Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

12/23/2015
03:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Ukrainian National Extradited from Poland to Face Charges Related to $10 Million Cyber Money Laundering Operation

A Ukrainian national made his initial appearance today in federal court in Charlotte, North Carolina, after being extradited from Poland to face charges relating to a $10 million international money laundering operation, announced Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney Jill Westmoreland Rose of the Western District of North Carolina and Special Agent in Charge John A. Strong of the FBI’s Charlotte Division.

Viktor Chostak, 34, of Ukraine, along with three other individuals, are charged in a 25-count indictment with conspiracy to commit money laundering, eleven counts of money laundering, conspiracy to commit computer fraud, conspiracy to transport stolen property, conspiracy to commit access device fraud, four counts of transporting stolen property and six counts of aggravated identity theft.

According to a redacted version of the indictment unsealed today, beginning in September 2007, Chostak and three other conspirators were members of an international money laundering organization.  The organization created and operated a sophisticated online infrastructure that allowed hackers to obtain and conceal stolen money, primarily from U.S. companies’ bank accounts, and transfer it to countries outside the United States.  The organization created seemingly legitimate websites for fake companies, then sent spam emails advertising employment opportunities.  When an individual responded to the spam solicitations, the organization put the applicant through what appeared to be a legitimate hiring process.  The organization falsely represented that the individual’s job was to receive payments from businesses into their personal bank accounts, withdraw the money, then wire the funds to the company’s partners overseas.  In reality, the individuals merely acted as money mules, processing hackers’ stolen proceeds and wiring them out of the country to other conspirators.  The organization allegedly laundered at least $10 million in stolen money from the United States overseas.

According to the indictment, Chostak recruited, hired and managed others who oversaw the money mule operations.  Chostak also allegedly worked with computer programmers to meet the needs of the organization’s online infrastructure.

An indictment is merely an allegation and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

The case is being investigated by the FBI’s Charlotte Division.  The Criminal Division’s Office of International Affairs also provided assistance.  The case is being prosecuted by Trial Attorneys Jocelyn Aqua and Ryan K. Dickey of the Criminal Division’s Computer Crime and Intellectual Property Section, and Assistant U.S. Attorney Kevin Zolot of the Western District of North Carolina.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3035
PUBLISHED: 2021-04-20
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
CVE-2021-3036
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to us...
CVE-2021-3037
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS conf...
CVE-2021-3038
PUBLISHED: 2021-04-20
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions...
CVE-2021-3506
PUBLISHED: 2021-04-19
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The hi...