Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/10/2015
12:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Member of Organized Cybercrime Ring Sentenced to 150 Months in Prison for Selling Stolen and Counterfeit Credit Cards

A member of the identity theft and credit card fraud ring known as “Carder.su” was sentenced today to 150 months in federal prison for selling stolen and counterfeit credit cards over the Internet.  He was further ordered to pay $50.8 million in restitution.

Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney Daniel G. Bogden of the District of Nevada and Assistant Special Agent in Charge Michael Harris of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations’ (ICE-HSI) Las Vegas Field Office made the announcement.  U.S. District Judge Andrew P. Gordon of the District of Nevada imposed the sentence.

“Criminal cyber organizations like Carder.su threaten not just U.S. citizens but people in every corner of the globe,” said Assistant Attorney General Caldwell.  “Managers in Russia seamlessly ran their criminal enterprise online using, among others, a counterfeit card vendor from New Jersey, with whom they communicated through screen name aliases.  The success in this case was achieved through equally seamless cooperation with our foreign law enforcement partners and effective use of the RICO statute.  As more countries work with us to fight these organizations, we will continue to evolve to meet this growing threat.”

“Mr. Smith’s crimes were very serious and justify a lengthy prison sentence,” said U.S. Attorney Bogden.  “He admitted that he caused a loss of seven to $20 million involving over 250 victims, and that he obstructed justice when he fled to Jamaica while released on bond awaiting trial.  We are working closely with our international, federal, state and local law enforcement partners to make sure that the perpetrators of these sorts of crimes are prosecuted no matter where in the world they commit their crimes or attempt to flee.”

“As this sentence demonstrates, cyber-criminals who purposely harm innocent Americans and compromise our financial system and global commerce will be aggressively pursued, investigated and prosecuted,” said Assistant Special Agent in Charge Harris.  “These criminals may believe they can escape detection by fleeing the country and hiding behind their computer screens, but as this case shows, cyberspace is not a refuge from justice.”

Jermaine Smith, aka “SirCharlie57,” aka “Fairbusinessman,” 34, of East Orange, New Jersey, pleaded guilty in October 2014 to one count of participating in a racketeer influenced corrupt organization.   

During his guilty plea, Smith admitted that in May 2009 he became associated with the Carder.su organization, a criminal enterprise whose members trafficked in compromised credit card account data and counterfeit identifications, and committed money laundering, narcotics trafficking, and various types of computer crime.  Specifically, Smith admitted that he operated as a vendor on the organization’s websites, using the “SirCharlie57” and “Fairbusinessman” nicknames.  While acting as a vendor under those online monikers, Smith sold counterfeit credit cards to an undercover special agent.  Those counterfeit credit cards were successfully processed for fingerprints, identifying Smith as the true user of the online screennames.  In addition to the sale of the counterfeit credit cards, Smith admitted that he possessed over 2,150 stolen credit and debit card account numbers. 

While on pretrial release in this case, Smith removed an electronic monitoring device from his person and fled to Jamaica.  He was arrested four months later and returned to Nevada.

Fifty-six individuals were charged in four separate indictments in Operation Open Market, which targeted the Carder.su organization.  To date, 26 individuals have been convicted and the rest are either fugitives or are pending trial.   

The cases were investigated by ICE-HSI and the U.S. Secret Service, and are being prosecuted by Trial Attorney Jonathan Ophardt of the Criminal Division’s Organized Crime and Gang Section and Assistant U.S. Attorneys Kimberly M. Frayn and Andrew W. Duncan of the District of Nevada.

This prosecution is in connection with the President’s Financial Fraud Enforcement Task Force.  The task force was established to wage an aggressive, coordinated and proactive effort to investigate and prosecute financial crimes.  With more than 20 federal agencies, 94 U.S. Attorneys’ Offices and state and local partners, it is the broadest coalition of law enforcement, investigatory and regulatory agencies ever assembled to combat fraud.  Since its formation, the task force has made great strides in facilitating increased investigation and prosecution of financial crimes, enhancing coordination and cooperation among federal, state and local authorities, addressing discrimination in the lending and financial markets and conducting outreach to the public, victims, financial institutions and other organizations.  Over the past three fiscal years, the Justice Department has filed nearly 10,000 financial fraud cases against nearly 15,000 defendants.  For more information on the task force, please visit www.StopFraud.gov.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
CVE-2020-5990
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
CVE-2020-25483
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVE-2020-5977
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.