Straight out of the pages of some racy crime novel comes the tale of a ring of real Russian hackers caught and sentenced in the US.
I bet few have heard this story.
A Russian article on the man can be read HERE. . Meduza special correspondent Daniil Turovsky looks at four Russian hackers who ended up in the crosshairs of U.S. federal police.
There were others also listed in the article like Dmitry Smilyanets , Vladimir Drinkman, and Nikita Kuzmin. The article also made a point of how Russia treated these people not as major criminals but basically used their talents in cyber warfare.
“A source in Russia’s cyber-security field confirmed to Meduza that Russian hackers who target foreign computer systems are almost never punished, and more often they’re actually recruited to work for the Russian government. All Russian hackers know the saying: “Don’t work in the .RU” (meaning that banks and companies located inside Russia are off-limits). Another source told Meduza that there is a “widespread network in place to attract illegal hackers and encourage them.” According to The New York Times, while Evgeny Bogachev (“Zeus”) — one of the most wanted Russian hackers in the world — infected millions of computers to steal money, the Russian authorities “were looking over his shoulder, searching the same computers for files and emails,” seeking classified information about Ukraine and Syria.”
Roman Seleznev – with too much time alone as a youth and a divorced family background, took to learning about computers at a very young age. The criminal case documents against Seleznev state that his interest in programming led to his first hacker attacks when he was 18. Seleznev registered on underground forums populated by “carders” — people who earn money from stealing bank cards (for example, carderplanet.com and carder.org).
At first, he hacked databases in order to steal documents (names, birthdates, passport numbers, and social security numbers). Within a couple of years, he started stealing credit card numbers and selling databases to other carders. Seleznev targeted small businesses in the U.S., hacking the processing systems they used to manage their financial transactions. Using vulnerabilities, he infected these systems and copied all the credit card transactions, collecting this information on servers he owned.
By 2009, Seleznev had become one of the most successful sellers of stolen credit card information in the world. He started at least two online “stolen credit card shopping centers” over the years from 2005-2014 and earned millions of dollars in this business. An analysis of just one of his servers shows that he received nearly $18 million for money-transfer services. It’s unknown exactly how much money Seleznev made throughout his career as a hacker. He was paid through Bitcoins, WebMoney, and other electronic wallets. Seleznev bought two homes in Bali, traveled by plane from Vladivostok to islands in the Indian Ocean, and often photographed expensive cars and bags full of cash.
U.S. prosecutors say Seleznev is the most serious cybercriminal ever brought before a judge, describing him as a person with extraordinary computer skills, who’s returned to cybercrimes several times, always “escalating the scale of his attacks.” American police estimate that his actions have caused more than $170 million in damages, and prosecutors have even compared Seleznev to Tony Soprano, the fictional protagonist of a HBO television series.
The Backstory Behind Carder Kingpin Roman Seleznev’s Record 27 Year Prison Sentence
Krebs on Security
April 17, 2017
Roman Seleznev, a 32-year-old Russian cybercriminal and prolific credit card thief, was sentenced in April 2017 to 27 years in federal prison. That is a record punishment for hacking violations in the United States and by all accounts one designed to send a message to criminal hackers everywhere. But a close review of the case suggests that Seleznev’s record sentence was severe in large part because the evidence against him was substantial and yet he declined to cooperate with prosecutors prior to his trial.
The son of an influential Russian politician, Seleznev made international headlines in 2014 after he was captured while vacationing in The Maldives, a popular vacation spot for Russians and one that many Russian cybercriminals previously considered to be out of reach for western law enforcement agencies.
However, U.S. authorities were able to negotiate a secret deal with the Maldivian government to apprehend Seleznev. Following his capture, Seleznev was whisked away to Guam for more than a month before being transported to Washington state to stand trial for computer hacking charges.
The U.S. Justice Department says the laptop found with him when he was arrested contained more than 1.7 million stolen credit card numbers, and that evidence presented at trial showed that Seleznev earned tens of millions of dollars defrauding more than 3,400 financial institutions.
Investigators also reportedly found a smoking gun: a password cheat sheet that linked Seleznev to a decade’s worth of criminal hacking.
Seleznev was initially identified as a major cybercriminal by U.S. government investigators in 2011, when prosecutors in Nevada named him as part of a conspiracy involving more than three dozen popular merchants on carder[dot]su, a bustling fraud forum where he and other members openly marketed various cybercrime-oriented services.
In Seattle on Aug. 25, 2016, Seleznev was convicted of 10 counts of wire fraud, eight counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices and two counts of aggravated identity theft.
“Simply put, Roman Seleznev has harmed more victims and caused more financial loss than perhaps any other defendant that has appeared before the court,” federal prosecutors charged in their sentencing memorandum.“This prosecution is unprecedented.”
Read the complete article HERE.
In September 2017, Roman Seleznev also pleaded guilty to further charges in Atlanta, Georgia of conspiracy to commit bank fraud for his role in the 2008 hack of RBS Worldpay. Seleznev was responsible for cashing out $2,178,349 associated with five hacked debit card numbers. In addition to the original 27 years in prison, Seleznev received a further prison sentence of 14 years for his role in a $50 million cyberfraud ring and for defrauding banks of $9 million through a hacking scheme.
“The defendant and a sophisticated team of hackers stole over $2,000,000 from ATMs across the globe,” said U.S. Attorney John Horn.
According to the latest news release by the Department of Justice;
In connection with his guilty plea in the Nevada case, Seleznev admitted that he became associated with the Carder.su organization, an identify theft and credit card fraud ring, in January 2009. According to Seleznev’s admissions in his plea agreement, Carder.su was an Internet-based, international criminal enterprise whose members trafficked in compromised credit card account data and counterfeit identifications and committed identity theft, bank fraud, and computer crimes. Seleznev admitted that the group tried to protect the anonymity and the security of the enterprise from both rival organizations and law enforcement. For example, members communicated through various secure and encrypted forums, such as chatrooms, private messaging systems, encrypted email, proxies and encrypted virtual private networks. Gaining membership in the group required the recommendation of two current members in good standing.
Seleznev further admitted that he sold compromised credit card account data and other personal identifying information to fellow Carder.su members. The defendant sold members such a large volume of product that he created an automated website, which he advertised on the Carder.su organization’s websites. His automated website allowed members to log into and purchase stolen credit card account data.
Seleznev further admitted that he sold each account number for approximately $20. The Carder.su organization’s criminal activities resulted in loss to its victims of at least $50,893,166.35.
The sentences run concurrent to one another. In both cases, Seleznev was ordered three years of supervised release to run concurrently. He was also ordered [to make?] restitution of the amount of $50,893,166.35 in the Nevada case and $2,178,349 in the Georgia case.
To date, the U.S. Attorney’s Office for the Northern District of Georgia has charged 14 individuals involved in the hack and cashout, including Russian nationals Viktor Pleschuk, Evgeniy Anikin, and Roman Seleznev; Estonian nationals Sergei Tsurikov, Igor Grudijev, Ronald Tsoi, Eveilyn Tsoi, and Mikhail Jevgenov; Moldovan national Oleg Covelin; Ukranian nationals Vladimir Valeyrich Tailar and Evgeny Levitskyy; Nigerian national Ezenwa Chukukere; American national Sonya Martin; and Vladislav Horohorin, who is citizen of Russia, Israel, and Ukraine.
The MSM here in the states were clammed up tight on this thriller. Local news, BBC, a few other countries, and internet cyber news ran information but I could find not one article under the big top in the first 5 pages of searching.
Wonder why? I mean, this is REAL Russia interference and collusion. But then we have always known it wasn’t about Russia or interference or cyber warfare – it has always and only been about Trump.
Let’s not ever forget who actually has been fingered as starting the “Dark Web” –> CIA.
This took years of investigation across multiple cooperative enforcement groups. One would have thought that some enterprising reporters would have ferreted this out long ago and smeared it across the news. Of course, let’s not forget who was pals with Putin in the first year or so of the last administration. So I guess it is no wonder that MSM would have buried this information early on. I’m just amazed that the investigation was ongoing and allowed to play out this year.
If this is not the only group, how many others out are out there? How much have they been stealing if these guys were just one example? No wonder bad actors like ISIS can exist if they are recipients of this much wealth. Cyber money such as Bitcoins are their preferred monetary exchange – supposedly unhackable and untraceable.
It also makes you wonder just how many of the “wealthiest geeks and elites” are involved somehow in this kind of action because it takes a truly focused, talented, computer-savvy person to be able to dive deep into this area of the web and make money without being roasted.