Russian Cybercriminal Sentenced to 14 Years in Prison for Role in Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft and $9 Million Bank Fraud Conspiracy
Russian Cybercriminal Sentenced to 14 Years in Prison for Role in Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft and $9 Million Bank Fraud Conspiracy
December 1, 2017
PRESS RELEASE
A Russian cyber-criminal was sentenced today to 14 years in prison for his role in a $50 million cyberfraud ring and for defrauding banks of $9 million through a hacking scheme.
Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division, Acting U.S. Attorney Steven W. Myhre of the District of Nevada, U.S. Attorney Byung J. Pak of the Northern District of Georgia, Assistant Special Agent in Charge Michael Harris of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (ICE HSI), Special Agent in Charge Brian Spellacy of the U.S. Secret Service in Las Vegas, and FBI Special Agent in Charge David J. LeValley in Atlanta made the announcement.
Roman Valeryevich Seleznev aka Track2, Bulba and Ncux, 33, was sentenced by U.S. District Judge Steve C. Jones of the Northern District of Georgia to serve 168 months in prison for one count of participation in a racketeering enterprise pursuant to an indictment returned in the District of Nevada, and to 168 months in prisonfor one count of conspiracy to commit bank fraud pursuant to an indictment returned in the Northern District of Georgia, with the sentences to run concurrent to one another. In both cases, Seleznev was ordered three years of supervised release to run concurrently. He was also ordered restitution in the amount of $50,893,166.35 in the Nevada case and $2,178,349 in the Georgia case.Seleznev pleaded guilty to the charges on Sept. 7.
In connection with his guilty plea in the Nevada case, Seleznev admitted that he became associated with the Carder.su organization, an identify theft and credit card fraud ring, in January 2009. According to Seleznev’s admissions in his plea agreement, Carder.su was an Internet-based, international criminal enterprise whose members trafficked in compromised credit card account data and counterfeit identifications and committed identity theft, bank fraud, and computer crimes. Seleznev admitted that the group tried to protect the anonymity and the security of the enterprise from both rival organizations and law enforcement. For example, members communicated through various secure and encrypted forums, such as chatrooms, private messaging systems, encrypted email, proxies and encrypted virtual private networks. Gaining membership in the group required the recommendation of two current members in good standing.
Seleznev further admitted that he sold compromised credit card account data and other personal identifying information to fellow Carder.su members. The defendant sold members such a large volume of product that he created an automated website, which he advertised on the Carder.su organization’s websites. His automated website allowed members to log into and purchase stolen credit card account data. The defendant’s website had a simple interface that allowed members to search for the particular type of credit card information they wanted to buy, add the number of accounts they wished to purchase to their “shopping cart” and upon check out, download the purchased credit card information. Payment of funds was automatically deducted from an established account funded through L.R., an online digital currency payment system.
Seleznev further admitted that he sold each account number for approximately $20. The Carder.su organization’s criminal activities resulted in loss to its victims of at least $50,893,166.35.
In connection with his guilty plea in the Northern District of Georgia case, Seleznev admitted that he acted as a “casher” who worked with hackers to coordinate a scheme to defraud an Atlanta-based company that processed credit and debit card transactions on behalf of financial institutions. Seleznev admitted that pursuant to the scheme, in November 2008, hackers infiltrated the company’s computer systems and accessed 45.5 million debit card numbers, certain of which they used to fraudulently withdraw over $9.4 million from 2,100 ATMs in 280 cities around the world in less than 12 hours.
Fifty-five individuals were charged in four separate indictments in Operation Open Market, which targeted the Carder.su organization. To date, 33 individuals have been convicted and the rest are either fugitives or are pending trial.
The cases were investigated by HSI, the U.S. Secret Service, and FBI. The Nevada case was prosecuted by Trial Attorney Catherine K. Dick of the Criminal Division’s Organized Crime and Gang Section and Assistant U.S. Attorney Kimberly M. Frayn of the District of Nevada. The Northern District of Georgia case was prosecuted by Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia.
Seleznev is also a defendant in a wire fraud and computer hacking case brought by the Department of Justice in the U.S. District Court for the Western District of Washington. On Aug. 25, 2016, a federal jury convicted Seleznev of 38 counts related to his role in a scheme to hack into point-of-sale computers to steal and sell credit card numbers to the criminal underworld. On April 21, Seleznev was sentenced to 27 years in prison for those crimes, which will run concurrent to his sentences today.
Component(s):
Press Release Number:
17-1354
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024