Russian Cyber-Criminal Sentenced- Role in Organized Cybercrime Ring-$50 M in Online ID Theft, etc.

https://www.justice.gov/opa/pr/russian-cyber-criminal-sentenced-14-years-prison-role-organized-cybercrime-ring-responsible

Department of Justice
Office of Public Affairs

FOR IMMEDIATE RELEASE
Thursday, November 30, 2017

Russian Cyber-Criminal Sentenced to 14 Years in Prison for Role in Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft and $9 Million Bank Fraud Conspiracy

A Russian cyber-criminal was sentenced today to 14 years in prison for his role in a $50 million cyberfraud ring and for defrauding banks of $9 million through a hacking scheme.
(snip)

Roman Valeryevich Seleznev aka Track2, Bulba and Ncux, 33, was sentenced by U.S. District Judge Steve C. Jones of the Northern District of Georgia to serve 168 months in prison for one count of participation in a racketeering enterprise pursuant to an indictment returned in the District of Nevada, and to 168 months in prisonfor one count of conspiracy to commit bank fraud pursuant to an indictment returned in the Northern District of Georgia, with the sentences to run concurrent to one another. In both cases, Seleznev was ordered three years of supervised release to run concurrently. He was also ordered restitution in the amount of $50,893,166.35 in the Nevada case and $2,178,349 in the Georgia case. Seleznev pleaded guilty to the charges on Sept. 7.

In connection with his guilty plea in the Nevada case, Seleznev admitted that he became associated with the Carder.su organization, an identify theft and credit card fraud ring, in January 2009. According to Seleznev’s admissions in his plea agreement, Carder.su was an Internet-based, international criminal enterprise whose members trafficked in compromised credit card account data and counterfeit identifications and committed identity theft, bank fraud, and computer crimes. Seleznev admitted that the group tried to protect the anonymity and the security of the enterprise from both rival organizations and law enforcement. For example, members communicated through various secure and encrypted forums, such as chatrooms, private messaging systems, encrypted email, proxies and encrypted virtual private networks. Gaining membership in the group required the recommendation of two current members in good standing.

Seleznev further admitted that he sold compromised credit card account data and other personal identifying information to fellow Carder.su members. The defendant sold members such a large volume of product that he created an automated website, which he advertised on the Carder.su organization’s websites. His automated website allowed members to log into and purchase stolen credit card account data. The defendant’s website had a simple interface that allowed members to search for the particular type of credit card information they wanted to buy, add the number of accounts they wished to purchase to their “shopping cart” and upon check out, download the purchased credit card information. Payment of funds was automatically deducted from an established account funded through L.R., an online digital currency payment system. Seleznev further admitted that he sold each account number for approximately $20. The Carder.su organization’s criminal activities resulted in loss to its victims of at least $50,893,166.35.

In connection with his guilty plea in the Northern District of Georgia case, Seleznev admitted that he acted as a “casher” who worked with hackers to coordinate a scheme to defraud an Atlanta-based company that processed credit and debit card transactions on behalf of financial institutions. Seleznev admitted that pursuant to the scheme, in November 2008, hackers infiltrated the company’s computer systems and accessed 45.5 million debit card numbers, certain of which they used to fraudulently withdraw over $9.4 million from 2,100 ATMs in 280 cities around the world in less than 12 hours.
(snip)