Last week, we announced a new series about dangerous cyber criminals who have since been brought to justice. We began with Maksym “Maksik” Yastremskiy, a carder well known for his involvement in a number of serious retail data breaches during the mid-2000s. Yastremskiy was ultimately arrested in Turkey after trying to sell stolen credit card information to an undercover Secret Service agent.
This week’s criminal knew Yastremskiy well and worked with him on a number of cyber heists. His name is Aleksandr Suvorov.
Suvorov proved integral to the Dave & Buster hack in 2007 in that he was responsible for installing a packet sniffer on the retailer’s network.
After hacker Albert Gonzalex provided him with the sniffing program, Suvorov electronically entered the Point-of-Sale (PoS) technology at Dave & Buster’s store #32 in Islandia, NY on May 18, 2007.
He did not hack the PoS servers, for he had already obtained the credentials by hacking Micros—the maker of the PoS systems used at each of Dave & Buster’s stores.
There was a little bit of a snag in that the sniffer failed to restart when employees at the store rebooted the PoS system. But Suvorov made up for it by logging into the PoS servers every couple of months and moving the existing log files to an encrypted server based in Latvia.
By September, the hacker had obtained more than 5,000 cards from the Islanida store alone, not to mention the payment information from 11 other Dave & Buster’s stores. Shortly thereafter, he sold his list of stolen information for $25,000.
It was around that time that Suvorov began working with Yastremskiy. Together, the two became highly sophisticated carders and sold tens of thousands of credit card information to interested buyers on the black market.
Yastremskiy and Suvorov were also together when they tried to sell 160,000 payment card credentials to an undercover Secret Service agent in San Diego. This would prove to be a grave mistake.
As part of an international legal effort, the German Federal Police succeeded in arresting Suvorov at an airport in Frankfurt in March of 2008. Four years later, he was sentenced to four years in a German prison.
Commenting on Suvorov’s arrest, U.S. Attorney Lynch had this to say:“Suvorov reached across an ocean to victimize thousands of Americans. That ocean was no protection from the reach of U.S. law enforcement, whose coordinated efforts put a stop to Suvorov and his cohorts’ criminal scheme. He will now serve his sentence in the country of his victims.”
- 10 Notorious Cyber Criminals Brought to Justice – No. 10
- The Ten Most Wanted Hackers By The FBI – No. 1
- The Ten Most Wanted Hackers by The FBI – No. 2
- The Ten Most Wanted Hackers by The FBI – No. 5, No. 4 and No. 3
Back by popular demand…
Hey, InfoSec Pros! We’re giving away dozens of these awesome ‘Breaching Bad’ T-shirts to some lucky Twitter followers. Make sure to follow us @TripwireInc and RT to be entered for a chance to win! Contest ends Dec. 18, 2014. Click here for Terms & Conditions.