Wednesday 02 October, 2013
In July 2013, the United States government accused five men of the biggest hacking scheme ever prosecuted. The five men stole around 160 million credit card numbers and made off with over three hundred million dollars.
The hacking scheme targeted big companies and payment processors. It stole customer credit card information from J.C. Penney, Seven Eleven, Jet Blue and a number of other large companies. It even managed to steal customer login credentials from the Dow Jones and NASDAQ, a pretty spectacular feat for a hacker. NASDAQ has reported that its securities trading platform has not been compromised. The company hit hardest was Heartland Payment Systems, a credit and debit card processor based in Princeton.
How the Attacks Were Carried Out
The attacks were carried out steadily from 2005 to 2012 and possibly continued into 2013. The authorities had been pursuing the five men for years and some of the attacks had been previously reported.
The men hacked the stores’ payment systems by visiting stores and learning as much as possible about their payment processes. In some places, they would install software in the company’s computer system, essentially opening a back door through which they could collect information.
The five men reportedly each had their own specialized tasks. Two of the men hacked the networks while another one mined for data. One provided anonymous web hosting to hide the activity and the other sold and handled the money.
The five hid the activity by disabling anti-virus software in their victims’ computer systems and storing the stolen data on multiple platforms. The card numbers were sold to resellers who unloaded them either on online hacking forums or to what are known as ‘cashers.’ A casher is someone who creates new cards by encoding the number and other data onto a blank plastic card.
The data reported sold for around $10 per American card number and data, $50 per European card number and data, and $15 per Canadian card number and data.
The Cutting Edge in Cyber Crime
U. S. Attorney Paul J. Fishman said in a statement, ‘This type of crime is the cutting edge. Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security. And this case shows there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day.’
A federal court in New Jersey has indicted the five men, two of whom were in custody. Four of the defendants, Vladimir Drinkman, Aleksander Kalinin, Roman Kotov and Dmitriy Smilianets, are Russian nationals. The other, Mikhail Rytikov, is a Ukrainian national.