Hack Case: Russian Pleads Not Guilty

Friday, February 20, 2015 @ 02:02 PM gHale

Two and a half years after his arrest in the Netherlands, a Russian man pleaded not guilty to 11 charges in federal court in New Jersey Tuesday, as part of the largest international hacking and data breach case ever prosecuted in the United States.

Vladimir Drinkman, 34, appeared in court in the U.S. to face the hacking and wire fraud charges for helping steal at least 160 million credit cards from major corporate networks, costing hundreds of millions of dollars.

RELATED STORIES
Silk Road Operator Guilty
Guilty Plea in ATM Skimming Plan
Accused Hacker Faces U.S. Extradition
Feds Drop Eli Lilly Espionage Case

NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa, Jordan, Global Payment, Diners Singapore, and Ingenicard were the targets of the plan, Department of Justice (DoJ) officials said.

Drinkman is one of five co-defendants in an international computer hacking conspiracy case that began as early as 2005, according to the indictment. The others include three Russians: Alexandr Kalinin, 28, Dmitriy Smilianets, 31, and Roman Kotov, 33, and one Ukrainian, Mikhail Rytikov, 27.

Law enforcement first became aware of Kalinin and Drinkman in 2009, when the two ended up charged as “Hacker 1″ and “Hacker 2″ alongside Florida resident Albert Gonzalez, 33, for the Heartland Payment Systems’ breach and four other attacks. Gonzalez is currently serving a 20-year sentence in federal prison. Similianets ended up busted in the Netherlands with Drinkman on June 28, 2012, and extradited three months later. He is in federal custody, while Kalinin, Kotov, and Rytikov remain at large.

The description of how the five co-defendants worked together provides a glimpse into the criminal networks behind the breaches.

Drinkman and Kalinin specialized in “penetrating network security and gaining access to corporate victims’ systems,” DoJ officials said.

They used SQL injection attacks to infiltrate computer networks and created “back doors” with malware to keep the systems vulnerable. Then, they waited, sometimes as long as a year, inside these companies’ systems, according to messages obtained by law enforcement officers. Kotov mined the networks for personal data by installing programs, or sniffers, to collect credit cards and other identifying information from these companies’ systems, DoJ officials said.

Smilianets then sold the stolen information to trusted resellers, who then sold the credit card dumps online or to specific customers for $10 per American credit card and $50 per European credit card. Rytikov helped the other four hide their activities through an anonymous web-hosting service.

The five communicated through encrypted chat and sometimes in person to evade law enforcement, but many chats ended up recorded, according to the indictment.

Drinkman’s trial will begin April 27, and if found guilty he faces up to 70 years in prison.



Leave a Reply

You must be logged in to post a comment.