Russian Charged in 2008 Hack of Payroll Processor

ATLANTA (CN) – A Russian whose father is a member of Russia’s parliament was arraigned Friday on federal cyberfraud charges, accused of stealing millions of dollars from an Atlanta-based credit card processing center.

The heist on RBS Worldpay took place in 2008, but a grand jury didn’t indict Roman Seleznev until December 2014.

At the time, the attack was the most sophisticated and organized computer fraud attack ever conducted. Prosecutors say Seleznev – using the name “Track2” – and a team of hackers in over 280 cities worldwide cracked RBS Worldpay’s data encryption to access customer information on payroll debit cards. The payroll debit cards were used by various companies to pay their employees, allowing the employees to withdraw their salaries from an ATM.

Accomplices known as “cashers” created counterfeit debit cards to withdraw huge amounts of money from banks across the globe. Federal authorities say that the cashers kept between 30 and 50 percent of the withdrawals before disbursing the rest of the money to the hackers.

Using the hacked banking credentials, Seleznev and his team were able to steal more than $9 million in 12 hours from 2,100 ATMs worldwide, prosecutors say.

Meanwhile, the government says Estonian national Sergei Tsurikov and another hacker monitored the fraudulent ATM withdrawals from inside the computer systems of RBS Worldplay as they were made. Afterward, the team destroyed data on the card-processing network in an attempt to conceal their activity.

Authorities suspect Seleznev made off with over $2 million from five hacked debit card numbers.

So far, the U.S. Attorney’s Office for the Northern District of Georgia has charged 14 people associated with the hack, including Russian nationals Viktor Pleschuk, Evgeniy Anikin, and Roman Seleznev; Tsurikov and fellow Estonians Igor Grudijev, Ronald Tsoi, Eveilyn Tsoi, and Mikhail Jevgenov; Moldovan national Oleg Covelin; Ukranian nationals Vladimir Valeyrich Tailar and Evgeny Levitskyy; Nigerian national Ezenwa Chukukere; American Sonya Martin; and Vladislav Horohorin, who is a citizen of Russia, Israel, and Ukraine.

The 44-count indictment charges Seleznev with numerous computer crimes as well as conspiracy, bank fraud and wire fraud.

As one of the main perpetrators of the crime, Tsurikov pleaded guilty to computer-crime charges in October 2014. He received an 11-year sentence for his role in the attack and was ordered to pay $8.4 million in restitution.

“The Secret Service worked closely with the Department of Justice and the FBI to share information and resources that ultimately brought these cyber criminals to justice,” Special Agent in Charge Kenneth Cronin of the Secret Service’s Atlanta Field Office said in a statement.  “Our longstanding role in transnational cyber investigations and network intrusions was crucial in combating this complex hacking ring and today’s arraignment proves that there is no such thing as anonymity for those engaging in data theft and fraudulent schemes.”

While his accomplices were taken into custody soon after RSB Worldpay reported the theft, Seleznev evaded capture by hiding in Russia, which does not have an extradition treaty with the United States. Authorities caught Seleznev in Maldives in July 2015 while attempting to take a family vacation at an Indian Ocean resort.

Last month, Seleznev was sentenced to 27 years in prison in the Western District of Washington state for other computer hacking crimes that caused over $169 million in damages to small businesses and financial institutions.

Seleznev also faces charges in Nevada, where federal prosecutors accuse him of conspiracy and racketeering.

The case is being investigated by the FBI and the U.S. Secret Service.

%d bloggers like this: