03:15 PM
Connect Directly

International Cybercrime Ring Busted

Officials from the United States and Romania announced that 38 individuals in the two countries have been charged with computer and credit card fraud.

On Monday, the U.S. Department of Justice charged 38 individuals in the United States and Romania with ties to organized crime in two separate indictments involving computer and credit card fraud.

The alleged fraud includes charges of phishing -- soliciting personal information for illegal use via e-mail -- and "smishing" -- soliciting personal information for illegal use via Short Message Service (SMS) text messages.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy Attorney General Mark R. Filip said in a statement. "Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either. Through cooperation with our international partners, we can disrupt and dismantle these enterprises, just as we have done today with these indictments and arrests."

The deputy attorney general made the announcement in Bucharest, Romania, in conjunction with Romanian Prosecutor General Laura Codruta Kövesi to call attention to increased efforts by U.S. authorities to combat international organized crime.

On April 23, U.S. Attorney General Michael B. Mukasey announced a new strategy to deal with transnational criminals that stresses increased information sharing and cooperation with foreign authorities.

Thirty-three individuals were charged in a 65-count indictment unsealed in Los Angeles on Monday. The indictment alleges that the individuals participated in an international racketeering scheme that relied on the Internet to facilitate the theft and misuse of credit card numbers.

Seven were charged in a two-count indictment for phishing in New Haven, Conn., that was filed in January. Two of those seven were also listed in the Los Angeles case.

"For the people arrested today, the indictments charge that the defendants sent out mass quantities of e-mails, known as 'spam,' to lure victims to go to fraudulent Web sites that appeared to be legitimate banking or financial businesses," said Filip in prepared remarks. "At those sites, victims were tricked into entering personal information such as financial and identity information and personal passwords -- a scheme known as 'phishing.' That information was then harvested by 'suppliers' who, in turn, sent the information to 'cashiers' via real-time Internet chat sessions."

The indictments allege that crime group "cashiers" obtained credit card numbers and related personal information that had been stolen via spamming phishing and "smishing" messages. According to Filip, these "cashiers" used hardware credit card encoding devices and software to write stolen card numbers onto the magnetic strips of credit and debit cards. "Runners" then took those newly minted cards and proceeded to make unauthorized withdrawals. A percentage of the stolen funds were then transferred back to the suppliers of the stolen credit and debit card numbers. Filip estimated the amount stolen to be several million dollars.

Some of those facing charges used hotel door access cards, with their magnetic stripes reprogrammed, to withdraw an estimated total of $20,000 from ATMs.

In an Internet chat session cited in the Los Angeles indictment, one of the defendants, Hiep Thanh Tran, is alleged to have said, "bro this are from my spam ... super fresh ... I will spam more ... [I] spammed like hell ... used 7 remote desktops and 13 smpt servers ... 5 root ... [and] sent over 1. 3 million emails."

The carding ring allegedly dealt in stolen information linked to accounts at Allegheny Federal Credit Union, American National Bank of Texas, Arizona Federal Credit Union, Banker's Bank & Trust, Bank of the West, Boeing Employees' Credit Union, Bowdoinham Federal Credit Union, Capital One Bank, Citibank, Downey Savings & Loan, Credit Union One, E-Trade, Desert Schools Federal Credit Union, Flagstar Bank, First Merit Bank, Iowa League Corporate Central Credit Union, Jeffco Schools Credit Union, Langley Federal Credit Union, Mountain America Credit Union, Orange County Teacher's Credit Union, Pointbank, NASA Federal Credit Union, North Island Credit Union, Premier Credit Union, PSCU Financial Services, Regions Bank, School Financial Credit Union, Southwest Corporate Federal Credit Union, Teacher's Credit Union, Telco Credit Union & Affiliates, Valley National Bank, Visa, Washington State Employees Credit Union, and Waterbury Teachers' Federal Credit Union.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.