Two Russian dark web hackers have been jailed in the United States after pleading guilty to orchestrating the largest credit-card theft in US history.
Moscow natives Vladimir Drinkman, 37, and Dmitriy Smilianets, 34, started and operated a criminal organization that worked for months to hack into companies and retrieve credit and debit card information.
They later put the information up for sale on the dark web. The information was sold per card to customers, who then ripped off companies and citizens around the world.
160 Million Credit Card Numbers Stolen
According to Acting Assistant Attorney General Cronan, the two are feared to have stolen information of 160 million credit cards from various payment card processors, banks, retailers and other entities.
Additionally, the information further fueled the stolen data economy existing in the dark web. AG Cronon went on to warn that the Department of Justice would use all available resources to identify, arrest and prosecute those who attack the networks of businesses and customers.
This comes in the backdrop of mega network breaches and hackings that have affected millions of people around the world in recent years, a trend has which has only risen.
Arrested in Amsterdam
Drinkman and Smilianets were arrested by Dutch law enforcement while on a trip to Amsterdam in 2012 and taken to the US to face trial, ultimately being charged the following year.
The charges included three of their associates who are still at large, identified as A. Kalinin, 31, R. Kotov, 36, and M. Rytikov, 30. Drinkman and Smilianets attracted US attention in 2009 when they were realized to be working with US hacker Albert Gonzalez.
Gonzalez is currently serving a 20-year sentence for orchestrating the hacking attacks on TJ Maxx and Heartland Payment Systems.
Multiple Financial Organizations Affected
According to the FBI, Drinkman worked with Kalinin to attack corporate servers with the intention of obtaining card information and associated personal data. The two specialized in SQL injection attacks, the technique used to compromise vBulletin.
Upon gaining access to the network, Kotov would seek pertinent information by employing custom-programmed sniffing tools.
According to the prosecutors, Rytikov was the group’s ISP, providing internet usage with little to no evidence trail. On the other hand, Smilianets took charge of selling the retrieved data.
He used the dark web to find buyers for the hacked information at a cost of $50, $10, and $15 for EU, American, and Canadian cards, respectively.
It’s reported that the most affected victims of the criminal syndicate included NASDAQ, 7-Eleven, JCP, JetBlue, Dow Jones, Euronet, Global Payment and several other corporations.
Threat to the Economy and National Security
The total losses these companies faced are difficult to estimate, but three of the affected companies recorded losses totaling to an excess of $300m due to the syndicate’s operations.
According to acting US Attorney Fitzpatrick, the syndicate worked at the most sophisticated levels of illicit hacking and the trafficking of stolen personally identifiable information.
The group made use of their superior computer skills to infiltrate computer networks to illegally obtain information and sell it for profit on the dark web.
He said as they were the perpetrators of one of the largest data breaches in the history of the US, they were major threats to the economy, privacy and national security of the country and could not be tolerated.
Drinkman pleaded guilty in a District Court in New Jersey to conspiracy to commit unauthorized access of protected computers and to commit wire fraud.
Unrelenting Efforts to Pursue Cybercriminals
The judge handling the case, Jerome Simandle, sentenced Drinkman to 12-years in a US prison and three years of supervised release thereafter. Smilianets received a lesser sentence after pleading guilty to conspiracy to commit wire fraud.
He was handed a four-and-a-half-year jail sentence. The two are expected to be expelled from the US after they have served their sentences.
According to US Secret Service Special Agent Mark McKevitt, this case has demonstrated the ability of the US Secret Service to conduct investigations related to cybercrime and see them to their conclusion.
He also recognized the collaborative efforts of law enforcement officers in the Netherlands. He stated that the Secret Service continue with efforts to develop innovative ways to safeguard the financial infrastructure of the United States from cyber incidents and promised that all cybercriminals taking advantage of emerging technologies to orchestrate criminal activities would be pursued and brought to justice.
Latest posts by Malik (see all)
- Authorities Bust Darknet Fake Id Operation in Toledo - March 12, 2018
- Russian Hackers Sentenced to Prison Following Unprecedented Data Breach - March 12, 2018
- Law Enforcement Agencies Grapple with New Reality of In-Person Crypto Theft - March 9, 2018