Feeds

Eight charged in $9.5m payment processor hack

Gone in 12 hours

Security for virtualized datacentres

Eight men connected to an international crime ring have been charged with hacking into Atlanta-based bank card processor RBS WorldPay and stealing more than $9m in 12 hours.

The men - from Russia, Moldova and Estonia - are accused of gaining access to the RBS computer network and retrieving payment card data as they were being processed. After raising the amount of funds available on the cards, the men dispatched cashers in 280 cities worldwide to withdraw money from automatic teller machines, according to court papers.

The 16-count indictment, filed Tuesday in Atlanta, is a major victory for federal agents pursuing one of the most brazen and profitable hacking crimes in recent memory. Four of the suspects appear to be senior members of the crime ring who helped mastermind the operation. They were charged with wire fraud, computer fraud, access device fraud aggravated identity theft, and conspiracy.

If convicted on all counts, they face a maximum of well more than 50 years in federal prison. They will also be forced to forfeit more than $9.4m in proceeds. The four were identified as Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 25, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and an individual identified only as "Hacker 3."

The four men also face a two-year mandatory minimum sentence for aggravated identity theft and fines up to $3.5 million dollars.

According to prosecutors, Covelin identified a vulnerability that made it possible to illegally access the RBS network. Between November 4 and November 8 of 2008, Tsurikov, Pleshchuk, and Hacker 3 broke into the system and "reverse engineered personal identification numbers (PINs) from the encrypted data on the RBS WorldPay computer network," according to the indictment.

In all, they obtained data for 44 payment cards, 42 of which were issued by a financial institution known as the Palm Desert National Bank. Over 12 hours on November 8, withdrawals made at more than 2,100 ATM terminals located in the US, Ukraine, Italy, Hong Kong, and elsewhere drained more than $9m from the accounts.

While the cashers removed the loot, the ringleaders logged on to the RBS system and monitored. After the the withdrawals were completed, the men tried to destroy data on the RBS network in an attempt to conceal their footprints.

Four of the men named appeared to play the role of cashers. Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, withdrew a combined $289,000 from ATMs in their home town of Tallinn, Estonia, according to court papers. They received the card data they used from Igor Grudijev, 31.

A unit of Royal Bank of Scotland, RBS WorldPay disclosed last December that a security breach the previous month had subjected 100 cards to actual fraud and may have exposed data for another 1.5 million. It also said 1.1 million social security numbers may have been accessed. The company has yet to explain how its defenses were pierced or what it has done to prevent it from happening again.

Tsurikov, Ronald Tsoi, Evelin Tsoi and Jevgenov were arrested earlier this year in Estonia and a request for extradition to the US is pending for Tsurikov.

Covelin was indicted in September in a separate alleged scheme that pilfered $4m using more than 95,000 stolen credit cards. He remains at large. The whereabouts of Pleshchuk remains unclear.

Federal authorities said the investigation was aided by strong cooperation of their counterparts around the world, particularly the Estonian Central Criminal Police. They also credited RBS for its help. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.