Feeds

Feds charge three in brain-ache $15m Pentagon payroll pillage plot

Alleged Ukrainian cyber bandits still at large

Securing Web Applications Made Simple and Scalable

Three men have been indicted in the US for trying to steal at least $15m by hacking into the Department of Defence's payroll service and customer accounts at 14 different financial institutions.

The US Attorney's office in New Jersey has charged two men from Kiev in Ukraine, Oleksiy Sharapka and Leonid Yanovitsky, and a third man from New York, Richard Gundersen, with conspiracy to commit wire fraud, conspiracy to commit access device fraud and identity theft and aggravated identity theft.

According to prosecutors, Sharapka led the conspiracy with the help of Yanovitsky, while Gundersen allegedly facilitated the movement of the proceeds from the hacks. The New Yorker is in custody, but both Ukrainians are currently fugitives.

The hackers were able to gain access to bank accounts of over a dozen financial institutions and businesses, including Citibank, JP Morgan Chase, PayPal, Nordstrom Bank and Veracity Payment Solutions. Once they were in, they diverted cash from the accounts to their own bank accounts or on to pre-paid debit cards.

After that, they allegedly hired crews of individuals to "cash out" the stolen money. These "cashers" withdrew the funds from ATMs and by shopping for fraudulent purchases in the US. To help do this, the men stole US identities, which could be used to file fraudulent tax returns and to transfer money to.

The men are facing a maximum potential sentence of 27 years for the charges against them as well as a maximum fine of $250,000 or twice the gross amount of the gains they made from their offences and another $500,000 for laundering the money through international wire transfers and other means. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.