Feeds

'Ringleader' of retail hacking ring was Fed informant

Bust exposes retail security shortcomings

Providing a secure and efficient Helpdesk

The alleged ringleader of a retail hacking ring was working for the Feds as an informant at the same time he was allegedly masterminding an even bigger racket.

Albert "Segvec" Gonzalez of Miami has been charged, along with ten other suspects, with hacking into nine of the networks of nine major US retailers and lifting 40 million credit and debit card numbers. Members of the retail hacking ring are charged with fraud and computer hacking offences involving raids on the networks of retailers named as TJX, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.

The TJX heist alone netted an estimated 45.7m payment cards. Either prosecutors are only charging the retail fraudsters with stealing the records there is evidence they nabbed, or another gang was also involved in the infamous cybercrime.

The attacks on the other eight retailers received little by way of publicity before the DoJ announced the unsealing of indictments in its biggest ever ID theft case on Tuesday. That so many retailers were hit using the same technique points to an underlying problem, widespread in the retailing industry.

In the case of the TJX hack, at least, the inability of older point-of-sales terminals to support anything more robust than the woefully inadequate Wired Equivalent Privacy protocol was blamed for the attack.

Wardriving and data siphoning

Gonzalez, along with fellow Miami residents and co-conspirators Christopher Scott and Damon Patrick Toey, are charged with obtaining credit card numbers by "wardriving" and hacking into the wireless computer networks of the retailers. According to court papers, the Florida-based members of a wider criminal conspiracy installed "sniffer" programs that captured card numbers along with password and account information.

The gang allegedly concealed their cache of stolen data on computer servers. Some of the stolen credit card numbers were sold online, while others were used to make counterfeit credit cards which were then used to make fraudulent cash withdrawals. Internet-based currencies and bank accounts in Eastern Europe were used to launder these funds. Investigators reckon the gang ran an international credit card theft ring with branches in Ukraine, Belarus, Estonia, China, the Philippines and Thailand.

Gonzalez was arrested by the Secret Service in 2003 for access device fraud, and was working as an informant for the feds at the time he was allegedly masterminding an even bigger racket. The extent of his alleged criminality (and double dealing) is such that prosecutors will seek a sentence of life imprisonment, if he's convicted.

Maksym "Maksik" Yastremskiy, of Kharkov, Ukraine, and Aleksandr "Jonny Hell" Suvorov, of Sillamae, Estonia are charged with fencing the stolen credit card numbers obtained by the American gang, as well as aggravated identity theft and sundry hacking offences. Yastremskiy allegedly made $11m through his criminal activities.

A DoJ statement on the case can be found here.

Dave & Busted

Gonzalez, Suvorov and Yastremskiy were charged in May 2008 with hacking into the computer systems run by the Dave & Buster's restaurant chain in a separate case. The trio allegedly stole card numbers from at least 11 locations using the same packet sniffer and wireless hacking tactics. In one location alone 5,000 credit card records were lifted, resulting in losses to banks estimated at $600,000.

Gonzalez is currently in pre-trial confinement on these charges while Suvorov and Yastremskiy were each arrested on holiday in Germany and Turkey, respectively. Each is the subject of extradition proceedings.

Other suspects in the TJX retail hacking ring indictments include Hung-Ming Chiu and Zhi Zhi Wang, both of China, someone going by the online moniker "Delpiero", Sergey Pavolvich, of Belarus, and Dzmitry Burak and Sergey Storchak, both of Ukraine. Each of the six are charged with various identity theft and trafficking in access devices offences.

These indictments are the result of a three-year undercover investigation led by the San Diego office of the US Secret Service.

More TJX suspects

These are not the first charges in the TJX case - six people were arrested in Florida in March 2007 on suspicion of using card details obtained in the TJX heist to buy gift cards at Wal-Mart and Sam's Club stores throughout Florida. The group allegedly used gift vouchers to buy high-value items including computers and widescreen TVs, taking banks for losses estimated at $8m.

Those arrested as part of the scam included Irving Escobar, then 18, Reinier Camaraza Alvarez (27), Julio Oscar Alberti (33) Dianelly Hernandez (19), Nair Zuleima Alvarez (40) and Zenia Mercedes Llorente (23). ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.