Estonians help steal $9 million in 12 hours

Written by Estonia, TOP NEWS Nov 18, 2009
More then 2,100 automated teller machines in 280 cities on three continents to erroneously give $9 million to thieves.

More then 2,100 automated teller machines in 280 cities on three continents to erroneously give $9 million to thieves.

RIGA — “It was a highly sophisticated orchestrated crime plot. And unlike any we’ve ever seen before.”

This is how the FBI describes the $9 million (€6 million) heist, which took place one year ago. According to the Acting U.S. Attorney Sally Quillian Yates of the Northern District of Georgia, it’s “perhaps the most sophisticated and organized computer fraud attack ever conducted”.

On Nov. 8, 2008 more then 2,100 automated teller machines in 280 cities on three continents were used by numerous thieves in an almost simultaneous action to cash out more then $9 million. The ATMs in the United States, Canada, Italy, Hong Kong, Japan, Estonia, Russia and Ukraine were robbed over the course of 12 hours using stolen or cloned debit cards and forged personal identification numbers.

The FBI believes that the total amount could even be higher had the targeted ATMs not been drained of all their money.

The story started in Moldova when 28-year old Oleg Covelin of Chişinău discovered a major vulnerability in the computer network of RBS WorldPay — a major card processing company and the U.S. payment processing division of the Royal Bank of Scotland Group PLC, located in Atlanta.

Covelin shared his knowledge with 25-year old hacker Sergei Tsurikov of Tallinn, Estonia. According to investigators, Tsurikov exploited the security leak in the computer network and conducted further reconnaissance on the network’s vulnerability before getting in touch with 28-year old Viktor Pleshchuk of St. Petersburg, Russia.

Following an extensive one-year investigation involving the FBI, Secret Service, other federal agencies and law enforcement offices around the world prosecutors charged Covelin, Tusrikov and Pleshchuk and a fourth unnamed hacker with masterminding the digital theft earlier this month.

With the help of the other hackers, Pleshchuk broke into the electronic network system of RBS WorldPay multiple times and revers-engineered the encrypted PIN codes from the system, and raised the limits of the amount of money that could be withdrawn form the prepaid payroll debit cards. These cards are used as a substitute for the traditional paycheck and are used by companies in the United States to enable their employees to withdraw their salaries from any ATM.

To cash the money, the fourth unnamed hacker managed a network of so-called “cashiers” around the world who used a total of 44 counterfeit payroll debit cards to withdraw the total of more then $9 million..

Tsurikov distributed the fraudulent obtained debit card account numbers and PIN codes to Igor Grudijev from Estonia, who, in turn, redistributed them to the Estonian network, including Ronald Tsoi, Evelin Tsoi, and Mihhail Jevgenov. Together they withdrew funds word approximately $289,000 from ATMs in Tallinn.

During the 12-hour operation, while 2,100 money machines at 280 cities on three continents were emptied, Pleshchuk monitored the RBS Worldpay database to track the illegal withdrawals and together with his Estonian counterpart Tsurikov he destroyed files or tried to delete files on the networks computer to cover their tracks. The unnamed hacker gathered and divided the proceeds between. The cashiers received between 35 to 50 percent of the money they stole, while the rest went to the hackers.

According to the statement of the FBI, it had been a great fortune that RBS WorldPay reported the breach almost immediately, and with a great deal of international cooperation and a joint-led investigation suspected cashiers could be identified and traced in many countries, like Estonia and Hong Kong. Estonian Central Criminal Police responded immediately, and their efforts led to the identification of Tsurikov, Drudijev, the Tsois and Jegenov.

Tsurikov is in custody in Estonia on charges related to access device fraud, and his extradition to the United States is in process. Against Grudijev, the Tsois and Jevgenov access device fraud charges are pending in Estonia.

The FBI is still in cooperation agencies around the world, like the Netherlands Police Agency National Crime Squad High Tech Crime Unit and the Hong Kong Police. Resulting in the identification and arrest of two individuals in Hong Kong while investigation in the Netherlands still continues.

Pleshchuk, Tsurikov, and Covelin, along with an unidentified individual, have been indicted by a federal grand jury on charges of conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud, computer fraud, and aggravated identity theft. According the information from the Acting U.S. Attorney’s Office, they face a maximum sentence of up to 20 years for conspiracy to commit wire fraud and each wire fraud count; up to five years for conspiracy to commit computer fraud; up to five or 10 years for each count of computer fraud; a two-year mandatory minimum for aggravated identity theft; and fines up to $3.5 million dollars.

The charges against the members of the Estonian group, Grudijev, the Tsois, and Jevgenov carry a maximum of up to 15 years incarceration for each count and a fine of up to $250,000.

The indictment seeks forfeiture of over $9.4 million of proceeds of the crimes from the defendants.

Leave a Reply

CAPTCHA
*

ADVERTISEMENT

© 2010 Baltic Reports LLC. All rights reserved. -