Alleged International Credit Card Trafficker BadB Extradited from France to the United States

June 18, 2012

The Federal Bureau of Investigation (FBI) on June 15, 2012 released the following:

“WASHINGTON— Vladislav Anatolievich Horohorin, aka “BadB,” of Moscow, an alleged international credit card trafficker thought to be one of the most prolific sellers of stolen credit card data, has been extradited from France to the United States to face criminal charges filed in the District of Columbia and in the Northern District of Georgia.

The extradition was announced today by Assistant Attorney General Lanny A. Breuer of the Justice Department’s Criminal Division, U.S. Attorney Ronald C. Machen, Jr. for the District of Columbia, U.S. Attorney Sally Quillian Yates of the Northern District of Georgia, U.S. Secret Service (USSS) Assistant Director for Investigations David J. O’Connor, and Special Agent in Charge Brian D. Lamkin of the FBI’s Atlanta Field Office.

Horohorin, 27, made his first appearance before U.S. District Judge Ellen Segal Huvelle in the District of Columbia yesterday. He was extradited to the United States on June 6, 2012, and was arraigned before U.S. Magistrate Judge Alan Kay in the District of Columbia on June 7, 2012. He was ordered detained pending trial.

“According to the indictment, Mr. Horohorin was one of the most notorious credit card traffickers in the world, transacting in stolen credit information across the globe,” said Assistant Attorney General Breuer. “Due to our strong relationships with our international law enforcement partners, we secured his extradition to the United States, where he now faces multiple criminal counts in two separate indictments. We will continue to do everything we can to bring cyber criminals to justice, including those who operate beyond our borders.”

“Our indictment alleges that this young man used his technological savvy to profit by selling stolen credit card information over the Internet on a massive scale,” said U.S. Attorney Machen. “We are pleased that he has been extradited to the United States to face these criminal charges in a District of Columbia courtroom. This prosecution demonstrates that those who try to rip off Americans from behind a computer screen across an ocean will not escape American justice.”

“The Secret Service is committed to identifying and apprehending those individuals that continue to attack American financial institutions, and we will continue to work through our international and domestic law enforcement partners in order to accomplish this,” said USSS Assistant Director O’Connor.

“International cyber criminals who target American citizens and businesses often believe they are untouchable because they are overseas,” said U.S. Attorney Yates. “But as this case demonstrates, we will work relentlessly with our law enforcement partners around the world to charge, find, and bring those criminals to justice.”

“Horohorin’s extradition to the United States demonstrates the FBI’s expertise in conducting long-term investigations into complex criminal computer intrusions, resulting in bringing the most egregious cyber criminals to justice, even from foreign shores,” said Special Agent in Charge Lamkin. “The combined efforts of law enforcement agencies to include our international partners around the world will ensure this trend continues.”

Horohorin was indicted by a federal grand jury in the District of Columbia in November 2009 on charges of access device fraud and aggravated identity theft. In a separate investigation, a federal grand jury in the Northern District of Georgia returned a superseding indictment against Horohorin in August 2010, charging him with conspiracy to commit wire fraud, wire fraud, and access device fraud. In August 2010, French law enforcement authorities, working with the U.S. Secret Service, identified Horohorin in Nice, France, and arrested him as he was attempting to board a flight to return to Moscow.

According to the indictment filed in the District of Columbia, Horohorin was the subject of an undercover investigation by USSS agents. Horohorin, who is a citizen of Israel, Russia, and Ukraine, allegedly used online criminal forums such as “CarderPlanet” and “carder.su” to sell stolen credit card information, known as “dumps,” to online purchasers around the world. According to the indictment, Horohorin, using the online name “BadB,” advertised the availability of stolen credit card information through these web forums and directed purchasers to create accounts at “dumps.name,” a fully-automated dumps vending website operated by Horohorin and hosted outside the United States. The website was designed to assist in the exchange of funds for the stolen credit card information. Horohorin allegedly directed buyers to fund their “dumps.name” accounts using funds transferred by services including “Webmoney,” an online currency service hosted in Russia. The purchaser would then access the “dumps.name” website and select the desired stolen credit card data. Using an online undercover identity, USSS agents negotiated the sale of numerous stolen credit card dumps.

According to the indictment filed in the Northern District of Georgia, Horohorin was one of the lead cashers in an elaborate scheme in which 44 counterfeit payroll debit cards were used to withdraw more than $9 million from over 2,100 ATMs in at least 280 cities worldwide in a span of less than 12 hours. Computer hackers broke into a credit card processor located in the Atlanta area, stole debit card account numbers, and raised the balances and withdrawal limits on those accounts while distributing the account numbers and PINs to lead cashers, like Hororhorin, around the world.

Horohorin faces a maximum penalty of 10 years in prison for each count of access device fraud, 20 years in prison for each count of conspiracy to commit wire fraud and wire fraud, and a statutory consecutive penalty of two years in prison for the aggravated identity theft count.

The charges in the indictments are merely allegations and a defendant is presumed innocent until proven guilty.

The District of Columbia case is being prosecuted by Trial Attorneys Carol Sipperly, Ethan Arenson and Corbin Weiss of the Computer Crime and Intellectual Property Section (CCIPS) in the Justice Department’s Criminal Division. Weiss also serves as a Special Assistant U.S. Attorney for the District of Columbia. The District of Columbia case is being investigated by USSS. Key assistance was provided by the French Police Nationale Aux Frontiers and the Netherlands Police Agency National Crime Squad High Tech Crime Unit. The FBI Atlanta Field Office provided information helpful to the investigation.

The Northern District of Georgia case is being prosecuted by Assistant U.S. Attorneys Nick Oldham and Lawrence R. Sommerfeld and Trial Attorney Sipperly of CCIPS. The Atlanta case is being investigated by the FBI. Assistance was provided by numerous law enforcement partners. U.S. Secret Service provided information helpful to the investigation.

The Office of International Affairs in the Justice Department’s Criminal Division provided invaluable assistance.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
International Extradition Lawyers Videos:

International Extradition – When the FBI Seeks Extradition

International Extradition – Wire Transfer – Email – Telephone Call

————————————————————–

We previously discussed the extradition treaty between the United States and France here.

————————————————————–

To find additional global criminal news, please read The Global Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition Defense, OFAC SDN Sanctions Removal, International Criminal Court Defense, and US Seizure of Non-Resident, Foreign-Owned Assets. Because we have experience dealing with INTERPOL, our firm understands the inter-relationship that INTERPOL’s “Red Notice” brings to this equation.

The author of this blog is Douglas C. McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

————————————————————–

International criminal defense questions, but want to be anonymous?

Free Skype Tel: +1.202.470.3427, OR

Free Skype call:

           Office Locations

Email:


Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce Extradition of Russian Citizen to Face Charges for International Cyber Crimes

January 17, 2012

The Federal Bureau of Investigation (FBI) on January 17, 2012 released the following:

“Nine-Count Indictment Charges Defendants with Stealing Personal and Financial Information and Stock Market Manipulation

Preet Bharara, the United States Attorney for the Southern District of New York, and Janice K. Fedarcyk, the Assistant Director in Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced today the unsealing of a nine-count indictment charging VLADIMIR ZDOROVENIN and his son, KIRILL ZDOROVENIN, two Russian citizens, with conspiracy, mail fraud, wire fraud, computer fraud, aggravated identity theft, and securities fraud. They were indicted under seal in May 2007. VLADIMIR ZDOROVENIN was apprehended on March 27, 2011, in Zurich, Switzerland, and arrived in New York yesterday following his extradition by Swiss authorities. He will be presented and arraigned before U.S. Magistrate Judge Gabriel W. Gorenstein in Manhattan federal court later today. KIRILL ZDOROVENIN remains at large.

Manhattan U.S. Attorney Preet Bharara said: “Cyber crime is a pandemic that makes geography meaningless. From far away, with the click of a mouse, the cyber criminal can victimize millions of people in the U.S. As alleged, Vladimir Zdorovenin and his son did exactly that; they engaged in serial cyber crimes in Russia that targeted Americans and wrought havoc with their personal and financial information, using it to make phony purchases and to manipulate stock prices. As the unsealing of today’s Indictment demonstrates, we will reach out across the globe, and wait as long as it takes to bring cyber criminals to justice.”

FBI Assistant Director in Charge Janice K. Fedarcyk stated: “Mr. Zdorovenin’s egregious behavior illustrated the true colors of the cyber underground, as he and his son allegedly defrauded consumers of hundreds of thousands of dollars using methods that included compromised credit cards, all fronted through fictitious companies they had created. In addition, Zdorovenin allegedly installed malware to access victims’ brokerage accounts, trading victims’ securities and manipulating the price of stocks Zdorovenin already owned. This should serve as a stark reminder to anyone who believes he can commit cyber crime and hide behind the safety and anonymity of a Russian IP address; you are not beyond the reach of the FBI.”

According to the indictment unsealed today in Manhattan federal court:

At various times between 2004 and 2005, VLADIMIR ZDOROVENIN and his son KIRILL ZDOROVENIN allegedly engaged in a series of crimes in Russia that victimized citizens of the United States through the use of stolen credit card information, multiple phony websites, and bank accounts in Russia and Latvia. Specifically, the indictment alleges that the ZDOROVENINs stole victims’ personal identification information, including credit card numbers, through the use of computer programs that were surreptitiously installed on victims’ computers and that recorded the information as it was entered. The ZDOROVENINs also allegedly purchased stolen credit card numbers from other individuals, and used the stolen credit card information to make what appeared to be legitimate purchases of goods from various Internet businesses that they ran. However, as alleged, the purchases were fraudulent and were used as a means of deceiving banks, credit card service processors, credit card holders, and others, thereby enabling the ZDOROVENINS to steal the money they directed to their websites.

Additionally, as alleged in the indictment, the ZDOROVENINs, used the Internet to unlawfully access the financial services accounts of victims located in the United States and then transferred or attempted to transfer hundreds of thousands of dollars from those accounts to bank accounts under the ZDOROVENINs’ control. Finally, the Indictment charges that after taking over victims’ online brokerage accounts, the ZDOROVENINs bought and sold thousands of shares of certain companies’ stock in an effort to manipulate the prices of those stocks. The ZDOROVENINs allegedly realized profits through this scheme by simultaneously purchasing or selling shares of the same stocks through their own online brokerage account, maintained in the name of Rim Investment Management, Ltd.

* * *

VLADIMIR ZDOROVENIN, 54, of Moscow, Russia, faces a maximum sentence of 142 years in prison in connection with the charges in the indictment. The case has been assigned to U.S. District Judge Paul G. Gardephe.

Mr. Bharara praised the outstanding investigative work of the FBI. He also thanked the Office of International Affairs in the U.S. Department of Justice’s Criminal Division for its assistance with the extradition.

This case is being handled by the Office’s Complex Frauds Unit. Assistant U.S. Attorneys James J. Pastore, Jr. and Thomas G.A. Brown are in charge of the prosecution.

The charge and allegations contained in the Indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
International Extradition Lawyers Videos:

International Extradition – When the FBI Seeks Extradition

International Extradition – Wire Transfer – Email – Telephone Call

————————————————————–

To find additional global criminal news, please read The Global Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.


U.S. Extradites Man from Czech Republic; Alleged Creator of International Identity Theft Website

September 22, 2010

Preet Bharara, the United States Attorney for the Southern District of New York, announced today the extradition of Dmitry M. Naskovets—creator and operator of CallService.biz, an online business that allegedly assisted over 2,000 identity thieves in over 5,000 instances of fraud—from the Czech Republic on charges of conspiracy to commit wire fraud, conspiracy to commit credit card fraud, and aggravated identity theft. Naskovets, 26, consented to extradition and arrived in the Southern District of New York late Friday. He was presented today in Manhattan federal court before U.S. Magistrate Judge Michael H. Dolinger.

According to the indictment filed in Manhattan federal court:

Allegedly, in June 2007, Naskovets, a Belarusian national, and coconspirator Sergey Semashko, also a Belarusian national who is charged by the Belarusians, created CallService.biz (the “website”), an online business that allegedly intended to assist identity thieves in exploiting stolen financial information, such as credit card and debit card numbers. Supposedly the website was, among other things, designed to counteract security measures put in place by financial institutions. These security measures, for example, require persons seeking to make transfers or withdrawals from accounts, or to conduct other financial transactions to verify by telephone certain information associated with the account. Businesses that accept online or telephone purchases by credit card have similar security measures. Representatives at such financial institutions and businesses are trained to make sure that persons purporting over the telephone to be account holders appear to fit the account holder’s profile. For example, if an account holder is an American female, the screener is supposed to make sure that the caller speaks English, and does in fact sound like a female.

Through the website, Naskovets and Semashko, in exchange for a fee, allegedly provided the services of English- and German-speaking individuals to persons who had stolen account and biographical information to beat the above-described security screening processes. Allegedly, those English and German speakers would, among other things, pose as authorized account holders and place telephone calls to financial institutions and other businesses to conduct or confirm fraudulent withdrawals, transactions, or other account activity on behalf of the website users who were identity thieves. Using information provided by the identity thieves over the website, which was hosted on a computer in Lithuania, the fraudulent callers would, among other things, confirm unauthorized withdrawals or transfers from bank accounts, unblock accounts, or change the address or phone number associated with an account so that it could be accessed by the identity thieves.

The website allegedly posted advertisements for its services on other websites used by identity thieves, including CardingWorld.cc, which was operated by Semashko. The advertisements boasted that the website had “over 2090 people working with” it and had “done over 5400 confirmation calls” to banks, referencing calls to defeat security screening procedures and confirm or conduct fraudulent transactions, as described above.

Naskovets was arrested by Czech enforcement authorities on April 15, 2010, at the request of the United States. Also on April 15, 2010, in a joint operation, Belarusian law enforcement authorities arrested Semashko in Belarus and Lithuanian law enforcement authorities seized the computers on which the website was hosted. Belarusian authorities also arrested additional co-conspirators for related criminal conduct. In addition, the New York Office of the Federal Bureau of Investigation (“FBI”) simultaneously seized the website domain name pursuant to a seizure warrant issued by U.S. District Judge Lewis A. Kaplan, to whom the criminal case is also assigned.

The indictment charges Naskovets with one count of conspiracy to commit wire fraud, one count of conspiracy to commit access device fraud, and one count of aggravated identity theft. If convicted on all three counts, Naskovets faces a maximum sentence of 39 and one-half years in prison.

Douglas McNabb and other members of the firm practice and write extensively on matters involving Federal Criminal Defense, Interpol Litigation, International Extradition and OFAC Litigation.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

Bookmark and Share


Alleged International Credit Card Trafficker Arrested in France

August 12, 2010

An alleged international credit card trafficker was arrested in Nice, France, on August 7, 2010, on charges in an indictment unsealed today in U.S. District Court in the District of Columbia, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division, U.S. Attorney Ronald C. Machen Jr. for the District of Columbia, and U.S. Secret Service Assistant Director for Investigations Michael Merritt.

Vladislav Anatolievich Horohorin, 27, aka “BadB” of Moscow, Russia, was indicted by a federal grand jury in November 2009 on charges of access device fraud and aggravated identity theft. The indictment was unsealed today, following Horohorin’s arrest by French authorities during the weekend.

According to the indictment, Horohorin was the subject of an undercover investigation by U.S. Secret Service agents. Horohorin, who is a citizen of Israel and the Ukraine, allegedly used online criminal forums such as “CarderPlanet” and “carder.su” to sell stolen credit card information, known as “dumps,” to online purchasers around the world. According to the indictment, Horohorin, using the online name “BadB,” advertised the availability of stolen credit card information through these web forums, and directed purchasers to create accounts at “dumps.name,” a fully-automated dumps vending website operated by Horohorin and hosted outside the United States. The website was designed to assist in the exchange of funds for the stolen credit card information. Horohorin allegedly directed buyers to fund their “dumps.name” account using funds transferred by services including “Webmoney,” an online currency service hosted in Russia. The purchaser would then access the “dumps.name” website and select the desired stolen credit card data. Using an online undercover identity, U.S. Secret Service agents negotiated the sale of numerous stolen credit card dumps.

French law enforcement authorities, working with the U.S. Secret Service, identified Horohorin in Nice, France, as he was attempting to board a flight to return to Moscow. Horohorin was arrested by French authorities on a provisional arrest warrant based upon the U.S. charges. He is currently being detained in France pending extradition to the United States.

The U.S. recently extradited an alleged computer hacker from Estonia. It will be interesting to follow these cases and see how the government is able to trace the internet activity to these specific individuals. With the intricacies of technology, you would think that it is close to impossible to prove that one individual was behind such allegations. It would also be interesting to see what exactly the government must show to get a grand jury indictment on these charges, especially since they don’t have to present any evidence to the grand jury.

Horohorin faces a maximum penalty of 10 years in prison and a $250,000 fine on the count of access device fraud. Horohorin is also charged with one count of aggravated identify theft, which carries a statutory consecutive penalty of two years in prison and a fine of up to $250,000.

Douglas McNabb and other members of the firm practice and write extensively on matters involving Federal Criminal Defense, Interpol Litigation, International Extradition and OFAC Litigation.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

Bookmark and Share


U.S. Extradites International Hacker; More Extraditions to Follow

August 9, 2010

In November 2008, a group of international hackers allegedly infiltrated the computer network of a major financial services company in what authorities describe as one of the most sophisticated attacks ever concocted.

Around the time Barack Obama was securing his White House win, the hackers allegedly entered RBS WorldPay servers, accessed prepaid payroll card numbers, cracked their encrypted PIN codes, raised the balances on the cards and distributed dozens of them to a team of people around the world.

It is further alleged that in the span of 12 hours around Nov. 8 of that year, the group hit 2,100 ATM terminals in 280 cities spanning the world, from the United States to Russia to Italy to Japan. Prosecutors say they withdrew $9 million — a haul that rivals 1,000 typical bank robberies in the United States.

Despite the technical and international challenges of the case, U.S. investigators believe they were able to trace the scheme back to its origin. On Friday they brought one of the accused ringleaders from Estonia to Atlanta to face arraignment on several fraud charges — a rare appearance in U.S. courts for an accused international hacker.

Sergei Tsurikov, 26, of Tallinn, Estonia, pleaded not guilty at his arraignment to conspiracy to commit computer fraud, computer fraud, conspiracy to commit wire fraud, wire fraud and aggravated identity theft.

With such an increasing need for cyber defenses, the FBI has ramped up its focus, training some 900 agents in how to handle such crimes. In the RBS case, they sent a group of FBI experts to Atlanta, where RBS is based, to investigate.

While U.S. authorities have been able to crack down on cyber crimes originating in the United states, the FBI has had to increasingly rely on foreign partners to restrict attacks coming from overseas, in places like Egypt, Turkey and Hong Kong. Estonia assisted in both the investigation and extradition in the hacker case.

Tsurikov was indicted last year in the case along with Viktor Pleshchuk of St. Petersburg, Russia, Covelin of Chisinau, Moldova, and three others from Estonia. The three leading suspects have been convicted in Estonia. In the United States they face up to 20 years in prison for wire fraud charges and between 5 and 10 years for computer fraud charges.

Tsurikov is the first to face his U.S. charges. Officials said extradition of the others is in progress.

Douglas McNabb and other members of the firm practice and write extensively on matters involving Federal Criminal Defense, Interpol Litigation, International Extradition and OFAC Litigation.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

Bookmark and Share