14 DAY TRIAL // Viktor Pleshchuk, one of the hackers indicted last year in the RBS WorldPay cyberheist case, was arrested by authorities in Russia. The Financial Times reports that he was apprehended along with several other suspects by the Federal Security Service of the Russian Federation (FSB).
RBS WorldPay is a large payment processing service operated by The Royal Bank of Scotland Group. In December 2008, the US branch of the business operation announced that its computer network had been breached by unknown hackers who stole financial and personal information about its customers.
Even though only around 44 re-loadable payroll cards were compromised, the incident turned into one of the largest computer fraud attacks in history. A total of over $9 million were withdrawn with cloned copies of the compromised cards from more than 2,100 ATMs in 280 cities worldwide during the course of only 12 hours.
Sergei Tsurikov, 25, of Tallinn, Estonia, Viktor Pleshchuk, 28, of St. Petersburg, Russia, Oleg Covelin, 28, of Chisinau, Moldova, and a fourth unidentified hacker were indicted last November in Atlanta, for masterminding the complex hit. Sergei Tsurikov was later apprehended by Estonian authorities and is currently awaiting extradition to face the charges in United States.
The arrest of Viktor Pleshchuk came after unprecedented levels of cooperation between the FBI and their Russian counterparts, the FSB, after years of unsuccessful attempts of bringing other Russian cybercriminals to justice. If trialed in U.S., the hacker would face a maximum sentence of 35 years in prison and a fine of up to $3.5 million dollars, but at best, authorities can hope for him to serve a fitting sentence in his home country. This is because Russia's fundamental law prohibits the extradition of its own citizens to other countries.
U.S. prosecutors see the Russian hacker's role instrumental to the whole operation. According to the indictment, he and Tsurikov were the only ones to reverse engineer encrypted PIN numbers and distribute them to the hired cashers (money mules). He was also in charge with artificially inflating the cards' withdrawal limits, which ultimately allowed the fraudsters to walk off with such a large amount of cash.