Carder from Vinnytsia will be tried for stealing data from bank cards of foreigners

[Carding Forum]

Employees of the State Bureau of Investigation have completed a pre-trial investigation into a cybercriminal from Vinnytsia, who deceived foreigners and legalized income from illegal operations. The indictment was sent to the court.

The attacker started his activity in 2017, creating and selling malicious software for one of the operating systems, which allowed stealing personal data from mobile devices.

Subsequently, he began to engage in "phishing", using fictitious links and special sites to steal bank data of residents of Canada and the United States. He sold the stolen data for cryptocurrency. According to the results of the investigation, it was established that he managed to steal and legalize about 3.5 million UAH on the territory of Ukraine.

After the investigation of the case by other law enforcement agencies, by the decision of the procedural head, it was transferred to the State Bureau of Investigation.

In February 2024, the cybercriminal was notified of suspicion. Now the man's luxury car has been arrested for further special confiscation.

The defendant is accused of creating and distributing malicious software, unauthorized interference in the operation of electronic computers, and legalizing property (Part 1 of Article 361-1, Part 2 of Article 361, Part 1 of Article 209 of the Criminal Code of Ukraine).

The sanction of the article provides for punishment in the form of imprisonment for up to 6 years with confiscation of property.

The Vinnytsa Regional Prosecutor's Office provides procedural guidance.

• Source: https://dbr.gov.ua/news/za-material...kradennya-danih-z-bankivskih-kartok-inozemciv

 

[Friend]

April 10, 2024 Vinnytsia
Vinnytsia City Court of Vinnytsia Region, composed of:
investigator, judge,
with the participation of:
the secretary of the court session,
the prosecutor,
the suspect,
the defense lawyer,

Having considered in an open court session, in the courtroom, the petition of the senior investigator of the Fourth Investigation Department (located in Vinnytsia) of the Territorial Department of the State Bureau of Investigation, located in the city of Khmelnytskyi, PERSON_6 DR on 04.12.2019, on suspicion of PERSON_4 of committing crimes under Part 1 of Article 361-1, Part 2 of Article 361, Part 2 of Article 209 of the Criminal Code of Ukraine, when recording the trial with the help of technical means, -

ESTABLISHED:

The Vinnytsia City Court of Vinnytsia Region received the above-mentioned petition from the senior investigator of the Fourth Investigation Department (located in Vinnytsia) of the Territorial Administration of the State Bureau of Investigation, located in the city of Khmelnytskyi, PERSON_6, to extend the period of pre-trial investigation on 04.12. 2019, on suspicion of benbin77 committing crimes under Part 1 of Article 361-1, Part 2 of Article 361, Part 2 of Article 209 of the Criminal Code of Ukraine.

The petition is motivated by the fact that ___, who has special knowledge and skills in the field of development and use of software, programming, on a date and time not established by the pre-trial investigation, but no later than January 18, 2017, at the place of residence at the address: __ , there was an intention to create for the purpose of using, distributing, as well as distributing malicious software intended for unauthorized interference with the operation of electronic computers (computers), automated systems, computer networks or telecommunication networks.

Realizing his criminal intent, benbin77 on 18.01.2017 registered on the thematic forum of the "shadow topic" "exploitivzcm5dawzhe6c32bbylyggbjvh5dyvsvb5lkuz5ptmunkmqd.onion" and, using the pseudonym "benbin77" at the link " posted ads about the distribution by sale of programs through the sale of programs whose functions are the theft of personal data of users of the Android operating system.

In addition, benbin77, acting intentionally, added several (at least 10) potentially dangerous software (applications) with the format «.apk", with the name "" or with a similar name ("", "", and others), which can steal personal user data, to the archive file "FlashPlayer (2).zip" and on a date and time not established by the pre-trial investigation, in order to distribute the applications, uploaded them to the cloud storage "", during which it Subsequently

PERSON_4 created a web resource designed to develop Internet traffic, maintain statistics of clicks, collect detailed information about visitors, and be able to download the file "", which led to the distribution of potentially dangerous software, fully controlled by its PERSON_4.

PERSON_4 carried out these illegal activities until 12/30/2020, since the employees of the military-industrial complex in of the Vinnytsia region, together with the SV of the Vinnytsia District Police Department, with the involvement of the special unit "KORD", a number of searches were carried out and the commission of this criminal offense was stopped.

Based on the results of a number of forensic examinations, it was established that software products with hash sums:
- "6c2fcc52a505fe253e5781982f55c32a", date of creation 02/16/2017, .apk format identified as potentially dangerous software;
- "fb7a632c8ad3af63d81691b91abb9d57", creation date 30.05.2018, .apk format that is identified as fake software that can steal personal user data;
- "4b5447fce810fbd1caf80ba308512613", date of creation 21.08.2018, .apk format identified as potentially dangerous software;
- "47bac0c701a46e91a77593a94fa5133e", date of creation 24.09.2018, format .apk, identified as potentially dangerous software that can steal personal user data.

The above software applications in .apk format are designed to be installed on mobile platforms with the Android operating system.