International cybergang charged with RBS Worldpay hack

By on

International collaboration pays dividends.

Eight Eastern Europeans have been indicted in connection with the hacking of payment services provider RBS WorldPay, which netted the defendants a US$9 million windfall, prosecutors said this week.

Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and an unnamed person known as "Hacker 3" were charged by a federal grand jury in Atlanta in 16-count indictments alleging wire fraud, conspiracy to commit wire fraud, computer fraud, conspiracy to commit computer fraud, access device fraud, and aggravated identity theft.

In addition, four others from Estonia -- Igor Grudijev, 31; Ronald Tsoi, 31; Evelin Tsoi, 20, and Mihhail Jevgenov, 33 -- were indicted on access device fraud charges.

The gang evaded encryption on the network of RBS' US payment processing division to compromise prepaid payroll debit cards, prosecutors said in a statement. The defendants then raised the limits on the accounts, created 44 counterfeit cards and hired a group of "cashers" to use the cards to withdraw more than US$9 million in less than 12 hours from 2,100 cash machines across 280 cities worldwide.

Authorities said the indictment will send a message to cybercriminals that international borders do not prevent prosecutions.

"The charges brought against this highly sophisticated international hacking ring were possible only because of unprecedented international cooperation with our law enforcement partners, particularly between the United States and Estonia," U.S. Department of Justice Assistant Attorney General Lanny Breuer said in a statement. "Through our close cooperation, both nations have demonstrated our commitment to identifying sophisticated attacks on US financial networks that are directed and operated from overseas, and our commitment to bring the perpetrators to justice."

Tsurikov, Pleshchuk, Covelin and "Hacker 3" each face up to twenty years in prison for conspiracy to commit wire fraud and for each wire fraud count, up to five years for conspiracy to commit computer fraud, up to ten years for each count of computer fraud, and a mandatory two-year sentence for aggravated ID theft. In addition, they each face fines of up to US$3.5 million.

The four facing access device fraud charges face a maximum sentence of up to fifteen years and fines of up to US$250,000.

Meanwhile, police in Hong Kong have charged two individuals with using the stolen data to withdraw funds from ATMs there.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:
atm crime cyber gang hack hackers rbs security worldpay

Most Read Articles

Number of homes in NBN limbo balloons

Number of homes in NBN limbo balloons
Human Services casts doubt on Watson

Human Services casts doubt on Watson
ANZ Bank looks to DIY tech under Maile Carnegie

ANZ Bank looks to DIY tech under Maile Carnegie
Australian SKA telescope finds ancient radio signal

Australian SKA telescope finds ancient radio signal
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
Building platforms for future health and education
Building platforms for future health and education
Breach Level Index Report
Breach Level Index Report
Data Security vs Human Behaviour
Data Security vs Human Behaviour

Events

Log In

Username:
Password:
|  Forgot your password?