Slashdot Mirror

← Back to Stories (view on slashdot.org)

36 Indicted in Global Cybercrime Ring That Stole $530M (go.com)

Posted by msmash on from the justice-served dept.

U.S. prosecutors say 36 people have been indicted in connection with an international cybercrime ring that bought and sold stolen credit card information, leading to losses of more than $530 million. From a report: The Justice Department says Wednesday that the so-called Infraud Organization dealt in the large-scale acquisition and sale of stolen identities, credit card information and malware. Deputy Assistant Attorney General David Rybicki says it was "truly the premier one-stop shop for cybercriminals worldwide." He says the organization used an online forum on the dark web to sell financial and personal information. Investigators believe the organization's nearly 11,000 members targeted more than 4.3 million credit cards and bank accounts.

18 of 40 comments (clear)

  1. Learn for it! by Murdoch5 · · Score: 4, Interesting

    This should show everyone how much security and validation is lacking in almost every aspect of our lives. The best thing to do, is to learn from what happened and evolve systems that can deal with the real threats. When security legs behind, you get scenarios such as this!

    1. Re:Learn for it! by geekmux · · Score: 2, Insightful

      This should show everyone how much security and validation is lacking in almost every aspect of our lives. The best thing to do, is to learn from what happened and evolve systems that can deal with the real threats. When security legs behind, you get scenarios such as this!

      The first step to make systems more secure, is to punish those who have made them insecure.

      When punishment lags behind, you see these scenarios happen over and over and over again, because organizations and the people who lead them do not give a shit enough to invest in fixing the problem.

    2. Re:Learn for it! by xvan · · Score: 1

      Why the need for punishment?
      As long as the CC companies take the burden of fraud losses, they can keep the shitty system if it makes financial sense for them.

    3. Re:Learn for it! by Murdoch5 · · Score: 1

      Punishing those who exploit the holes, doesn't solve the problem.

    4. Re:Learn for it! by Enigma2175 · · Score: 1

      Sure, that works fine for credit cards but the whole financial industry has shitty security when it comes to authenticating users. When someone takes out a loan in my name using information obtained from the Equifax breach (a company with whom I have no business relationship), what is my recourse? It's not like I can choose to patronize another company. Perhaps if companies were punished for such breaches then they would pay more attention to security.

      --

      Enigma

    5. Re:Learn for it! by geekmux · · Score: 1

      Punishing those who exploit the holes, doesn't solve the problem.

      I said punish those who make the systems insecure in the first place. I'm talking about leaders of organizations who don't give a shit about investing in proper security, to include hiring properly trained staff and recognizing that a CSO has every right to tell even the CEO no if the situation demands it. And that CEO should fucking respect that justified decision.

      A lack of priority and respect for security is why we continue to have these discussions over and over and over again.

    6. Re:Learn for it! by Murdoch5 · · Score: 1

      Fair enough and I totally agree. It's not just on the CSO, it's also on the CTO and I've seen FAR to many massively unqualified CTO's, who I wouldn't let watch a VTech kids notebook.

    7. Re:Learn for it! by mjwx · · Score: 1

      This should show everyone how much security and validation is lacking in almost every aspect of our lives. The best thing to do, is to learn from what happened and evolve systems that can deal with the real threats. When security legs behind, you get scenarios such as this!

      Ooooh, and a unicorn. I'd also like a unicorn.

      We have many simple ways to secure money in our lives like one time passcodes which will eliminate most card fraud. The problem is that it will reduce credit card usage as people will find cash less annoying than having to enter a passcode to buy something online. Given that credit card companies and banks make money from transactions (they take it from the merchant and threaten the merchant with lawyers if they tell you about it) a drop in usage is a significant drop in profit. Right now they're making significantly more than they're losing in fraud (which is an excuse to put fees up, for you and the merchant).

      Even now with contactless cards, I have an app on my Android phone that can get your card number, name and expiry date (everything I need to do an online transaction) just by waving my phone near your cards. Security researchers demonstrated this in 2012, have banks done anything? Hell no, I'm willing to bet that most card numbers harvested now are via contactless.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    8. Re:Learn for it! by Murdoch5 · · Score: 1

      I can't speak for the general public, but I always disable "flash" or "tap" on my cards. If I don't have to enter a passcode to use my card, then I shouldn't be using it.

  2. Motivation... by Oswald+McWeany · · Score: 3, Interesting

    There have been studies in the past to see what motivates people to NOT break the law.

    To prevent people breaking the law, raising the sentence or the punishment tends to have little impact. What does have impact is raising the chance that you will get caught. You can hand out life sentences for people stealing candy bars and it would prevent fewer people stealing them than if you embedded a security chip into the wrapper or had a policeman standing next to the candy bar at all times watching it.

    Punishment doesn't deter people- chance of getting caught does.

    This is the problem with cybercrime. You can put any punishment on committing a crime and it won't stop many people doing it because; cyber criminals know there is almost no chance they will ever get caught. Cybercrime is only going to get worse because there isn't an effective way to police it; so people need to be increasingly vigilant about security.

    --
    "That's the way to do it" - Punch
    1. Re:Motivation... by Oswald+McWeany · · Score: 1

      So by your logic, if we caught every criminal and then gave them a stern warning, that would deter all crime... That makes no sense.

      The truth is that serious penalties combined with a high likelihood of getting caught are what deters crime. Additionally, life sentences and death penalties eliminate RECIDIVISM which at least in the US pushes above 70% in 5 years, meaning we could significantly reduce crime rates with more life sentences for serious crimes.

      I'm not saying that. But if we caught every criminal and gave them one year in jail it would deter a lot more than if we only caught 5% of them- and gave them life sentences.

      --
      "That's the way to do it" - Punch
    2. Re:Motivation... by Anonymous Coward · · Score: 1

      The best prevention is warning them that their mom will find out.
      Works every time! Why do we even have prisons?

    3. Re: Motivation... by ScentCone · · Score: 1

      So, what you're saying is that you can't actually refute anything he's saying, so you're going to act like a whiny little anonymous child coward ... but one who actually agrees with what he says, since you're unable to refute it.

      --
      Don't disappoint your bird dog. Go to the range.
  3. 16 out of 11,000 members? by Bratch · · Score: 1

    Only 16 out of nearly 11,000 members? I guess it's a start, but they still have a long way to go.

    --
    Beware of the Redittor who loans you a Sharpie.
  4. What a shame by Lucas123 · · Score: 1

    Thirty-six people were indicted out of 11,000 who stole more than half billion dollars. The lack of morality among these thousands of criminals is shocking. "In Fraud We Trust" is their motto. I wish every single one of them could see time behind bars.

    1. Re:What a shame by xvan · · Score: 1

      Those 11000 were "clients" purchasing the CC numbers, not the one suppliers.

    2. Re:What a shame by xvan · · Score: 1

      And 11000 was, probably, the number of accounts. Ie, not every ebay user has done at least one transaction,

  5. Crime by odin24seven1774 · · Score: 1

    It's only a crime cause we say it's a crime. First you make the criminal then punish the criminal. I would like to know if they are out side of the US. If they are then it would only be a crime if the country there in has laws against what they did. I for one don't give a shit about crimes against Non people. If it doesn't heart the individual then I'm all for it. It's only crimes against people that bother me. We have let the corporate world take over the world and tell us how to act and think we are all sheep. I hope one day the many people of the earth will take it back from the few that are controlling US ALL. Peace