Five Charged In Largest Hacking Scheme Ever Prosecuted In US 84
wiredmikey writes "US authorities have charged four Russians and a Ukrainian five on charges of running a global hacking operation that targeted major payment processors, retailers and financial institutions. The charges stem from hacking attacks dating back to 2005 against several global brands, including the NASDAQ exchange, 7-Eleven, JC Penney, Hannaford, Heartland, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. The men allegedly used SQL injection attacks as the initial entry point into the computer systems of global corporations. Once networks were breached, the defendants allegedly placed malware on the systems. According to the indictment (PDF), the malware used created a "back door," leaving the system vulnerable and helping the defendants maintain access to the network. The men face five years in prison for conspiracy to gain unauthorized access to computers; 30 years in prison for conspiracy to commit wire fraud; five years in prison for unauthorized access to computers; and 30 years in prison for wire fraud."
Typo? (Score:2)
"US authorities have charged four Russians and a Ukrainian five on charges of running a global hacking operation [...]
Re:Typo? (Score:5, Funny)
"But, Commies have been passing themselves off as MSNBC for years," complained the Ukrainian show.
Next: The Secret Seven (Score:2)
Re: (Score:2)
Fifth?
Re:Charges Only if You're A Citizen (Score:5, Insightful)
Your fault for Voting Republican/Democrat.
Honestly, Being in Congress should be by lottery and forced servitude. You cant get elected, it's a lottery and compulsory.. Dave Fox of 3124 Main Street, Chester,OH... YOU are the new congressional representative of your district for the next 2 years. An armed caravan will be there momentarily to pick you up.
It is the only way to keep it honest. Because voting for rich assholes is turning out to be a complete failure.
Re: (Score:2)
At that point we do it via thunderdome.... two men enter one man leaves, and is a Congresscritter for 2 years.
Plato's "Republic" tried to solve this (Score:3)
Not that anyone reads the classics any more...but Plato's "Republic" outlined a system where, the higher up one was in the political hierarchy, the more spartan their lifestyle was. The idea was to discourage people from entering politics unless their heart was truly in it.
Some of the aspects of the system were a bit totalitarian and heavy-handed, but still, it seems like it'd be a lot better than the god-awful mess we have now.
Re: (Score:2)
Wow. What a terrible dystopia you come up with. It's not easy to come up with a system worse than the current one, so... well done!
Re: (Score:2)
Dave Fox of 3124 Main Street, Chester,OH... YOU are the new congressional representative of your district for the next 2 years. An armed caravan will be there momentarily to pick you up.
And all of your assests will be liquidated and returned to you after your term, adjusted to reflect econmy performance.
Punishment out of proportions? (Score:5, Insightful)
At what point does the punishment no longer fit the crime? Sure, confiscate all the profits, bankrupt them, take all their assets and lock them up for a couple of years. But 30-40 years? For real? Why not just send them to Mars or something? Locking them up for 5 years without access to computers would ensure that when they get out their hacking skills would be so redundant they could never do it again.
Isn't the justice system supposed to be about a balance between punishment and reformation - not about revenge?
Re:Punishment out of proportions? (Score:5, Insightful)
At what point does the punishment no longer fit the crime?
When the people controlling money are making the laws.
Snowden Kickback? (Score:5, Insightful)
Re: (Score:2)
Why would they hide if they are in Russia? There is no option of extradition from Russia so they just get on with their lives. In reality they will wait a few years until they are forgotten and change their names to get a new passport in a new name and they will be free to travel etc. just like anyone else. The US likes to make out that it runs the world but it is only Europe and south America that can stop laughing when the US barks.
Re: (Score:2)
Re: (Score:2)
and you know that they are doing quiet assassinations as well.
Re: (Score:2, Informative)
How much money did they _actually_ steal or cause to get stolen/lost anyway? Compare with how much MF Global stole:
http://en.wikipedia.org/wiki/MF_Global#October_2011:_MF_Global_transfers_client_account_funds_to_its_own_account [wikipedia.org]
On October 31, 2011, MF Global reported the shortfall in customer accounts at $891,465,650 as of close of business on Friday, October 28, 2011.[19][20] According to the trustee overseeing liquidation the shortfall may be as large as $1.6 billion.[21][22][23]
As of August 16, 2012, criminal investigators had concluded charges against Corzine, or any other of MF Global's former executives or employees would be unlikely
Yeah I know 160 million credit cards works out to a lot of damage depending on how you count it, but the MF Global bunch are walking despite actually taking and losing the money.
Re: (Score:3)
What causes more economic loss to a corporation? Murder? Or attacking payment processors.
You expect crimes to be judged by humane reasons while they are judged by economic reasons.
You probably also believe that all people should be equal, but you live in a world that clearly disagrees and believes people are valued by their economic value (both possessions and influence in the economy).
In some centuries, humans will have stories about the dark ages where the humans were judged by their economic value, just
Re:Punishment out of proportions? (Score:4, Interesting)
Yeah, that's what I thought on reading the summary too. 30 years for wire fraud?
I read an interesting article in the Economist [economist.com] the other week. It suggested that countries where children are spanked tend to have populations that support harsher prison sentences.
Correlation does not imply causation and all that, but it's still an interesting theory as to why the US is so far out of step with the rest of the world on crime and punishment.
Re: (Score:1)
Fixed that for you.
Re: (Score:2)
Technically the author of the study inferred it, I'm just reporting it ;)
Re: (Score:2)
It doesn't take much research to see that gun ownership [wikipedia.org] is common in Scandanavia too, compared with the rest of the world. So in this case, it is not even a case of correlation != causation, but of a journalist making up "facts" to sell a magazine.
Re: (Score:2)
Well, the first thing I'd point out is that "Crime rates... have been falling since." is *also* true for those barbaric Americans that "beat their children". Gun ownership and prison populations not so much. And FWIW in populations in the US that are comparable to the nearly-homogeneous Scandinavian countries crime rates are pretty much the same.
It's funny, because my reaction to the story (before I read the comments) was that they should just give them the death penalty. This isn't "revenge" - it's util
Re: (Score:2)
although I've never owned a gun as I don't see the value exceeds the absolute increase in danger.
You are aware that the old studies that purported to show that gun owners are more likely to get shot than non gun-owners have been completely and thoroughly debunked, aren't you? Your statistical likelihood of being a victim of gun violence has everything to do with your lifestyle.
Re: (Score:2)
You couldn't know it, but my calculus includes a family home with teenagers (themselves a risk group IMO) as well as one adult diagnosed and medicated as a depressive (not me).
Simultaneously we live in a 99.3% white rural community of 1500 in an affluent county in Minnesota. Our risk factors being the target for a home break-in or armed robbery are about as low as anywhere in the US.
While I agree with your point ceteris paribus, there is little imminent threat and strong reasons not to own one at this time
Re: (Score:2)
You couldn't know it, but my calculus includes a family home with teenagers (themselves a risk group IMO) as well as one adult diagnosed and medicated as a depressive (not me).
Unfortunately, mine includes the same (teenagers plus one suicidal person). It just means that I keep my guns locked up.
Note that I'm not criticizing your decision, and wasn't to begin with. I just wanted to make sure you weren't basing it on incorrect information.
Re: (Score:2)
Here's another theory (Score:1)
The largest, most powerful, most expensive government AND world empire (with military bases in some 150 countries around the world) needs to justify their lucrative business. At some point in the continuous expansion of this business, they will need to leave ethics and logic in the dust, and demand "tougher" everything. Coercive authority trumps common sense, and the power elite know this better than anyone.
To simplify, there's more money to be made in a police state than a free state. That's really all the
Re: (Score:3)
That's then 30 +30 years for wire fraud and conspiracy for it.
Yes, and this is a problem with a system that allows consecutive sentencing. Obviously, the intent of setting the max to 30 years for wire fraud was to set the max to 30 years, not to set it to 60 years, but in reality, unless you operated alone, you can always be charged with conspiracy too.
And the prosecutors don't care one bit about what's "just" - they pile on anything that will stick. And the jury are in it to meter out revenge, not justice. So that leaves the judges, who are in the hand of whoever
Re: (Score:2)
I read an interesting article in the Economist the other week. It suggested that countries where children are spanked tend to have populations that support harsher prison sentences.
Sure. People stupid enough to support harsh prison sentences when it's been proven that they don't make people better people are also stupid enough to fail to understand that violence begets violence and that when you are employing violence because you are out of other options, you are a failure.
Re: (Score:2)
I was spanked as a kid, I smoke weed (and done worse drugs), I've been to jail.
Ya, I blame the spanking, not that fact that I choose to do the actions that led me to jail and smoking weed. (Sarcasm here)
While upbringing does affect who you are, when it come down to it, you choose to do shit. No one forced me to be a druggy, no one forced me to shoplift, no one forced me to sell drugs. I choose that path. And it was a crappy path and I also choose to change it. And I did.
I didn't need a 12 step progra
Re: (Score:2)
It is strange that one can be convicted for both conspiracy to commit wire fraud and for the wirefraud itself. I thought the 'conspiracy to ..' is a provision in law for when no actual crime has been commited? Otherwise you can convice everyone twice, once for conspiring, and then again for the actual thing. Conspiracy to a DUI .. and then the DUI itself. Weird line of reasoning.
Re: (Score:1)
The difference between the two charges is that conspiracy is about working with others to help plot / plan / execute the wiretapping. Basically, they're charged with wiretapping, and helping others do the same.
Re: (Score:1)
Re: (Score:2)
Of course it is. "Hackers" and copyright infringes often get more than murders and rapists while posing far less threat to society.
Something is seriously wrong.
Re: (Score:2)
Locking them up for 5 years without access to computers would ensure that when they get out their hacking skills would be so redundant they could never do it again.
I'm pretty sure the analogy to riding a bike applies to hacking. It might take a weekend to catch up on any syntax/language changes. SQL has been around for almost 40 years, and I'm pretty sure experts could catch up real quick if they were locked up in a box for the last 30.
Too bad (Score:1)
Too bad about the "ever prosecuted" qualifier or the NSA would be so eligible.
On the other hand (Score:5, Interesting)
The USA has a nasty habit of not submitting its own citizens to foreign laws but sanctions over Edward Snowden might result in Russia playing the same game. For some time Russia has been the cyber-criminal capital so sanctions would result in the USA shooting itself in the foot. Not that it would help these criminals; they were arrested in Holland.
Only 2 of the 5 apprehended (Score:1)
From the article: "Two of the five men -- Drinkman and Smilianets -- were arrested while traveling in the Netherlands last year and have been extradited to the U.S. to face charges. The other three remain at large."
I suspect that they'll go to some lengths to remain at large...
What about the bank leaks? (Score:3, Insightful)
'Someone' broke into the banking system and leaked a selection of bank transactions for places like the British Virgin Islands with a story that these are tax-haven stuff, and then leaked a much larger file, many thousand times bigger direct to UK/Aus/NZ/Can full of *everyone's* bank transactions. Why aren't we hunting for these 'crooks' who broke in and stole all this financial info?
(April 2013 Leak of bank transaction data):
http://www.guardian.co.uk/uk/2013/apr/03/offshore-secrets-offshore-tax-haven
IMHO this was NSA or GCHQ leaking emails and SWIFT data it intercepted, I worked on a system known as SEPA which is due to take over from SWIFT by next year and will secure Euro transactions from US surveillance. As soon as this leak happened it was just before a G7 meeting with the agenda of clamping down on tax havens. So it looked like lobbying fodder to force the outcome of that meeting and try to get access to SEPA.
(May 2013, G7 Nations agree to fight tax havens):
http://articles.economictimes.indiatimes.com/2013-05-11/news/39186824_1_tax-havens-transfer-pricing-rules-tax-authorities
And the Canadian Feds (and presumably the spooks too), as a result got access to the bank data:
http://business.financialpost.com/2013/05/10/tax-havens-probe-canada/
I'm guessing the NSA got a feed as part of 5 eyes:
"OTTAWA — The federal government says it will get access to relevant Canadian information stemming from a sweeping offshore tax-evasion investigation being conducted by the United Kingdom, United States and Australia."
See how it works? Collect all the info, use it as leverage to get more, leak against opponents, put friendlies in power.
Largest Hacking Scheme (Score:2)
I noticed how they qualified that with "Prosecuted in the US" since we know that the people behind the largest hacking schemes in the US will never get prosecuted.
Re: (Score:3)
"Kill one man, and you are a murderer. Kill millions, and you are a conqueror. Kill everybody, and you are a god." - Jean Rostand.
its just an excuse (Score:2)
they just wanna go to Russia so they can grab snowden in the airport on there way through
I am not a lawyer (Score:2)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
So can someone explain to me how you can be convicted of both conspiring to do wire fraud AND for doing it? Doesn't the latter cancel out the former, or do you also get convicted of conspiracy to attempt a murder, attempted murder AND murder when you kill someone?
Conspire to murder person A, attempt to murder person B and actually murder person C. Someone else can take the wire fraud analogy.
The nerve! (Score:4, Interesting)
How DARE they steal all that money before the bankers could steal it!
Hacking is irrevelant when the global economy went to shit. And the people who did THAT will never see the inside of a jail cell.
And now we spent even more finding these 'hackers'.
We are not smart...
this is related to the TJX hacks.. (Score:1)
This is going to be the foreign criminals that gonzalez was referencing when he filed his habeas corpus petition a bit back (http://www.bankinfosecurity.com/gonzalez-seeks-guilty-plea-withdrawal-a-3527). He's an unindicted co-conspirator in the indictment, and there is some overlap in the crimes for instance the heartland hacks.
we are all subjects (Score:2)
It's not about the money, it's about sending a message: Do not compete with the government. ;)
Re: (Score:1)
:)
how can you not though when they make the game too easy?
So, What Are You In For? (Score:1)
"Molesting a dead horse."
well fuck me!! (Score:2)
Re: (Score:2)
Prepared statements (Score:2)
For example. I somewhat sanitize the input from users. But I do rely on prepared statements to make SQL injection impossible. Thus if library X.3 is somehow susc
Re: (Score:3)
Given the wide range of companies targeted by this group, I'm inclined to believe that there was some bit of underlying software they all used that had a vulnerability for the hackers to exploit. Otherwise I'm not sure I believe that 5 hackers alone managed to compromise diverse systems developed independently from each other; finding SQL injection vulnerabilities is like probing for weak spots in armor, it's a very time consuming process that can't be automated (decently) and often ends in failure despite
Can get less time for robing the 7-Eleven with gun (Score:4, Funny)
Why hack 7-Eleven and get 30 years when you can do the easyer way of just going to one getting a gun out getting the cash and if you do go to lock it's likely to be state and less time.
Re: (Score:2)
Or use the Goldman Sachs ploy: Get Congress to except your chosen scheme from anti fraud, gambling and other statues. Then proceed to profit at will.
Justice of Ukraine is trying to charge the hacker (Score:2)
http://dumskaya.net/news/odessit-prinyal-uchastie-v-krupnejshej-hakerskoj-028307/ [dumskaya.net]
The alleged Ukrainian hacker claims legitimate business hosting business and right violation.
interesting (Score:4, Insightful)
Re: (Score:2)
Totally I mean look at these companies. The way they dress down their security. They're pretty much asking for it. I think the blame is 50 50 here. Also a computer's software has a way of shutting down legitimate intrusions.
Re: (Score:2)
Let it be known... (Score:2)
Obligator XKCD... (Score:1)
...about SQL injections [xkcd.com]
Why couldn't the NSA prevent this? (Score:2)
Given that the NSA has imposed a totalitarian surveillance state on us, why can't it stop these things from happening?
Sadly, the point of the NSA surveillance isn't crime prevention, it's political control.
Did the America I knew and loved ever really exist? Or were my history books just effective marketing campaigns?
Defense Attorneys (Score:1)