Russian Pleads Guilty in Huge Hack

Thursday, September 17, 2015 @ 03:09 PM gHale

A Russian man pleaded guilty Tuesday to hacking payment systems of major retailers and the Nasdaq stock market, resulting in $300 million in losses.

Vladimir Drinkman, 34, pleaded guilty in New Jersey federal court to charges of conspiracy to commit wire fraud and to unauthorized access of protected computers, prosecutors said.

Trojan Suspects Arrested
Security Intern Guilty for Selling Malware
Guilty Plea in ATM Device Scam
Guilty: Darkode Member Faces 3 Years

Police arrested Drinkman in the Netherlands in 2012 and U.S. officials extradited him in February of this year.

His sentencing will be January 15, according to the Justice Department.

Drinkman stood accused of leading what officials called “the largest international hacking and data breach scheme ever prosecuted in the United States.”

“This hacking ring’s widespread attacks on American companies caused serious harm and more than $300 million in losses to people and businesses in the United States,” said Assistant Attorney General Leslie Caldwell.

The case “highlights the effectiveness of global law enforcement partnerships in the detection and dismantling of criminal enterprises targeting U.S. citizens,” said U.S. Secret Service director Joseph Clancy.

Drinkman and his co-defendants faced charges for hacking into the Nasdaq, retailers 7-Eleven, Carrefour, JC Penney and other companies, with losses estimated at more than $300 million between 2005 and 2012.

Drinkman and fellow Russian Alexandr Kalinin previously faced charges as unnamed “Hacker 1″ and “Hacker 2″ in a 2009 indictment in connection with five corporate data breaches, including the breach of Heartland Payment Systems, which at the time was the largest ever reported.

Drinkman and another Russian defendant, Dmitriy Smilianets, ended up arrested at the request of the United States while traveling in the Netherlands on June 28, 2012.

The U.S. extradited Smilianets months later and is in U.S. custody. Kalinin and two others remain at large, officials said.

U.S. officials have had little help from Russia and other Eastern European countries in extraditing accused hackers, but some success in nabbing suspects during trips to other locations.

Officials said the gang stole some 160 million credit card numbers and then sold them through online markets.

The biggest hack at the time was at Heartland, a major payment processor hit by malware that allowed thieves to steal 130 million card numbers, resulting in some $200 million in losses.

The hackers also penetrated the Dow Jones news and information service, compromising some 10,000 login credentials, according to officials.

French-based retailer Carrefour and Belgium’s Dexia bank were also among the victims, along with U.S. airline JetBlue and other retailers and financial firms.