Group Incidents

5 Arrested in relation to Blackshades2014-05-19 00:00:00 UTC

2 of the main perpetrators in the blackshades malware case and 3 customers have been arrested and charged.

24 Arrests for Operation Cardshop2012-06-26 00:00:00 UTC

Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce 24 Arrests in Eight Countries as Part of International Cyber Crime Takedown Two-Year FBI Undercover “Carding” Operation Protected Over 400,000 Potential Cyber Crime Victims and Prevented Over $205 Million in Losses
Four Israeli citizens, of whom two are former Mossad agents, were arrested by Romanian authorities after hacking into the email accounts of three family members of Laura Codruta Kovesi, Romanias chief prosecutor for the National Anticorruption Directorate DNA.
Seventeen defendants from across the United States and Europe were indicted by a federal grand jury today for allegedly conspiring to infringe the copyright of more than 5,000 computer software programs that were available through a hidden Internet site that was located at a university in Quebec, Canada, the Justice Department announced. Twelve of the defendants, including an Aurora, Ill., man, allegedly were members or leaders of an international organization of software pirates known as "Pirates with Attitudes," an underground group that disseminates stolen copies of software, including programs that are not yet commercially available. The remaining five defendants were employees of Intel Corp., four of whom allegedly supplied computer hardware to the piracy organization in exchange for obtaining access for themselves and other Intel employees to the group’s pirated software, which had a retail value in excess of $1 million. Today’s indictment is the result of an investigation that became public with the Feb. 3 arrest of the lead defendant Robin Rothberg, of North Chelmsford, Ma., who is identified as a "council" member, or leader, of PWA. The indictment was announced by Scott R. Lassar, United States Attorney for the Northern District of Illinois, and Kathleen McChesney, Special Agent-in-Charge of the Chicago Field Division of the Federal Bureau of Investigation.
In a media statement today, state CID chief SAC Dev Kumar said several raids were conducted in Batu Kawa here and Miri this weekend. At 2.25am today, he said a police team from D7 CID, state police headquarters IPK led by Insp Mohd Farid raided a premises in the Sg. Moyan Commercial Centre, Batu Kawa here. “A total of 28 computers used for online gambling were seized while seven people including the operator of the premises were arrested.” Dev said another police team from D7 CID, Miri led by Insp Koay Kok Pung conducted a raid at a premises in Senadin at 1.30am today.
The indictment alleges that, in June 2005, one or more defendants sent a spam e-mail to individuals, including a resident of Madison, Conn., which purported to be from Connecticut-based People’s Bank. The e-mail stated that the recipient’s online banking access profile had been locked and instructed recipients to click on a link to a web page where they could enter information to “unlock” their profile. The web page appeared to originate from People’s Bank, but was actually hosted on a compromised computer unrelated to People’s Bank. Any personal identifying and financial information provided by the individual would be sent by e-mail to one or more of the defendants or to a “collector” account, which was an e-mail account used to receive and collect the information obtained through phishing.
This indictment marks the second major phase in a joint two-year investigation by the Manhattan District Attorneys Identity Theft Unit and the United States Secret Service. The 173-count indictment charges that from 2001 through 2007, the defendants participated in a multi-national, internet-based criminal enterprise -- the "Western Express Cybercrime Group" - dedicated to trafficking in stolen credit card numbers and other personal identifiers. The group realized millions in illicit profits from the sale and fraudulent use of this personal data, with some members of the enterprise laundering these profits in a variety of high-tech ways. As the indictment alleges, the defendants engaged in a variety of crimes intended to make money for the participants while avoiding detection by law enforcement, including Enterprise Corruption, Grand Larceny, Money Laundering, Criminal Possession of Stolen Property, Falsifying Business Records, Criminal Possession of a Forged Instrument, Scheme to Defraud, and Conspiracy to commit the crimes of Grand Larceny and Criminal Possession of Stolen Property. The defendants created and participated in a computerized marketplace for the global trafficking of stolen credit card numbers and other stolen personal identifying information. That marketplace enabled the defendants to conduct anonymous transactions, via the internet and by other means, using sophisticated payment schemes. The payment schemes were intended to ensure that the participants in the transactions would be impossible to identify, and that the proceeds of their criminal activity could not be traced. The Western Express Cybercrime Group carried out its criminal operations through a structure consisting of "vendors," "buyers," "cybercrime services providers," and "money movers." The "vendors" were individuals who sold large volumes of stolen credit card numbers and other personal identifying information through the internet. The "buyers" used the internet to purchase that information from the "vendors," for the purpose of committing additional crimes such as larceny and identity theft. The "cybercrime services providers" promoted, facilitated, and aided in the purchase, sale and fraudulent use of stolen credit card numbers and other personal identifying information through various computer services that they provided to the "vendors" and the "buyers." Finally, other defendants operated as "money movers." Those defendants provided financial services and conducted financial transactions for other participants in the criminal enterprise in order to move funds and launder the proceeds of criminal activity. The "money movers" relied on anonymous digital currencies, such as Egold and Webmoney, to buy, sell, and launder the proceeds of criminal transactions, and conducted their business online, using websites, instant messaging, and email. Some of the defendants charged in the indictment played more than one role. Those involved in the Western Express Cybercrime Group interacted and communicated through "carding" websites - that is, websites devoted to trafficking in stolen credit card and personal identifying information. They relied on the use of nicknames, false identities, anonymous instant messenger accounts, anonymous email accounts, and anonymous digital currency accounts to conceal the existence and purpose of the criminal enterprise, to avoid detection by law enforcement and regulatory agencies, and to maintain their anonymity.
FBI agents have raided the homes of three alleged members of a hacker gang that harassed a security expert who helped put the group’s leader in jail, according to a recently unsealed search warrant affidavit. On April 17, while McGraw was in jail for the HVAC access, the government gave his attorney a copy of his colleague Fixer’s Gmail and YouTube accounts in pre-trial discovery, revealing that they had Fixer under surveillance. Three days later, McGraw phoned his sister, and in a monitored phone call told her to instruct ETA-member dev//null to post a warning note to the group’s website.
According to the Complaints, ZEZOV gained unauthorized access to the internal Bloomberg Computer System from computers located in Almaty, Kazakhstan. In or about the Spring of 1999, Bloomberg provided database services, via a system known as the "Open Bloomberg," to Kazkommerts Securities "Kazkommerts" located in Almaty, Kazakhstan. ZEZOV is employed by Kazkommerts and is one of four individuals at Kazkommerts associated with Kazkommert’s contract with Bloomberg. In addition, according to the Complaints, ZEZOV sent a number of e-mails to Michael Bloomberg, the founder and owner of Bloomberg, using the name "Alex," demanding that Bloomberg pay him $200,000 in exchange for providing information to Bloomberg concerning how ZEZOV was able to infiltrate Bloombergs computer system.
The defendants ran a diversified fraud business with numbers being sold in addition to various types of credit cards. The credit card plants the defendants ran created full cards—complete with embossing, bank and credit card logos, holograms and properly encoded magnetic stripes on the back—as well as so-called white plastic, which is just a plain card with the properly encoded magstripe.

10 Indicted for TJX carding incident2007-03-08 00:00:00 UTC

Six people were arrested in Miami for TJX attacks and a further 10 are outstanding.
Retail Hacking Ring Charged for Stealing and Distributing Credit and Debit Card Numbers from Major U.S. Retailers. What soon became known as the TJX cases the alledged criminals stole millions of credit and debit cards.
The 62-count indictment, returned by a federal grand jury in Newark, New Jersey today, alleges that the 19 individuals from across the United States and in several foreign countries conspired with others to operate “Shadowcrew,” a website with approximately 4,000 members that was dedicated to facilitating malicious computer hacking and the dissemination of stolen credit card, debit card and bank account numbers and counterfeit identification documents, such as drivers’ licenses, passports and Social Security cards. The indictment alleges a conspiracy to commit activity often referred to as “carding” - the use of account numbers and counterfeit identity documents to complete identity theft and defraud banks and retailers. The indictment is a result of a year-long investigation undertaken by the United States Secret Service, working in cooperation with the U.S. Attorney’s Office for the District of New Jersey, the Computer Crime and Intellectual Property Section of the Criminal Division of the Department of Justice, and other U.S. Attorneys’ offices and law enforcement agencies. The undercover investigation led to the arrests of 21 individuals in the United States on criminal complaints earlier this week. Additionally, several individuals were arrested in foreign countries in coordination with the domestic arrests. The indictment charges that the administrators, moderators, vendors and others involved with Shadowcrew conspired to provide stolen credit card numbers and identity documents through the Shadowcrew marketplace. The account numbers and other items were allegedly sold by approved vendors who had been granted permission to sell by operators and moderators of the Shadowcrew site after completing a review process. Shadowcrew members allegedly trafficked in at least 1.7 million stolen credit card numbers and caused total losses in excess of $4 million dollars. Victims of “carding” can include banks and credit card companies, which often suffer significant financial losses due to fraud, as well as individuals whose identities and credit histories are damaged by such identity theft.

5 indicted for open market2013-06-03 00:00:00 UTC

5 indicted for connections to carder.su
Defendants stand accused of leaking contact information of 541 police officers, along with hacking and blocking government websites in 2012
Interpol investigation into sextorion resulted in the arrest of 58 individuals, including three men linked to the group which harassed Scottish teenager Daniel Perry.
A grand jury in the Southern District of New York indicted seven Iranian individuals who were employed by two Iran-based computer companies, ITSecTeam ITSEC and Mersad Company MERSAD, that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps, on computer hacking charges related to their involvement in an extensive campaign of over 176 days of distributed denial of service DDoS attacks.
Three members of a Syrian hacker collective that hijacked the websites and social media platforms of prominent U.S. media organizations and the U.S. military were charged today in federal court with multiple conspiracies related to computer hacking. Two of the members have made their way on the american most wanted cyber criminals list.
Two dutch teenagers arrested for hacking into users instagram accounts
Gozi Virus Creator, a Russian National, Pled Guilty to Computer Intrusion Charges; Gozi Code-Writer Arrested in Latvia; and Host of Servers That Facilitated and Shielded the Distribution of Gozi and Other Viruses and Malware Arrested in Romania
5 members of the People’s Liberation Army have been accused of cyber spying on local american businesses and sending data back to china.
Nine People Charged in Largest Known Computer Hacking and Securities Fraud Scheme
Two Defendants Charged In “Email Takeover” Scam
Dutch police have arrested 10 people in the Netherlands as part of an international investigation into money-laundering through sales of the shadowy virtual currency bitcoin. Fifteen places were raided Tuesday in eight Dutch towns as part of the investigation, during which luxury cars, cash and the ingredients to make ecstasy were seized. “Bank accounts and bitcoin accounts were also seized thanks to help from the United States, Australia, Morocco and Lithuania,” the Dutch prosecution service said in a statement.

2 Arrested for dating scam2014-12-01 00:00:00 UTC

2 arrested for dating scam

2 Arrested for links to DD4BC group2016-01-12 00:00:00 UTC

Two arrests linked to DD4BC group
Eight arrested over Tyupkin ATM malware thefts across Europe
According to the police, the gang obtained bank account details of its victims, including their mobile
According to the indictment, from October 2003 through November 9, 2003, SALCEDO, BOTBYL, and TIMMINS conspired and schemed to gain unauthorized access to the nationwide computer system used by Lowe’s Companies, Inc. and, after gaining access, to download and steal credit card account numbers from that computer system. In order to carry out this scheme, the defendants secretly compromised the wireless network at a Lowe’s retail store in Southfield, Michigan, and thereby gained unauthorized access to Lowe’s Companies, Inc.’s central computer system in North Wilkesboro, North Carolina and, ultimately, to computer systems located in Lowe’s retail stores around the United States. Having gained this unauthorized access, the defendants then attempted to install and installed a computer program on the computer system of several Lowe’s retail stores, which program was designed to capture the credit card information of customers conducting transactions with those stores.
Two Charged With Cyber Harassment, Stalking A Bergen County Woman