BusinessWeek reports that Dimitry Ivanovich Golubov, a 22-year-old Ukrainian and part-time student at Mechnikov University in Odessa, was arrested last June but the case never went to trail.
But last December, Golubov's story took a bizarre twist. Two Ukrainian politicians, including Vladimir Demekhin, deputy chairman of the Energy Committee of the Ukrainian Parliament, vouched for Golubov's character in court. The judge hearing the case released Golubov on a personal recognizance bond from the two officials.
"Chat from the carding community" indicates Golubov may be back in business, says Crabb. Golubov's lawyer, Petro Boiko, claims he isn't hiding and the charges are groundless
If this does not point at government sponsored crime then I don't know what does. The article continues to point out the distributed and cell-based nature of these electronic gangs.
The picture that emerges is of organized gangs of young, mostly Eastern European hackers who are growing ever more brazen about doing business on the Web. They meet in underground forums with names like DarkMarket.org and theftservices.com to trade tips and data and coordinate scams that span the globe.
And the following, "Consider this e-mail promoting the launch of an online trading bazaar, vendorsname.ws, last year:"
"During the battle with US Secret Service, we !@#&! all those [law enforcement] bastards and now are running a brand new, improved and the biggest carder' forum you ever seen." The message brags about its array of stolen goods: U.S. and European credit-card data, "active and wealthy" PayPal accounts, and Social Security numbers. Those who "register today" get a "bonus" choice of "one Citybank account with online access with 3K on board" or "25 credit cards with PINs for online carding."
The article continues, "A Russian-born hacker who goes by the name Shtirlitz — a sly reference to a fictional Soviet secret agent who spied on the Nazis. In real life, Shtirlitz is being investigated by the U.S. Postal Inspection Service in connection with tens of millions of dollars worth of fraud…
In one forum of CardingWorld.cc, a person with the alias iNFERNis posted this request on Dec. 23, 2005:
"Hi, I need eBay logins with mail access, please icq 271-365-234."
A few hours later, Shtirlitz replied:
"I know good vendor. ICQ me: 80-911."
Once equipped, someone could log into those eBay accounts and use them to buy goods with the owner's money, while emptying the money out of their PayPal account.
But there is no one uber-hacker mastermind sitting in a basement somewhere doing all this fraud on their own. It is a ring of hackers who colaborate to leverage each memers' special skills.
The technical tools to steal credit-card numbers and online bank account log-in data are often just as valuable as the stolen goods themselves. Smash is being investigated by the Postal Inspection Service on suspicion that he helps hackers hack.
He is believed to be an expert in building spyware programs, malicious code which can track Web surfers' keystrokes and are often hidden in corrupted Web sites and spam e-mail. U.S. enforcement officials say Smash's Russia-based company, RAT Systems, openly hawks spyware on the Web at http://www.ratsystems.org. E-mails requesting comment were not returned.
They also have it dead on with this quote:
Bank robbers rob banks because that's where the money is. For hackers, the best loot is often found inside the networks of credit-card processors, the middlemen that handle card transactions for merchants and banks.
Postal Inspection Service officials say they are investigating Roman Khoda, aka My0, on suspicion he could be connected to the theft of a million credit card numbers in recent years.
A 26-year-old Russian with a university degree in physics, Khoda once worked with the leading members of carderplanet … U.S. officials describe carderplanet as one of the largest online marketplaces used to buy and sell pilfered bank-account and card data, until it was broken up by U.S. and foreign officials in August, 2004.
Khoda and two accomplices conducted extensive due diligence on the computer networks of targets, even setting up fake companies with accounts at credit-card processors to test for holes in the system.
Instant messages viewed by officials at the National Cyber-Forensics and Training Alliance, a cybercrime intelligence unit jointly operated by the FBI and Postal Inspection Service, in partnership with universities, Khoda complains how his life would be upended if his real identity were exposed.
Update: The comments section says, "The fraud has grown up too much and there needs to be action. There are a lot of boards–not just one: ccpowerforums.com, theftservices.com, scandinaviancarding.com, cardersmarket.com, darkmarket.org, and darkpay.org. So take some action before it gets worse."