Risk
5/19/2008
03:15 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

International Cybercrime Ring Busted

Officials from the United States and Romania announced that 38 individuals in the two countries have been charged with computer and credit card fraud.

On Monday, the U.S. Department of Justice charged 38 individuals in the United States and Romania with ties to organized crime in two separate indictments involving computer and credit card fraud.

The alleged fraud includes charges of phishing -- soliciting personal information for illegal use via e-mail -- and "smishing" -- soliciting personal information for illegal use via Short Message Service (SMS) text messages.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy Attorney General Mark R. Filip said in a statement. "Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either. Through cooperation with our international partners, we can disrupt and dismantle these enterprises, just as we have done today with these indictments and arrests."

The deputy attorney general made the announcement in Bucharest, Romania, in conjunction with Romanian Prosecutor General Laura Codruta Kövesi to call attention to increased efforts by U.S. authorities to combat international organized crime.

On April 23, U.S. Attorney General Michael B. Mukasey announced a new strategy to deal with transnational criminals that stresses increased information sharing and cooperation with foreign authorities.

Thirty-three individuals were charged in a 65-count indictment unsealed in Los Angeles on Monday. The indictment alleges that the individuals participated in an international racketeering scheme that relied on the Internet to facilitate the theft and misuse of credit card numbers.

Seven were charged in a two-count indictment for phishing in New Haven, Conn., that was filed in January. Two of those seven were also listed in the Los Angeles case.

"For the people arrested today, the indictments charge that the defendants sent out mass quantities of e-mails, known as 'spam,' to lure victims to go to fraudulent Web sites that appeared to be legitimate banking or financial businesses," said Filip in prepared remarks. "At those sites, victims were tricked into entering personal information such as financial and identity information and personal passwords -- a scheme known as 'phishing.' That information was then harvested by 'suppliers' who, in turn, sent the information to 'cashiers' via real-time Internet chat sessions."

The indictments allege that crime group "cashiers" obtained credit card numbers and related personal information that had been stolen via spamming phishing and "smishing" messages. According to Filip, these "cashiers" used hardware credit card encoding devices and software to write stolen card numbers onto the magnetic strips of credit and debit cards. "Runners" then took those newly minted cards and proceeded to make unauthorized withdrawals. A percentage of the stolen funds were then transferred back to the suppliers of the stolen credit and debit card numbers. Filip estimated the amount stolen to be several million dollars.

Some of those facing charges used hotel door access cards, with their magnetic stripes reprogrammed, to withdraw an estimated total of $20,000 from ATMs.

In an Internet chat session cited in the Los Angeles indictment, one of the defendants, Hiep Thanh Tran, is alleged to have said, "bro this are from my spam ... super fresh ... I will spam more ... [I] spammed like hell ... used 7 remote desktops and 13 smpt servers ... 5 root ... [and] sent over 1. 3 million emails."

The carding ring allegedly dealt in stolen information linked to accounts at Allegheny Federal Credit Union, American National Bank of Texas, Arizona Federal Credit Union, Banker's Bank & Trust, Bank of the West, Boeing Employees' Credit Union, Bowdoinham Federal Credit Union, Capital One Bank, Citibank, Downey Savings & Loan, Credit Union One, E-Trade, Desert Schools Federal Credit Union, Flagstar Bank, First Merit Bank, Iowa League Corporate Central Credit Union, Jeffco Schools Credit Union, Langley Federal Credit Union, Mountain America Credit Union, Orange County Teacher's Credit Union, Pointbank, NASA Federal Credit Union, North Island Credit Union, Premier Credit Union, PSCU Financial Services, Regions Bank, School Financial Credit Union, Southwest Corporate Federal Credit Union, Teacher's Credit Union, Telco Credit Union & Affiliates, Valley National Bank, Visa, Washington State Employees Credit Union, and Waterbury Teachers' Federal Credit Union.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2006-1318
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

CVE-2012-2588
Published: 2014-09-19
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.

CVE-2012-6659
Published: 2014-09-19
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-1391
Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

CVE-2014-3614
Published: 2014-09-19
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Best of the Web
Dark Reading Radio