Hackers who stole $300 million, hacked Citibank & Nasdaq are jailed

Two Russian Hackers Charged with Running America’s Largest Credit-Card Information Hacking Campaign.

Two Russian citizens, the 37-year old Muscovites Vladimir Drinkman and 34-year old Dmitriy Smilianets have received strict sentences. Reportedly, the two Russian hackers collectively carried out what is assumed to be the largest credit-card involving hack attack in the history of United States that resulted in the loss of millions of dollars through unauthorized ATM cash withdrawal. The convicted Russians were sentenced on Wednesday; Drinkman received 12 years (144 months) in prison while Smilianets received 4.25 years (51 months).

The two men were arrested on charges of involvement in a huge cyber-attack on high-profile financial institutions including Nasdaq stock exchange and Citibank, etc., that ran between 2005 and 2012. In 2013, total five individuals namely 31-year old Alexandr Kalinin from St Petersburg; 36-year old Muscovite Roman Kotov, and 30-year old Mikhail Rytikov from Odessa along with Drinkman and Smilianets were accused on federal charges.

Two Russian Hackers Charged with Running America’s Largest Credit-Card Information Hacking Campaign.
Drinkman (left) and Smilianets (right)

The charges included among others trading of text strings after exploitation of SQL-injections flaws in the targeted firms’ websites for the purpose of stealing login credentials and similar sensitive data as well as to install malware and obtain persistent backdoor access to the victim firms’ networks.

Two out of the five accused Drinkman and Smilianets were arrested by Dutch law enforcement authorities in June 2012 while the duo was holidaying in Amsterdam. They were immediately sent to the US for trial where they were charged in the same year along with their three associated who haven’t yet been arrested. In 2015, the two Russian men pleaded guilty for their crimes.

The campaign involved hacking company networks to obtain credit and debit card information and selling the acquired data online to the highest bidders. The scammers then recouped their investments by stealing from the victim companies and their customers from across the globe in which around 160 million credit card numbers were stolen by the two Russian criminals. The stole data from credit card processors, retailers, banks and corporate entities while used the acquired money for fuelling a “robust underground market for hacked information,” stated John Cronan, acting assistant attorney general.

“While mega breaches like these continue to affect millions of individuals around the world, hackers and would-be hackers should know that the Department of Justice will use all available tools to identify, arrest, and prosecute anyone who attacks the networks on which businesses and their customers rely,” added Cronan.

The malicious campaign ran by these scammers got noted by US authorities in 2009 while they were working with US hacker Albert Gonzalez, who is already serving his term for hacking attacks on TJ Maxx and Heartland Payment Systems. Federal authorities claim that Drinkman and his fellow hacker Kalinin had immense expertise in SQL injection attacks on corporate servers that helped in stealing payment card information and sensitive personal information for exploitation in the future.

When the network was compromised, the hackers and another associate Kotov would they filter useful information through specialized software sniffing tools. Rytikov served as the ISP of this group of five; his job was to supply internet access to the group so that they remain unlogged and undetected. Sales on the Dark Web were handled by Smilianets; his job was to find potential buyers for the stolen credit card data and $50 per EU card, $15 for Canadian cards while American accounts cost around $10. The list of victim companies is quite extensive as it includes some of the big-wigs of the corporate world including the following:

“NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard.”

The total losses occurred to these firms are difficult to be aggregated but it is believed that hundreds of millions of dollars were stolen. Just three companies faced losses amounting to $300 million. According to William Fitzpatrick, acting US attorney:

“These defendants operated at the highest levels of illegal hacking and trafficking of stolen identities; they used their sophisticated computer skills to infiltrate computer networks, steal information and sell it for a profit. Perpetrators of some of the largest data breaches in history, these defendants posed a real threat to our economy, privacy, and national security, and cannot be tolerated.”

Upon release, both convicted individuals will be expelled from the US.

Featured image via DepositPhotos

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'