At the age of 18, Maxim’s technical skills were not working out - he had to join the “party” with an excellent knowledge of English and “soft skills” and the ability to manipulate. I was engaged in cashing out money from cards through American stores, the scheme was “duffel bag”.
But a year later, this scheme stopped working effectively - goods were practically stopped being delivered to Eastern Europe due to an excessive percentage of fraudulent orders. And soon the local Zhytomyr criminals found out about his earnings and began to demand “tribute.”
Trying to change the scheme and make money, Maxim assembled his team. In 2000, they managed to hack the E-Money electronic payment system and steal the data of 38,000 clients. Later we managed to reach Western Union with 16,000 customer data. They tried to monetize the hack with a banal racket. Popov contacted the companies and blackmailed them, offering to provide “security consulting services” and destroy data already obtained for a reward of $50,000 to $500,000.
They were not paid - E-Money delayed negotiations and cooperated with the FBI, and Western Union themselves disclosed information about the hack and did not enter into negotiations.
The crime of Zhitomir demanded more “tribute”, the old “commodity” schemes did not work, ransoms were not paid either. Maxim felt in a dead end, the only way out of which he saw was to escape from Ukraine to the United States and in cooperation with the FBI as a “reformed carder.”
He imagined that he would work for the US government as a respected security expert, then open his own security firm and be fabulously rich. American Dream!
On January 8, 2001, he walked into the doors of the American embassy in London, and the next day he flew to the United States, having agreed on mutual cooperation with the FBI.
But as soon as the plane landed, formerly friendly FBI agents threw Maxim into isolation and brought not a deal, but an ultimatum. Work for them, rat out your friends or go to prison. They took me to a safe house with guards.
Maxim did not expect this - he thought that he already had a deal in London and a consultant position, but these were just words. He tried to sabotage the work, using rare slang words to warn his accomplices. But after 3 months a professional translation of his correspondence arrived, and the apartment was changed to a prison cell to await trial for his previous crimes, the “deal,” if you can call it that, was finally broken. Prosecutors lined up to try him - after all, the case seemed loud and easy. Maxim feigned courage, sent prosecutors to the famous three letters and exaggerated his importance. What else could he do? His cell was in a prison near the Western Union office, such was the irony of fate.
But Agent Ernest Gilbert from the small FBI regional office in Santa Ana, California, was able to prove to management that he could use Maxim to work with the largest carding platform at that time - CardPlanet. An ambitious task, why not try? Moreover, we will always have time to plant.
Giltbert himself once dabbled in hacking in the name of curiosity and from the very beginning he was engaged in cybercrimes - he knew exactly what he wanted. He needed an agent with some connections and an excellent command of Russian. He understood that the “stick” did not work - Maxim began to resist - it was time for the carrot. Gilbert explained that he had “great respect for his skills,” thereby stroking his ego and offering a fair deal:
— Serve 1.5 years for previous crimes.
— At the same time, work as an undercover agent to collect “important intelligence.”
- Don't work against old friends, only against strangers.
Popov, of course, agreed - any trips out of prison became a breath of fresh air, and working on a computer online was the ultimate dream of a convict. The operation was called "Ant City".
The first success was a successful test purchase from an influential carder from CardPlanet under the nickname Script - he was soon detained in Ukraine at the request of the FBI. True, he was released six months later. In 2005, he was arrested in the Wikileaks case, but here too he was acquitted. And in our time, he became a deputy of the Verkhovna Rada of Ukraine from the Petro Poroshenko bloc - this is the Ukrainian dream! But let's not get distracted)
Popov worked on test purchases and provocations - this allowed him to gain weight and reputation in the carding community, and the FBI allowed him to identify multiple sources of card leaks.
In February 2003, there was a major hack of DPI (Data Processing International) - 8 million cards were stolen from them. An offer for their sale immediately appeared on CardPlanet from a user with the nickname RES. Maxim tried to make a test purchase of all cards for $200,000, but RES did not believe him. Then FBI agents at the nearest bank branch filmed a video where Maxim on camera counts the required amount and says, “Look, these are real money, I’m showing you close-up, let’s solve the problem!”
It worked, RES believed and clarified, where did the money come from? Popov responded with a prepared phrase that he made money in the company that produces fake cards, Hermes-Plast, here are the contacts of their leader and his email. Of course, the company did not exist - it was an FBI trap. But the greedy RES contacted the “manager” and soon sent there his resume, including Russian passport data. Carders always want even easier money.
After 8 months of work (April 8, 2003), the court replaced the remainder of Maxim’s sentence with “judicial supervision” for three years, the FBI rented him a simple apartment on the beach and paid him $1,000 dollars a month for expenses, because he was still working for them. It didn’t look much like the “American Dream”; Maxim didn’t have a green card or work permit; he wanted to go home. Soon he asked the judge for permission to visit Ukraine with the obligation to return to California, but, of course, he did not return. However, the FBI was not very upset by this.
After all, during the entire period of cooperation, the FBI has already achieved unprecedented results - more than 700 leaks were discovered, charges were brought against many carders, but extradition was difficult.
In Ukraine, Maxim opened his own company, Cybercrime Monitoring Systems (Cycmos), specializing in the analysis of threats and data leaks of large companies. In essence, he was doing the same thing as the FBI, but only for himself, and he sold intelligence information about completed or impending attacks to the victim companies themselves. Happy end? No.
In 2004, Maxim unexpectedly called Gilbert, saying that the FBI's email had been hacked.
According to the carder, oh, sorry, the already respected head of a cybersecurity company, the mail was stolen from the AT&T provider, which the FBI used. And the entry point turned out to be the outdated pre-Internet protocol X.25.
Gilbert persuaded management to allocate $10,000 to pay for consulting services to Cycmos, and soon Maxim handed them two documents, which he said were obtained from an FBI email:
— An 11-page dossier on one of the administrators of CarderPlanet under the nickname King Arthur.
— A six-month-old list of FBI priority targets. Nicknames, possible names of the carders under development, notes on cooperation with the authorities. Only 100 people. The list was marked “Law Enforcement Sensitive” and “Do not transmit over the Internet.”
This made an impression on Gilbert, Maxim was asked to dig some more, and soon he pointed to the performer - Leonid Sokolov, a student at St. Petersburg State University, who confirmed his participation in the AT&T hack in an online conversation. This is the biggest case in Gilbert's career!
But then things started to get weird. Agent Gilbert was called to give an explanation, because his name was used for extortion. It turns out that not only AT&T, but several other companies were hacked through a hole in the X.25 protocol, including EMC, the developer of the famous virtualization software VMware (now a separate company).
During the hack, the source code of the VMware kernel was stolen, and after some time a certain “Denis Pinhouse” contacted them. He offered assistance in investigating the incident and protection from publication of the source code for a certain fee. Agent Gilbert's contacts were given as an argument why he should be trusted.
Needless to say, Denis Pinhouse was a well-known pseudonym for Maxim Popov? Gilbert tried to put pressure on the ex-agent by calling him and ordering him to immediately cut off all contacts with EMC and not offer them help, otherwise it would look like a crime. The prosecutor's office began an investigation. Gilbert tried to cover for Maxim, saying that Pinhouse was a valuable FBI agent and they needed him. The prosecutor did not back down, received Popov’s information bypassing Gilbert, and soon a warrant was issued for his arrest and extradition at the first opportunity, which did not arise.
St. Petersburg State University student Sokolov was also charged with hacking AT&T and received an extradition order, also unsuccessfully. After 4 months, all the materials on Popov were taken away from Agent Gilbert, then he was unexpectedly transferred to the counter-terrorism unit, removing him from participation in cybercrime investigations.
Here the career of an FBI agent finally went downhill - he was not given promotions or incentives, all important cases also passed him by, and when he openly asked his superiors “what’s going on?!”, they explained to him that an investigation was underway against him, they suspected of fraud and conspiracy against the government. For the EMC cause and supposedly his assistance, they were especially worried about his last call demanding that he stop contacts with the EMC. Gilbert soon retired from the FBI, his most prominent investigation ending his career. The investigation against himself later ended in nothing.
Well, a few years later it became known that Popov and Sokolov had worked together from the very beginning. They worked according to the old extortion scheme - they hacked the AT&T network and obtained FBI correspondence. And after an unsuccessful attempt to “extort money” from AT&T, Popov decided to make money from hacking, using Gilbert and connections with the FBI, which he succeeded in.
At the time of the disclosure, Gilbert became the security director of the famous consulting company PricewaterhouseCoopers, so he declined to comment. Maybe he suspected something, or maybe he was just cynically taken advantage of.
After the hack, EMC still cooperated with Popov to prevent the source code from leaking. They paid $30,000, promised to pay another $40,000 later, but did not do this, as they were undergoing a business reorganization, in the process of which VMware became a separate company.
On April 23, 2012, under the new identity of “Hardcore Charlie” - a hacktivist from the Anonymous movement - Popov finally posted the source codes of VMware. Even though a lot of time had passed, it was extremely dangerous for the company. We had to urgently patch many critical vulnerabilities that were discovered immediately after publication by researchers and attackers around the world.
Never trust carders. Never.
(c) https://vk.com/@knowledge_pikabu-nikogda-ne-verte-karderam
But a year later, this scheme stopped working effectively - goods were practically stopped being delivered to Eastern Europe due to an excessive percentage of fraudulent orders. And soon the local Zhytomyr criminals found out about his earnings and began to demand “tribute.”
Trying to change the scheme and make money, Maxim assembled his team. In 2000, they managed to hack the E-Money electronic payment system and steal the data of 38,000 clients. Later we managed to reach Western Union with 16,000 customer data. They tried to monetize the hack with a banal racket. Popov contacted the companies and blackmailed them, offering to provide “security consulting services” and destroy data already obtained for a reward of $50,000 to $500,000.
They were not paid - E-Money delayed negotiations and cooperated with the FBI, and Western Union themselves disclosed information about the hack and did not enter into negotiations.
The crime of Zhitomir demanded more “tribute”, the old “commodity” schemes did not work, ransoms were not paid either. Maxim felt in a dead end, the only way out of which he saw was to escape from Ukraine to the United States and in cooperation with the FBI as a “reformed carder.”
He imagined that he would work for the US government as a respected security expert, then open his own security firm and be fabulously rich. American Dream!
On January 8, 2001, he walked into the doors of the American embassy in London, and the next day he flew to the United States, having agreed on mutual cooperation with the FBI.
But as soon as the plane landed, formerly friendly FBI agents threw Maxim into isolation and brought not a deal, but an ultimatum. Work for them, rat out your friends or go to prison. They took me to a safe house with guards.
Maxim did not expect this - he thought that he already had a deal in London and a consultant position, but these were just words. He tried to sabotage the work, using rare slang words to warn his accomplices. But after 3 months a professional translation of his correspondence arrived, and the apartment was changed to a prison cell to await trial for his previous crimes, the “deal,” if you can call it that, was finally broken. Prosecutors lined up to try him - after all, the case seemed loud and easy. Maxim feigned courage, sent prosecutors to the famous three letters and exaggerated his importance. What else could he do? His cell was in a prison near the Western Union office, such was the irony of fate.
But Agent Ernest Gilbert from the small FBI regional office in Santa Ana, California, was able to prove to management that he could use Maxim to work with the largest carding platform at that time - CardPlanet. An ambitious task, why not try? Moreover, we will always have time to plant.
Giltbert himself once dabbled in hacking in the name of curiosity and from the very beginning he was engaged in cybercrimes - he knew exactly what he wanted. He needed an agent with some connections and an excellent command of Russian. He understood that the “stick” did not work - Maxim began to resist - it was time for the carrot. Gilbert explained that he had “great respect for his skills,” thereby stroking his ego and offering a fair deal:
— Serve 1.5 years for previous crimes.
— At the same time, work as an undercover agent to collect “important intelligence.”
- Don't work against old friends, only against strangers.
Popov, of course, agreed - any trips out of prison became a breath of fresh air, and working on a computer online was the ultimate dream of a convict. The operation was called "Ant City".
The first success was a successful test purchase from an influential carder from CardPlanet under the nickname Script - he was soon detained in Ukraine at the request of the FBI. True, he was released six months later. In 2005, he was arrested in the Wikileaks case, but here too he was acquitted. And in our time, he became a deputy of the Verkhovna Rada of Ukraine from the Petro Poroshenko bloc - this is the Ukrainian dream! But let's not get distracted)
Popov worked on test purchases and provocations - this allowed him to gain weight and reputation in the carding community, and the FBI allowed him to identify multiple sources of card leaks.
In February 2003, there was a major hack of DPI (Data Processing International) - 8 million cards were stolen from them. An offer for their sale immediately appeared on CardPlanet from a user with the nickname RES. Maxim tried to make a test purchase of all cards for $200,000, but RES did not believe him. Then FBI agents at the nearest bank branch filmed a video where Maxim on camera counts the required amount and says, “Look, these are real money, I’m showing you close-up, let’s solve the problem!”
It worked, RES believed and clarified, where did the money come from? Popov responded with a prepared phrase that he made money in the company that produces fake cards, Hermes-Plast, here are the contacts of their leader and his email. Of course, the company did not exist - it was an FBI trap. But the greedy RES contacted the “manager” and soon sent there his resume, including Russian passport data. Carders always want even easier money.
After 8 months of work (April 8, 2003), the court replaced the remainder of Maxim’s sentence with “judicial supervision” for three years, the FBI rented him a simple apartment on the beach and paid him $1,000 dollars a month for expenses, because he was still working for them. It didn’t look much like the “American Dream”; Maxim didn’t have a green card or work permit; he wanted to go home. Soon he asked the judge for permission to visit Ukraine with the obligation to return to California, but, of course, he did not return. However, the FBI was not very upset by this.
After all, during the entire period of cooperation, the FBI has already achieved unprecedented results - more than 700 leaks were discovered, charges were brought against many carders, but extradition was difficult.
In Ukraine, Maxim opened his own company, Cybercrime Monitoring Systems (Cycmos), specializing in the analysis of threats and data leaks of large companies. In essence, he was doing the same thing as the FBI, but only for himself, and he sold intelligence information about completed or impending attacks to the victim companies themselves. Happy end? No.
In 2004, Maxim unexpectedly called Gilbert, saying that the FBI's email had been hacked.
According to the carder, oh, sorry, the already respected head of a cybersecurity company, the mail was stolen from the AT&T provider, which the FBI used. And the entry point turned out to be the outdated pre-Internet protocol X.25.
Gilbert persuaded management to allocate $10,000 to pay for consulting services to Cycmos, and soon Maxim handed them two documents, which he said were obtained from an FBI email:
— An 11-page dossier on one of the administrators of CarderPlanet under the nickname King Arthur.
— A six-month-old list of FBI priority targets. Nicknames, possible names of the carders under development, notes on cooperation with the authorities. Only 100 people. The list was marked “Law Enforcement Sensitive” and “Do not transmit over the Internet.”
This made an impression on Gilbert, Maxim was asked to dig some more, and soon he pointed to the performer - Leonid Sokolov, a student at St. Petersburg State University, who confirmed his participation in the AT&T hack in an online conversation. This is the biggest case in Gilbert's career!
But then things started to get weird. Agent Gilbert was called to give an explanation, because his name was used for extortion. It turns out that not only AT&T, but several other companies were hacked through a hole in the X.25 protocol, including EMC, the developer of the famous virtualization software VMware (now a separate company).
During the hack, the source code of the VMware kernel was stolen, and after some time a certain “Denis Pinhouse” contacted them. He offered assistance in investigating the incident and protection from publication of the source code for a certain fee. Agent Gilbert's contacts were given as an argument why he should be trusted.
Needless to say, Denis Pinhouse was a well-known pseudonym for Maxim Popov? Gilbert tried to put pressure on the ex-agent by calling him and ordering him to immediately cut off all contacts with EMC and not offer them help, otherwise it would look like a crime. The prosecutor's office began an investigation. Gilbert tried to cover for Maxim, saying that Pinhouse was a valuable FBI agent and they needed him. The prosecutor did not back down, received Popov’s information bypassing Gilbert, and soon a warrant was issued for his arrest and extradition at the first opportunity, which did not arise.
St. Petersburg State University student Sokolov was also charged with hacking AT&T and received an extradition order, also unsuccessfully. After 4 months, all the materials on Popov were taken away from Agent Gilbert, then he was unexpectedly transferred to the counter-terrorism unit, removing him from participation in cybercrime investigations.
Here the career of an FBI agent finally went downhill - he was not given promotions or incentives, all important cases also passed him by, and when he openly asked his superiors “what’s going on?!”, they explained to him that an investigation was underway against him, they suspected of fraud and conspiracy against the government. For the EMC cause and supposedly his assistance, they were especially worried about his last call demanding that he stop contacts with the EMC. Gilbert soon retired from the FBI, his most prominent investigation ending his career. The investigation against himself later ended in nothing.
Well, a few years later it became known that Popov and Sokolov had worked together from the very beginning. They worked according to the old extortion scheme - they hacked the AT&T network and obtained FBI correspondence. And after an unsuccessful attempt to “extort money” from AT&T, Popov decided to make money from hacking, using Gilbert and connections with the FBI, which he succeeded in.
At the time of the disclosure, Gilbert became the security director of the famous consulting company PricewaterhouseCoopers, so he declined to comment. Maybe he suspected something, or maybe he was just cynically taken advantage of.
After the hack, EMC still cooperated with Popov to prevent the source code from leaking. They paid $30,000, promised to pay another $40,000 later, but did not do this, as they were undergoing a business reorganization, in the process of which VMware became a separate company.
On April 23, 2012, under the new identity of “Hardcore Charlie” - a hacktivist from the Anonymous movement - Popov finally posted the source codes of VMware. Even though a lot of time had passed, it was extremely dangerous for the company. We had to urgently patch many critical vulnerabilities that were discovered immediately after publication by researchers and attackers around the world.
Never trust carders. Never.
(c) https://vk.com/@knowledge_pikabu-nikogda-ne-verte-karderam
