A federal indictment made public today in New Jersey charges five men
with conspiring in a worldwide hacking and data breach scheme that
targeted major corporate networks, stole more than 160 million credit
card numbers and resulted in hundreds of millions of dollars in losses.
It is the largest such scheme ever prosecuted in the United States.
U.S. Secret Service (USSS), Criminal Investigations, Newark, N.J., Division (The USSS) led the investigation of the indicted conspiracy.
The defendants allegedly sought corporate victims engaged in financial transactions, retailers that received and transmitted financial data and other institutions with information they could exploit for profit. The defendants are charged with attacks on NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. It is not alleged that the NASDAQ hack affected its trading platform.
According to the second superseding indictment unsealed today in Newark federal court and other court filings, the five men each served particular roles in the scheme. Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia, and Alexandr Kalinin, 26, of St. Petersburg, Russia, each allegedly specialized in penetrating network security and gaining access to the corporate victims’ systems. Roman Kotov, 32, of Moscow, allegedly specialized in mining the networks Drinkman and Kalinin compromised to steal valuable data. Court documents allege that the defendants hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Odessa, Ukraine. Dmitriy Smilianets, 29, of Moscow, allegedly sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.
“This type of crime is the cutting edge,” said U.S. Attorney Fishman. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security. And this case shows, there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day. We cannot be too vigilant and we cannot be too careful.”
Drinkman and Smilianets were arrested at the request of the United States while traveling in the Netherlands on June 28, 2012.
Kalinin, Kotov and Rytikov remain at large.
Court documents allege that the initial entry was often gained using a “SQL injection attack.”
the hackers identified vulnerabilities in SQL databases and used those vulnerabilities to infiltrate a computer network. Once the network was infiltrated, the defendants allegedly placed malicious code, or malware, on the system. This malware created a “back door,” leaving the system vulnerable and helping the defendants maintain access to the network. In some cases, the defendants lost access to the system due to companies’ security efforts, but they were able to regain access through persistent attacks.
The defendants then allegedly used an array of computers located around the world to store the stolen data and ultimately sell it to others.
According to court documents, he charged approximately $10 for each stolen American credit card number and associated data, approximately $50 for each European credit card number and associated data and approximately $15 for each Canadian credit card number and associated data – offering discounted pricing to bulk and repeat customers. Ultimately, the end users encoded each dump onto the magnetic strip of a blank plastic card and cashed out the value of the dump by either withdrawing money from ATMs or making purchases with the cards.
USDOJ announcement here
U.S. Secret Service (USSS), Criminal Investigations, Newark, N.J., Division (The USSS) led the investigation of the indicted conspiracy.
The defendants allegedly sought corporate victims engaged in financial transactions, retailers that received and transmitted financial data and other institutions with information they could exploit for profit. The defendants are charged with attacks on NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. It is not alleged that the NASDAQ hack affected its trading platform.
According to the second superseding indictment unsealed today in Newark federal court and other court filings, the five men each served particular roles in the scheme. Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia, and Alexandr Kalinin, 26, of St. Petersburg, Russia, each allegedly specialized in penetrating network security and gaining access to the corporate victims’ systems. Roman Kotov, 32, of Moscow, allegedly specialized in mining the networks Drinkman and Kalinin compromised to steal valuable data. Court documents allege that the defendants hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Odessa, Ukraine. Dmitriy Smilianets, 29, of Moscow, allegedly sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.
“This type of crime is the cutting edge,” said U.S. Attorney Fishman. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security. And this case shows, there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day. We cannot be too vigilant and we cannot be too careful.”
Drinkman and Smilianets were arrested at the request of the United States while traveling in the Netherlands on June 28, 2012.
Kalinin, Kotov and Rytikov remain at large.
Court documents allege that the initial entry was often gained using a “SQL injection attack.”
the hackers identified vulnerabilities in SQL databases and used those vulnerabilities to infiltrate a computer network. Once the network was infiltrated, the defendants allegedly placed malicious code, or malware, on the system. This malware created a “back door,” leaving the system vulnerable and helping the defendants maintain access to the network. In some cases, the defendants lost access to the system due to companies’ security efforts, but they were able to regain access through persistent attacks.
The defendants then allegedly used an array of computers located around the world to store the stolen data and ultimately sell it to others.
According to court documents, he charged approximately $10 for each stolen American credit card number and associated data, approximately $50 for each European credit card number and associated data and approximately $15 for each Canadian credit card number and associated data – offering discounted pricing to bulk and repeat customers. Ultimately, the end users encoded each dump onto the magnetic strip of a blank plastic card and cashed out the value of the dump by either withdrawing money from ATMs or making purchases with the cards.
USDOJ announcement here
留言
張貼留言