2 Teens Busted for Hacking

Tuesday, July 3, 2018 @ 03:07 PM gHale

Two teenagers face charges for compromising accounts of loyalty program members from popular websites, Russian law enforcement officials said.

The two teens arrested compromised 700,000 accounts from companies such as PayPal, Ulmart, Biglion, KupiKupon, and Groupon, officials said. They are also said to have put 2,000 of these accounts up for sale for $5 each.

RELATED STORIES
8 Busted in Email Fraud Schemes
Ex-CIA Worker Faces Espionage Charges
MA Man Guilty in ATM Hacking
Dark Web Forum Shut Down in France

“The detainees admitted on the spot that they had earned at least 500,000 rubles. However, the real amount of damage remains to be determined,” said Group-IB officials, who helped with the investigation.

A Group-IB spokesperson said they first became aware of the two hackers in November 2015, when they carried out a large-scale dictionary attack and compromised over 120,000 accounts at a large Russian online store.

The investigators discovered the attackers “had collected compromised account information from various Internet services on hacker forums and used special programs to automatically guess passwords of accounts on the website of the online store.”

The attackers relied on people’s habit of reusing the same login/password on multiple websites. If the logins and passwords were used on the targeted websites, the hackers would access those personal accounts, officials said.

The suspects would check the accumulated bonuses on each account and would sell them on hacker forums at $5 per account or 20-30 percent of the nominal balance of the accounts. The buyers could then abuse the accounts to pay for products with the bonuses.

The hackers weren’t only selling compromised accounts, but also offered services for hijacking accounts: They would change the phone number and email on the accounts of the online store, Group-IB said.

To hide their tracks, the attackers used anonymizers, launched the attacks from different IP addresses, and also changed the digital fingerprint of the browser (User-Agent). Overall, they sent authorization requests from more than 35,000 unique IP addresses.

Investigators believe the two made over 500,000 rubles (roughly $7,900) from selling access to hijacked accounts, but police say the real amount of damage remains to be determined.

Police arrested the duo after Group-IB was able to determine their real-world identities. Russian authorities have not released the hackers’ names but said the group’s leader is a 19-year-old from the Ryazan region, while his co-conspirator is an 18-year-old from the Astrakhan region.



Leave a Reply

You must be logged in to post a comment.