US indicts five hackers in biggest cyber fraud
NEWARK, NJ/BOSTON—Federal prosecutors have charged five men responsible for a hacking and credit card fraud spree that cost companies more $300 million and two of the suspects are in custody, in the biggest cyber crime case filed in US history.
They also disclosed a new security breach against Nasdaq, though they provided few details about the attack.
Other companies targeted by the hackers include a Visa Inc. licensee, JC Penney Co., JetBlue Airways Corp. and French retailer Carrefour SA, according to an indictment unveiled in New Jersey.
Authorities have been pursing the hackers for years. Many of the breaches were previously reported, though it appeared the one involving Nasdaq OMX Group Inc. was being disclosed for the first time.
Prosecutors said they conservatively estimate that the group of five men from Russia and Ukraine helped steal at least 160 million payment card numbers, resulting in losses in excess of $300 million.
Authorities in New Jersey charged that each of the defendants had specialized tasks: Russians Vladimir Drinkman, 32, and Alexandr Kalinin, 26, hacked into networks, while Roman Kotov, 32, mined them for data. They allegedly hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Ukraine.
Russian Dmitriy Smilianets, 29, is accused of selling the stolen data and distributing the profits. Prosecutors said he charged $10 for US cards, $15 for ones from Canada and $50 for European cards, which are more expensive because they have computer chips that make them more secure.
The five hid their efforts by disabling antivirus software of their victims and storing data on multiple hacking platforms, prosecutors said. They sold payment card numbers to resellers, who then sold them on online forums or to “cashers” who encode the numbers onto blank plastic cards.
“This type of crime is the cutting edge,” said New Jersey US attorney Paul J. Fishman. “Those who have the expertise and the inclination to break into our computer networks threaten our economic wellbeing, our privacy and our national security.”
The indictment cited Albert Gonzalez as a coconspirator. He is already serving 20 years in prison after pleading guilty to helping mastermind one of the biggest hacking fraud schemes in US history, helping steal millions of credit and debit cards.
Prosecutors say the defendants worked with Gonzalez before his arrest in Miami, then continued on a crime spree after his capture.