The fight against cybercrime is no longer a myth these days, but a harsh reality. Gone are the days when intelligence agencies didn't know where to start when it came to the internet. This story vividly illustrates that intelligence agencies have learned a lot.
The Federal District Court in Seattle sentenced Roman Valerievich Seleznev, a 32-year-old citizen of the Russian Federation and the son of Valery Seleznev, a current State Duma deputy from the Liberal Democratic Party of Russia, to 27 years in prison.
American justice rarely succeeds in bringing down Russian hackers and carders, who constantly carry out hacks in the US and siphon billions of dollars from the US banking system. But when they do, and if their guilt is proven, they receive the maximum sentences.
Roman was charged with hacking retail point-of-sale systems across the United States from 2009 to 2011. According to the indictment, he operated international card forum websites from his homes and apartments in Vladivostok, Indonesia, and Bali to facilitate the theft and sale of stolen credit card data.
Roman is known on underground forums under the nicknames Bulba, Track2, 2pac, nCuX, and others. He himself sold dumps through the websites POS Dumps, track2.tv, bulba.cc, and 2ras.cc.
Seleznev's laptop was found to contain 1.7 million data dumps, and his bank accounts contained over $18 million, obtained through illegal transactions. These funds were used, among other things, to purchase two apartments in Bali worth a total of $800,000.
Photos of Roman driving various sports cars were also found on the computer, as well as next to stacks of bills that looked like 5,000-ruble notes.
According to proven incidents, Seleznev's schemes allowed for the resale of more than two million credit cards, which resulted in losses for the US banking system in the amount of more than $170 million.
Federal prosecutors call Seleznev "the biggest fish" from the carding world ever to fall into the hands of American justice.
He stole credit cards and other data that could be resold. Over time, he refined his hacking skills and increased his volume. Then, things got even more serious. Tragedy struck after the 2011 terrorist attack in Marrakesh, where part of Roman's head was blown off. After emerging from a coma, Roman returned to carding.
Agents placed Roman under surveillance immediately after he arrived in Male. During his journey from the terminal to the airport, he was under close surveillance: several agents sat with him on the bus, a couple of rows behind him. As soon as Roman handed over his passport at the airport security checkpoint, he was immediately handcuffed.
Local authorities simultaneously announced Roman's expulsion from the country.
On April 21, 2017, Roman was sentenced to 27 years in prison.
So how did they catch you?
The point is that when dozens of people complain about card fraud, the FBI's automated system tries to find intersections in their purchase history where their card data might have been leaked.
Seleznev and his team remotely hacked POS terminals in American cafes and planted their malware, which leaked card data to their server. The FBI used fraud statistics to locate these cafes (months after the hack!), seized the POS terminals for analysis, and dismantled the malware to determine where exactly the data was leaking.
That's how they ended up using a VPS, which Seleznev rented from an American data center.
He paid for the VPS with PayPal, linked to his Yahoo account. The FBI obtained a warrant to seize correspondence from this account and found all of Seleznev's personal information there — addresses, phone numbers, passport number, etc.
Seleznev's identity was established back in 2009, and then they waited five years for him to visit a country from where it would be easy to transport him to the United States.
(c) https://telegra.ph/SSHA-i-rossijskie-kardery-11-06
The Federal District Court in Seattle sentenced Roman Valerievich Seleznev, a 32-year-old citizen of the Russian Federation and the son of Valery Seleznev, a current State Duma deputy from the Liberal Democratic Party of Russia, to 27 years in prison.
American justice rarely succeeds in bringing down Russian hackers and carders, who constantly carry out hacks in the US and siphon billions of dollars from the US banking system. But when they do, and if their guilt is proven, they receive the maximum sentences.
Roman was charged with hacking retail point-of-sale systems across the United States from 2009 to 2011. According to the indictment, he operated international card forum websites from his homes and apartments in Vladivostok, Indonesia, and Bali to facilitate the theft and sale of stolen credit card data.
Roman is known on underground forums under the nicknames Bulba, Track2, 2pac, nCuX, and others. He himself sold dumps through the websites POS Dumps, track2.tv, bulba.cc, and 2ras.cc.
Seleznev's laptop was found to contain 1.7 million data dumps, and his bank accounts contained over $18 million, obtained through illegal transactions. These funds were used, among other things, to purchase two apartments in Bali worth a total of $800,000.
Photos of Roman driving various sports cars were also found on the computer, as well as next to stacks of bills that looked like 5,000-ruble notes.
According to proven incidents, Seleznev's schemes allowed for the resale of more than two million credit cards, which resulted in losses for the US banking system in the amount of more than $170 million.
Federal prosecutors call Seleznev "the biggest fish" from the carding world ever to fall into the hands of American justice.
He stole credit cards and other data that could be resold. Over time, he refined his hacking skills and increased his volume. Then, things got even more serious. Tragedy struck after the 2011 terrorist attack in Marrakesh, where part of Roman's head was blown off. After emerging from a coma, Roman returned to carding.
Agents placed Roman under surveillance immediately after he arrived in Male. During his journey from the terminal to the airport, he was under close surveillance: several agents sat with him on the bus, a couple of rows behind him. As soon as Roman handed over his passport at the airport security checkpoint, he was immediately handcuffed.
Local authorities simultaneously announced Roman's expulsion from the country.
On April 21, 2017, Roman was sentenced to 27 years in prison.
So how did they catch you?
The point is that when dozens of people complain about card fraud, the FBI's automated system tries to find intersections in their purchase history where their card data might have been leaked.
Seleznev and his team remotely hacked POS terminals in American cafes and planted their malware, which leaked card data to their server. The FBI used fraud statistics to locate these cafes (months after the hack!), seized the POS terminals for analysis, and dismantled the malware to determine where exactly the data was leaking.
That's how they ended up using a VPS, which Seleznev rented from an American data center.
He paid for the VPS with PayPal, linked to his Yahoo account. The FBI obtained a warrant to seize correspondence from this account and found all of Seleznev's personal information there — addresses, phone numbers, passport number, etc.
Seleznev's identity was established back in 2009, and then they waited five years for him to visit a country from where it would be easy to transport him to the United States.
(c) https://telegra.ph/SSHA-i-rossijskie-kardery-11-06
