

"For the people arrested today, the indictments charge that the defendants sent out mass quantities of e-mails, known as 'spam,' to lure victims to go to fraudulent Web sites that appeared to be legitimate banking or financial businesses," said Filip in prepared remarks. "At those sites, victims were tricked into entering personal information such as financial and identity information and personal passwords -- a scheme known as 'phishing.' That information was then harvested by 'suppliers' who, in turn, sent the information to 'cashiers' via real-time Internet chat sessions."

The indictments allege that crime group "cashiers" obtained credit card numbers and related personal information that had been stolen via spamming phishing and "smishing" messages. According to Filip, these "cashiers" used hardware credit card encoding devices and software to write stolen card numbers onto the magnetic strips of credit and debit cards. "Runners" then took those newly minted cards and proceeded to make unauthorized withdrawals. A percentage of the stolen funds were then transferred back to the suppliers of the stolen credit and debit card numbers. Filip estimated the amount stolen to be several million dollars.

Some of those facing charges used hotel door access cards, with their magnetic stripes reprogrammed, to withdraw an estimated total of $20,000 from ATMs.

In an Internet chat session cited in the Los Angeles indictment, one of the defendants, Hiep Thanh Tran, is alleged to have said, "bro this are from my spam ... super fresh ... I will spam more ... [I] spammed like hell ... used 7 remote desktops and 13 smpt servers ... 5 root ... [and] sent over 1. 3 million emails."

The carding ring allegedly dealt in stolen information linked to accounts at Allegheny Federal Credit Union, American National Bank of Texas, Arizona Federal Credit Union, Banker's Bank & Trust, Bank of the West, Boeing Employees' Credit Union, Bowdoinham Federal Credit Union, Capital One Bank, Citibank, Downey Savings & Loan, Credit Union One, E-Trade, Desert Schools Federal Credit Union, Flagstar Bank, First Merit Bank, Iowa League Corporate Central Credit Union, Jeffco Schools Credit Union, Langley Federal Credit Union, Mountain America Credit Union, Orange County Teacher's Credit Union, Pointbank, NASA Federal Credit Union, North Island Credit Union, Premier Credit Union, PSCU Financial Services, Regions Bank, School Financial Credit Union, Southwest Corporate Federal Credit Union, Teacher's Credit Union, Telco Credit Union & Affiliates, Valley National Bank, Visa, Washington State Employees Credit Union, and Waterbury Teachers' Federal Credit Union.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.