Heartland hack: Russian bloke coughs to role in 160m credit card theft
Vladimir Drinkman swallows medicine, awaits sentencing
The US Department of Justice says a Russian national, Vladimir Drinkman, has just coughed to being part of a ring that compromised as many as 160 million credit cards two years ago.
Drinkman was one of five people charged in 2013 over the mass breach, in which they breached card security at names like NASDAQ, 7-Eleven, and Dow Jones.
Just three of the targets suffered losses amounting to US$300 million, the original indictment said.
Now, the Department of Justice has released a statement saying that Drinkman has entered a guilty plea to one count of unauthorised computer access, and one count of conspiracy to commit wire fraud.
Drinkman was a particularly valuable scalp in the case. The DoJ's statement alleges that he and Alexandr Kalinin specialised in getting access to target networks. Drinkman and a third member of the gang, Roman Kotov, would work together to mine the networks for credit card data, with Mikhail Rytikov allegedly providing their anonymous webhost and the fifth member, Dmitriy Smilianets, accused of selling the data and distributing the proceeds.
As well as the companies listed above, the group's targets included Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Euronet, Visa Jordan, Global Payment, Diners Singapore, and Ingenicard.
The group's long program of intrusion and data theft dates back to 2008, with the first arrests, over the Heartland Payment Systems attack, resulting in American Albert Gonzalez copping a 20-year sentence in 2010.
The DoJ statement says the attackers used SQL injection to gain entry to systems, and used that access to drop malware on targets, thereby creating the backdoor that yielded them credit card data.
Drinkman, arrested in 2012 in The Netherlands, was extradited to the US earlier this year, and will be sentenced in January 2016. ®