From a rented flat in Malta, a Russian hacker and two accomplices are alleged to have stolen up to a million credit card numbers that were later sold on the black market, according to details of ongoing investigations being carried out by the United States Postal Inspection Service.
The Russian, 26-year-old Roman Khoda, is a seasoned hacker and has been associated with lucrative underground organisations such as Carderplanet, which was the one of the most extensive on-line marketplaces for buying and selling stolen bank account and credit card details, until it was broken up by a team of US and international officials in 2004.
The victims of the trio’s attacks were not individual credit card holders themselves but the networks of credit card processing companies that handle transactions for merchants and banks.
According to Senior Postal Inspector Gregory Crabb, who makes it his business to track down cybercriminals around the world, the ruse employed by the trio was well planned.
First they carried out an extensive due diligence analysis of processing companies’ networks and, in some cases, set up bogus companies to open accounts with the companies in order to test for holes in the systems.
Once the targets were identified, according to Mr Crabb, Khoda and his two accomplices brought their computers to a flat they rented in Malta, from where they are said to have unleashed their attacks. The hackers hid their true location by routing their attacks through proxy servers in the US, China and the Ukraine.
The details were published in this week’s edition of the American magazine Business Weekly. The numbers, names and security codes attached to credit cards are a valuable commodity with a flourishing on-line marketplace and are used to create counterfeit cards used to clean out bank accounts by withdrawing cash from automated teller machines and to make purchases.
Khoda, whose on-line identity amongst ‘carder’ circles is My0, holds a university degree in physics and once worked with the leading members of Carderplanet. According to Mr Crabb, he operates stealthily and forgoes the common hacker practice of writing their own digital signatures into the malicious code they create. At Carderplanet and other similar websites, he has left precious little evidence directly connecting him to stolen credit card data.
But the reason behind his intense privacy derives from more than a fear of being caught. In instant messages posted by Khoda, which were intercepted and seen by investigators, he complains that his life would be turned upside down were his underground activities to be revealed, adding that information about his cyberactivities could very well damage his offline, legitimate business in Russia.
Efforts to contact Mr Crabb were unsuccessful at the time of going to print.