First Slovenia, now Estonia.
A couple of weeks ago, I wrote that the FBI, working with Spain and Slovenia, arrested three international computer virus creators. A reader wanted to know: Would they face real consequences in overseas courts?
Well, I'm not sure about those guys. But, in another international hacking case, U.S. officials announced that an Internet bad guy is facing the music here.
On Aug. 6, the FBI announced that Sergei Tsurikov, 26, of Tallinn, Estonia, had been extradited and appeared in federal court in Atlanta on charges related to wire fraud, computer fraud and identity theft. The international hacker and his ring of thieves allegedly stole more than $9.4 million from an American credit card processor in November 2008.
According to federal indictments, Tsurikov and several other suspects hacked into the computer network of RBS WorldPay -- the U.S. payment- processing division of the Royal Bank of Scotland -- in Atlanta. The group allegedly compromised the data encryption used by RBS WorldPay to protect customer data on payroll debit cards. Payroll debit cards are used by some companies to pay their employees, who can then withdraw their pay at ATMs.
The hackers allegedly raised limits on compromised accounts and then provided a network of "cashers" around the world with 44 counterfeit payroll debit cards. The cashers then withdrew more than $9 million from 2,100 ATMs in at least 280 cities, including Hong Kong as well as ones in the United States, Russia, Ukraine, Estonia, Italy, Japan and Canada.
The $9 million loss occurred in less than 12 hours.
The cashers were allowed to keep up to half the stolen funds, transmitting the rest back to Tsurikov and his co-conspirators. The feds are seeking forfeiture of more than $9.4 million from the defendants.
