After stealing over nine million dollars in a sophisticated attack

Nov 11, 2009 09:51 GMT  ·  By

The gang of fraudsters who stole $9 million after hacking into the RBS WorldPay payment processor last year have been indicted by a grand jury in Atlanta, the United States Department of Justice announces. Four hackers and six cashers were charged with various counts of wire fraud, computer fraud and aggravated identity theft.

Back in December 2008, close to the winter holidays, a major US-based payment processor called RBS WorldPay announced that its network and computer systems were breached by unknown attackers. The company, which is operated by the Royal Bank of Scotland Group, said at the time that only around 100 re-loadable payroll cards had been misused and subsequently disabled.

However, what the company failed to note is that some of the compromised cards were actually used to steal a whooping nine million dollars. Not only that, but the impressive sum was withdrawn over a 24-hour period from over 2,100 ATMs located in at least 280 different cities worldwide, making this attack one of the most organized and sophisticated of its kind ever to be instrumented.

The indictment reveals that the hackers intercepted and cracked encrypted data passing through the network, after which they artificially inflated the limits of the accounts chosen as targets. The payroll card details including PIN numbers were then distributed to people across the world, known as cashers, who manufactured copies of the cards and used them on ATMs.

These co-conspirators allegedly kept between 30 and 50 percent of the money, while the rest was sent back to Sergei Tsurikov, 25, of Tallinn, Estonia, Viktor Pleshchuk, 28, of St. Petersburg, Russia, Oleg Covelin, 28, of Chisinau, Moldova, and a yet unidentified individual known only as "Hacker 3," who are named as the leaders of the gang and the hackers responsible for the breach.

Four other residents of Tallin, Estonia, in the persons of Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, were indicted in connection with this scheme for withdrawing cash using cloned cards. Two unnamed individuals were also arrested for playing a similar role in Hong Kong. However, given the scope of this operation, this is only the beginning of a very long list of co-conspirators.

"The charges brought against this highly sophisticated international hacking ring were possible only because of unprecedented international cooperation with our law enforcement partners," noted Assistant Attorney General of the Criminal Division Lanny A. Breuer. FBI Atlanta Field Office Special Agent-in-Charge Greg Jones added that this success sends "a clear message to cyber-criminals across the globe. Justice will not stop at international borders, but continue with the on-going cooperation between the FBI and other agencies."

Tsurikov, Pleshchuk, Covelin and "Hacker 3" were charged with conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud, computer fraud, access device fraud and aggravated identity theft. Each of them face a sentence of over 35 years in prison and fines up to $3.5 million dollars. Meanwhile, Grudijev, Tsois and Jevgenov, who were indicted for access device fraud, risk maximum sentences of 15 years in prison and fines of up to $250,000.