one down... thousands to go

Like trafficking rings, much internet treachery falls under the protected business of organized crime.

It's that "Russian Mafia" again, Russian meaning Jewish, because the top bananas have Israeli passports, and they're safe there from the T-rex arms of the law.

rule of law! rule of law!

Rings need lots of soldiers. Guys like this.

About six months ago Alberto Gonzalez was arrested and charged with hacking something like 130+ million credit and debit card numbers.

Alberto Gonzalez, 28, from Miami, and two unnamed computer hackers, based in or near Russia, allegedly targeted 7-Eleven and other large corporations by uploading millions of customers' details from internal computer systems onto servers that worked as hacking platforms.

They allegedly breached the firewall of Heartland Payment Systems, a New Jersey-based bank card payment processor, stealing 130 million numbers. They allegedly stole 4.2 million card details from Hannaford Brothers, a Maine-based supermarket chain. An undisclosed number of card details were hacked from 7-Eleven, the Texas-based convenience store chain with outlets around the world, prosecutors said in a statement.

They men started in 2006, scouting potential victims by visiting retail stores to identify payment processing systems and their vulnerabilities, prosecutors claimed. They used malicious software known as malware and so-called injection strings to attack the computers and steal data, prosecutors said.

The suspects allegedly planned to sell the data to others who would use it to make fraudulent purchases. They tried to trade their wares with computers in New Jersey, California, Illinois, Latvia, Ukraine and the Netherlands using "sophisticated hacker techniques to cover their tracks and to avoid detection by anti-virus software used by their victims," the Justice Department said.

"These servers, located in New Jersey and around the world, were used by the coconspirators to store information critical to the hacking schemes and subsequently to launch the hacking attacks," prosecutors said.  "The scheme is believed to constitute the largest hacking and identity theft case ever prosecuted by the US Department of Justice," the statement said.
This definitely qualifies as a ring, an international crime ring in fact, and other people were also arrested in May 2008. 
The DOJ also announced charges Tuesday against Christopher Scott and Damon Patrick Toey, both of Miami. Other defendants face numerous charges in California and New York, the DOJ said. Three of the defendants are U.S. citizens, one is from Estonia, three are from Ukraine, two are from China and one is from Belarus, the DOJ said. One individual is only known by an online alias, and his place of origin is unknown. [Maksym "Maksik" Yastremskiy of Kharkov, Ukraine, Aleksandr "Jonny Hell" Suvorov of Sillamae, Estonia, Hung-Ming Chiu and Zhi Zhi Wang, both of China, and a person known only by the online nickname "Delpiero," Sergey Pavolvich of Belarus, and Dzmitry Burak and Sergey Storchak, both of Ukraine - ed.]
Gonzalez and others were allegedly able to conceal and launder their fraud proceeds by using anonymous Internet-based currencies and by channeling funds through bank accounts in Eastern Europe, the DOJ said. 

Funny how they can't find that one guy.

Also, and this might surprise you or maybe not, but:

Gonzalez was previously arrested by the Secret Service in 2003 for access device fraud. During the course of that investigation, the U.S. Secret Service discovered that Gonzalez, who was working as a confidential informant for the agency, was involved in this case, the DoJ said....These indictments and complaints are the result of a three-year undercover investigation conducted out of the San Diego Field Office of the U.S. Secret Service. 

Oh, oops.

The Secret Service was paying him $75,000 a year.

The information comes from one of Gonzalez’s best friends and convicted accomplices, Stephen Watt. Watt pleaded guilty last year to creating a sniffer program that Gonzalez used to siphon millions of credit and debit card numbers from the TJX corporate network while he was working undercover for the government.

Watt told Threat Level that Gonzalez was paid in cash, which is generally done to protect someone’s status as a confidential informant. The Secret Service said it would not comment on payments made to informants. Gonzalez’s attorney did not respond to a call for comment.

“It’s a significant amount of money to pay an informant but it’s not an outrageous amount to pay if the guy was working full time and delivering good results,” says former federal prosecutor Mark Rasch. “It’s probably the only thing he was doing — other than hacking into TJX and making millions of dollars.”
Haha, yeah aside from that...

Rasch says Gonzalez’s $75,000 is nothing compared to the million-dollar payouts some undercover informants get for high-risk, high-value cases such as Mafia investigations. But Gonzalez’s payments dwarf the meager handouts given previous computer crime informants....The Secret Service’s embrace of Gonzalez as a professional informant may have reinforced his criminal behavior. Gonzalez felt he’d been rewarded for his preoccupation with computers, according to a letter written by his sister to one of his sentencing judges.
Yes, it seems fair to conclude so.


Stephen Watt is described as a "minor participant," but prosecutors have hundreds of pages of phone and text messages to say otherwise.

Stephen Watt
Watt, a 7-foot-tall software engineer who was working for Morgan Stanley at the time the hacks occurred, pleaded guilty in December to creating a sniffing program dubbed “blabla” that Gonzalez and others allegedly used to steal millions of credit and debit card numbers from TJX and other companies. ...After Watts moved to New York, his lifestyle changed. He began experimenting with drugs and hanging out in clubs. He left Morgan Stanley in 2007 for a higher paying job at Imagine Software, developing real-time trading programs for financial firms, earning about $130,000. That is, until August 13, 2008, when authorities swooped into his work place to search the premises. Watt was promptly fired and is now banned from working in the securities industry.

You can read more about this here and here.

It's always fascinating how some people and companies manage to keep their names secret.

Admitted TJX hacker Albert Gonzalez has identified two Russian accomplices who helped him hack into numerous companies and steal more than 130 million credit and debit card numbers....The two Russian hackers, who have until now been named in court documents only as “Hacker1″ and “Hacker2″, are identified in the new memo only by their online handles “Grigg” and “Annex.” The document indicates that Gonzalez identified four credit card processors that were “under attack” by the Russian hacking team at the time of his arrest, though it does not identify the processors.


A US judge sentenced Gonzalez yesterday to two concurrent 20 year sentences.

As for the rest of the ring? No doubt they moved on long ago. Just like every other type of organized crime problem -- drugs, human trafficking, guns -- the criminals always seem to be just out of reach of those short little arms of the law.


james said...

Nice spotting and collating, AP. We'll have to start calling you "Hawk-eye".

No doubt all this info gets funneled into that Total Information Network or whatever it is called that 'doesn't exist', along with all the unencrypted payroll files that have gone 'missing' starting a few years ago.

james said...

Oh, and I love the T-rex graphic and its message. Hahaha
It reminds me of a T-shirt a friend of mine had once. On the front it read "NSW (New South Wales - Oz) Police Force". And on the back it read, "The Best Force Money Can Buy"

A. Peasant said...

yo james,

yes as i thought about the three year investigation i thought about all the people who had their data stolen and lives screwed up during that time.

bottom line we are treated like lab rats. no privacy, no compassion, no concern. we are just objects in this big game.

and yes the t-rex arms. useless, flailing little arms. you see my meaning.... ; D

legal mumbo jumbo

Disclaimer: The posting of stories, commentaries, reports, documents and links (embedded or otherwise) on this site does not in any way, shape or form, implied or otherwise, necessarily express or suggest endorsement or support of any of such posted material or parts therein.

Fair Use: This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.