This April saw an increase in the arrests of cybercriminals. Most cases were related directly to stealing money; interestingly, criminals prefer to steal smaller sums from hundreds of credit card holders rather than go for broke on a single large heist. That way, they hope to go unpunished as the damage is relatively small in each individual case. We will see, however, that these hopes are in vain, as a thousand stolen dollars pays for a spell in prison just as surely as a million dollars does.
Pirates of the 21st Century
The movies may paint pirates as romantic heroes, but they got their money through robbery, and not much has changed today. In Sweden, charges were laid against a co-founder of Pirate Bay, a popular torrent portal, and this time the allegations against Gottfrid Svartholm Warg did not involve copyright infringement, but hacking IBM mainframes, one of which was owned by Logica Co., a tax accounting consulting firm that provided services to the Swedish government, and the other by Nordea bank. Prosecutor Henrik Olin said this was the biggest hack in Sweden’s history. However, the four cybercriminals’ gains were modest. Despite setting up transactions worth more than $900,000, only one was successful, worth $4,300. However, a lot of personal data was stolen from Logica, including insurance numbers and information about cars. So far there are no strong indications of how the criminals planned to use this information, however, there is always high demand on the black market.
Interestingly, Svartholm Warg was earlier convicted on a Pirate Bay charge and fled to Cambodia to escape prosecution. He was arrested in September 2012 and was deported to Sweden. As the investigation progresses, his charge sheet keeps expanding.
Millions of credit cards
In Washington DC, the case against a notorious carder has come to an end. Vladislav Khorokhorin, 30, was sentenced to seven years and four months behind bars after stealing and reselling credit card numbers. According to the US Department of Justice, he has stolen literally millions of credit cards. Apart from reselling the data to other criminals, Khorokhorin, who holds Russian, Ukrainian and Israeli citizenships, also used the cards in person. In one episode, he stole more than $120,000 from ATMs located in Moscow, Russia, using fake duplicate copies of credit cards. US officials have long been hunting down Khorokhorin, but he went into hiding in Moscow. In 2010, he took a trip to Monaco and was detained in the Nice airport. While in a French prison, Khorokhorin actively resisted extradition to the USA, selling some $5 million worth of real estate to pay his legal fees. That, however, was futile, and a sentence in a US prison became a grim reality for the criminal.
Country got talent
Unfortunately, student crime is no news to the police either. In Akademgorodok, which is a campus neighborhood in Novosibirsk, Russia, a 22-year-old student was detained on suspicion of purchasing the data of about six credit cards, creating fake duplicate copies and using them to buy goods in shops. He allegedly spent 50,000 rubles ($1,600) from other people’s bank accounts before a foreign bank raised an alarm and blocked the card. This crime is hardly notable in its scale, invention or technologies involved, but it could still earn the student a 10-year jail term. However, courts in Russia often impose suspended sentences for this kind of crime – another reason why cybercriminals try their best to stay in the country.
Careless storage costs millions
A hacker was arrested in Sevastopol, after allegedly stealing one million hryvnia ($250,000) from a charity organization. By infecting an accountant’s PC with a malicious application, the criminal gained remote access to the system and discovered that, despite standard banking instructions, the access password to the Internet bank account and its keys were stored in publicly accessible files. Thus, he had all he needed to conduct the theft. The Ukrainian police promptly blocked the account and returned the money, and the criminal now faces up to 5 years of imprisonment according to Ukrainian legislation.
Security is not to be joked with
Members of the LulzSec hacker group, involved in notorious hacks of the Sony PlayStation Network and other resources of that company, are still on trial. About 100 million gamers had their personal information stolen and Sony was forced to suspend its gaming network for a month after the attack.
One of the defendants, Cody Andrew Kretzinger, 25, was convicted of involvement in the smaller-scale Sony Pictures hack. He was sentenced to one year under house arrest, 100 hours of community services and given a fine of more than $600,000. Co-defendant Rinaldo Riveire will stand trial in May and faces up to 15 years in jail.
The Belorussian Zeus
While the multi-component Zeus malware, optimized for the theft of access details to online banking, is gradually going out of fashion amongst hackers, its charge sheet of misdemeanors will keep courtrooms busy for some time to come. In Belarus, a criminal case was handed to the public prosecutor’s office after a Minsk resident was accused of using this Trojan to steal banking details from citizens of France, Italy and Eastern Europe before syphoning funds from their accounts. According to the investigation, he stole a total of 20 thousand euro. While the case will be examined in court, the accused has been arrested and his property sequestrated.
A social engineer
A Zeus function useful for hackers – the ability to steal not only PC passwords, but also one-time codes on smartphones – is quite complex to implement, and success is not guaranteed when it is used. As a result, a Russian cybercriminal from the city of Tolyatti resorted to a more complex scam. He used a Carberp Trojan to interfere with the processes of logging into the online banking of Russia’s leading banks to harvest victims’ telephone numbers, logins and passwords. Subsequently, he was able to get a fraudulent copy of the victims’ SIM cards from the mobile operator and set up SMS confirmations from the bank. Although the scammer got the details of 5,000 people, there were rather fewer successful attempts to steal cash. The investigation does not disclose the scale of any actual losses, but other sources hint that it could be up to 1 billion Roubles ($34 million).
Of course, to make each of these arrests a reality, complex investigation is required, including malware analysis, search and neutralization of administration servers and, most importantly, detection of the criminals themselves, who do their best to operate far from wherever they may live. Fortunately, a new level of international collaboration makes it possible to punish the criminals even in these complex cases.