14 DAY TRIAL // Vladimir Drinkman, a Russian national accused of being part of a major cybercriminal ring, could be extradited to either Russia or the United States.
According to Bloomberg, Drinkman was arrested in the Netherlands in June 2012. Both Russia and the United States have filed extradition requests.
Earlier this week, a Rotterdam court ruled that both requests were admissible. The final decision lies in the hands of the Dutch minister of justice, who will decide which country Drinkman will be extradited to.
In the case of the United States, it’s clear why the government wants him. Drinkman, 33, was indicted in the US in July 2013 along with four others suspected of being involved in one of the largest data thefts in history. On the other hand, it’s uncertain why Russia wants the alleged hacker.
The group is said to have stolen financial information from a large number of major organizations, including Nasdaq, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore, and Ingenicard.
A few days ago, it came to light that the same group might also be responsible for the attack on Neiman Marcus.
Drinkman and another defendant in the case, 27-year-old Alexandr Kalinin, are said to have been specialized in gaining unauthorized access to corporate networks. Another conspirator, Roman Kotov, is said to be responsible for stealing sensitive information from the compromised systems.
Drinkman and Kalinin were first charged in 2009 in New Jersey. At the time, they were charged as “Hacker 1” and “Hacker 2.” Kalinin is still at large.
Drinkman was arrested in June 2012 in the Netherland along with another alleged member of the conspiracy, Dmitriy Smilianets. Smilianets was extradited to the United States shortly after and Bloomberg reports that he initially entered a not-guilty plea. However, court records show that he might have come to an agreement with prosecutors.
The group is said to have stolen the details of 160 million payment cards through its operations. The targeted organizations have suffered losses of hundreds of millions of dollars. In fact, just three of them reported over $300 million (€217 million) in losses.
The cybercriminals exploited SQL Injection vulnerabilities and planted pieces of malware to steal sensitive information. The stolen payment card information was sold to other individuals who distributed it through underground forums or directly to other fraudsters and organizations.
Ukrainian national Mikhail Rytikov provided members of the conspiracy with anonymous web-hosting services to help them cover their tracks.