In recent weeks, authorities have indicted or charged several individuals allegedly involved in cybercrime, prompting the hope that those responsible for cyber attacks, loss of sensitive personal information, and identity theft can begin to be held accountable for their actions.
In the last two weeks, the Department of Justice and U.S. attorneys in Pennsylvania, Georgia, and the District of Columbia announced the ‘dismantling’ of Darkode, a notorious online cybercrime forum. The forum allowed hackers a password-protected online venue for selling, sharing, buying, and trading stolen information as well as tricks and tools for unauthorized access to computer systems and electronic devices.
“Of the roughly 800 criminal Internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States and around the world and was the most sophisticated English-speaking forum for criminal computer hackers in the world,” said U.S. Attorney David J. Hickton. “Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable.”
The government charged 12 individuals — with online handles like Android, Phastman, Synthet!c, iserdo, and Gribodemon — from all over the world with computer fraud as the result of an FBI infiltration of the forum called Operation Shrouded Horizon. In order to join Darkode, prospective members needed to prove their hacking abilities to the rest of the criminal coterie. The forum represented a major threat to cybersecurity, according to officials.
“This is a milestone in our efforts to shut down criminals’ ability to buy, sell, and trade malware, botnets and personally identifiable information used to steal from U.S. citizens and individuals around the world,” said FBI Deputy Director Mark F. Giuliano. “Cyber criminals should not have a safe haven to shop for the tools of their trade and Operation Shrouded Horizon shows we will do all we can to disrupt their unlawful activities.”
Additional arrests
Closely following the feds’ announcement were charges against several individuals suspected of operating an illegal bitcoin trading site as well as a “pump and dump” stock trading scam. The media has linked these indictments to the J.P. Morgan Chase data breach of 2014, but the indictments themselves make no mention of the breach that exposes the personal data of 76 million households and seven million small businesses to cybercriminals. A spokesperson for the United States District Court for the Southern District of New York told Advisen that the office could not confirm any connection. However, Gery Shalon, Ziv Orenstein, and Joshua Samuel Aaron have been charged with conspiracy to commit securities fraud and accused of using international shell companies to manipulate the prices of stocks and sell them at inflated prices. Shalon and Orenstein were arrested in Israel, while Aaron has not been apprehended.
In a reportedly related case, two Florida residents, Anthony Murgio and Yuri Lebedev, were arrested for allegedly running an unlicensed bitcoin operation for money laundering purposes. The pair has ties to the still-at-large Joshua Aaron, per reports.
For law enforcement officials – and the corporations hit by cyber attacks – finding true culprits offers significant challenges. With the skill level of criminals in masking their identities and hiding behind multiple digital shields, apprehension and prosecution can take many months to achieve. However, other efforts show that indictments and arrests like those made this month can pay off. The FBI reported the sentencing of a Russian-born Massachusetts man initially known by his online name “Joga” for using stolen payment card information to buy over $650,000 of products. Alexey Svetlicnhnyy, 32, will spend 24 months in jail for buying credit and debit card data online to buy iPads, cell phones, laptops, even a Lexus.
The FBI reported, “From March 2010 to October 2013, Svetlichnyy sold the stolen consumer goods and stored value cards for more than $427,000 on eBay. Svetlichnyy and his co-conspirators then wired a portion of the criminal proceeds overseas, including to Russian bank accounts.”