Feeds

FBI sting snares top Russian crackers

Three years at Club Fed

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

A Russian cracker, tricked by the FBI into visiting the US on the pretext of a job interview, has been sentenced to three years in jail.

Vasiliy Gorshkov, 27, was also ordered to pay $690,000 in compensation for his crimes by Federal District Court Judge John Coughenour, who took his family's medical and financial problems into account in sentencing the Russian to serve far less time than the 16 years demanded by prosecutors.

Last October, Gorshkov was convicted of 20 counts of conspiracy, various computer crimes, and fraud against online banks and e-commerce operations. His co-accused, Alexey Ivanov, 20, pleaded guilty in August to similar charges along with five counts of extortion, Reuters reports. He is currently in custody, awaiting sentencing.

The circumstances surrounding the November 2000 arrests of the pair put the spotlight of FBI tactics used in the case and prompted Russia's counterintelligence service, the FSB, to take the unprecedented step of charging FBI Agent Michael Schuler with hacking.

Schuler was praised by US authorities for an elaborate ruse that resulted in the arrests of Gorshkov and Ivanov. The operation arose out of a nationwide FBI investigation into Russian computer intrusions against e-commerce sites, and online banks which identified Gorshkov and Ivanov as prime suspects.

It was suspected the pair cracked into victims' computers to steal credit card information and other financial information, prior to attempting to extort money from the victims with threats to expose the sensitive data to the public or damage the victims' systems. Gorshkov and Ivanov were also suspected of defrauding PayPal through a scheme in which stolen credit cards were used to generate cash and to pay for computer parts.

The FBI lured the two to the US by posing as representatives of the fictional 'Invita' security firm, and offering the dynamic duo good jobs if they could prove their skills.

Of course the Feds set up a box rigged with a key logger and then set the pair to work demonstrating their amazing prowess. When they accessed their machines back home, the Feds recorded the login info, and later returned to root the boxes.

Having placed the pair in handcuffs, the FBI obtained a wealth of evidence from the compromised machines.

All perfectly above-board a judge said, ruling that Russian law does not apply to the agents' actions. Russia disagreed and, anxious to assert its sovereignty, filed a complaint against Schuler to the US Department of Justice.

No further news of that as yet. The case will probably die a quiet death with some form of diplomatic compromises and vague promises from the FBI to work more closely with the Russians in future. ®

Related stories

Russians accuse FBI agent of hacking
US Feds can hack overseas boxes -- judge
FBI hacked Russian hackers
Russian Mafia uses NT flaws to raid Internet banks

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.