Feeds

Russians accuse FBI agent of hacking

Sting stung

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

An FBI agent was charged yesterday with computer hacking by the Russian counterintelligence service.

The unprecedented charges by the FSB, Russia's Federal Security Service, follow the involvement of FBI Agent Michael Schuler in luring two Russian hackers Vasily Gorshkov, 26, and Alexey Ivanov, 20, to the US in November 2000.

Schuler is accused of obtaining unauthorised access to the pair's computers in Russia as part of the FBI's operation, according to reports.

Sources within the FSB describe the complaint against Schuler to the US Department of Justice as a means of asserting Russian sovereignty.

"If the Russian hackers are sentenced on the basis of information obtained by the Americans through hacking, that will imply the future ability of U.S. secret services to use illegal methods in the collection of information in Russia and other countries," a source told Interfax, a Russian news agency.

Schuler was praised by US authorities for an elaborate ruse that resulted in the arrests of Gorshkov and Ivanov in November 2000. The operation arose out of a nationwide FBI investigation into Russian computer intrusions against e-commerce sites, and online banks which identified Gorshkov and Ivanov as prime suspects.

It was suspected the pair cracked into victims' computers to steal credit card information and other personal financial information, prior to attempting to extort money from the victims with threats to expose the sensitive data to the public or damage the victims' computers. Gorshkov and Ivanov were also suspected of defrauding PayPal through a scheme in which stolen credit cards were used to generate cash and to pay for computer parts.

The FBI lured the two to the US by posing as representatives of the fictional 'Invita' security firm, and offering the dynamic duo good jobs if they could prove their skills.

Of course the Feds set up a box rigged with a key logger and then set the pair to work demonstrating their amazing prowess. When they accessed their machines back home, the Feds recorded the login info, and later returned to root the boxes.

Having placed the pair in handcuffs, the FBI went obtained a wealth of evidence from the hacked boxes.

Last October, Gorshkov was convicted of 20 counts of conspiracy, various computer crimes, and fraud committed against Speakeasy Network of Seattle, Washington; Nara Bank of Los Angeles, California; Central National Bank of Waco, Texas; and PayPal. He faced a maximum of 100 years imprisonment and was due to be sentenced in January, but records do not show if any punishment has yet been imposed.

Ivanov is in custody awaiting trial.

In pre-trial motions, Gorshkov's lawyer argued that the Feds violated Russian law when they searched the contents of his remote machine.

US District Judge John Coughenour ruled that Russian law doesn't apply to American agents, and left it at that.

That ruling and the failure of US agents to co-operate with Russia, has not returned to haunt the Americans. The issue will probably be resolved at a diplomatic level but, if not, the idea of an FBI agent faces hacking charges has intriguing possibilities.

It would never happen in a Tom Clancey novel... ®

Related stories

US Feds can hack overseas boxes -- judge
FBI hacked Russian hackers
Russian Mafia uses NT flaws to raid Internet banks

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.