Feeds

TJX kingpin pleads guilty to Heartland hack

Forest Gump of cybercrime face 17 years plus

The Power of One eBook: Top reasons to choose HP BladeSystem

TJX hacking mastermind Albert Gonzalez faces a minimum of 17 years behind bars after pleading guilty to further cybercrimes.

Gonzalez, 28, of Miami, admitted hacking into the systems of card processor Heartland Payment Systems, 7-Eleven, and supermarket chain Hannaford Brothers as part of a plea bargain agreement on Tuesday. The former federal informant led a gang that exploited wireless security problems in branch offices and other security flaws to steal tens of millions of credit and debit card records.

In a plea bargain agreement, Gonzalez admitted that he maintained a cloud-based hacking service for use in credit card fraud, as an extract from a DoJ statement explains.

Gonzalez leased or otherwise controlled several servers, or "hacking platforms", and gave access to these servers to other hackers, knowing that they would use them to store malicious software, or “malware,” and launch attacks against corporate victims. Malware used against several of the corporate victims was also found on a server controlled by Gonzalez. Gonzalez tested malware by running multiple anti-virus programs in an attempt to ascertain if the programs detected the malware.

The Forrest Gump of cybercrime admitted two counts of conspiracy to gain unauthorized access to the payment card networks of Heartland et al. The admission comes after an earlier guilty plea in the TJX case. The TJX case has been bundled together with breaches of the corporate networks of BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority.

Prosecutors unsurprisingly describe the cases as the biggest ID theft crimes ever prosecuted and one of the largest data breaches case ever investigated and prosecuted in the US. Sentencing is scheduled for March 18 and 19, with defense lawyers promising to ask for no less than 17 years behind bars while prosecutors agree to request no more than 25 years in jail for Gonzalez.

Lawyers for Gonzalez previously argued that their client suffered from Asperger's Syndrome. It's unclear whether the plea bargaining agreement means that this contention is no longer relevant to the case and whether it might yet surface in mitigation arguments during sentencing. ®

Designing a Defense for Mobile Applications

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.