(CNN) In 2007, Ukrainian Maksym Yastremsky was the most
prolific credit card hacker in the world. He'd stolen over 40 million cards
from mostly U.S.-based retailers. He'd cost credit card companies over $11
million.
In 2008 he was arrested in Turkey
Flashback to 2004, when the Secret Service -- which
handles currency crimes -- got wind of a criminal ring using stolen credit
cards to buy high end electronics in the Los
Angeles
Rather than bust the ring outright, they struck a deal.
The ring leader would introduce an undercover Secret Service agent to the
source of his stolen credit cards under the guise that the agent was a new
partner in the criminal ring. Naturally, the idea was to move up the food
chain, and ultimately nab the cyber criminals at the heart of the hacking
underworld.
"So what I ended up doing was communicating via
instant message and I started talking to people in South
East Asia ," said the undercover agent, in an exclusive
interview with CNN.
Related: Target to invest in chip-based cards
As part of the ruse, the agent explained that he needed
all the tools to start a new ring that used phony cards to make purchases --
the machines to make the cards, the special plastic to make them out of and,
most importantly, the stolen card numbers. For those, he was connected with
Yastremsky.
"He had the most recent, the largest credit card
data," said the agent. "Often times I knew about the breaches before
they were being reported. These people were my friends online and they were
selling me their new databases as they were getting them straight from the
breach."
Yastremsky worked with a variety of hackers to steal the
data -- sometimes placing malware directly on the networks at major retailers.
As soon as you'd swipe your card, the criminals would have your info.
To solidify the
burgeoning relationship -- and to help build the criminal case -- it was
decided that the agent would meet with Yastremsky in person. Up until then
their meetings had only been online, and Yastremsky was known only by his
internet handle -- Maksic.
"We met numerous times in South East Asia, and
several times in the Middle East ," said
the agent, who still works for the Secret Service. "It was business and a
mixture of just, of being a friend. We wore towels, beachwear, hung out at the
beach, rode wave-runners, went parasailing."
Related: Massive data theft hit 40% of South Koreans last
month
When the Secret Service decided it had enough information,
a plan was hatched to make the arrest. It would take place in Turkey
"We just came back home and when we came back to the
hotel, the police were in place and they arrested us as we walked back onto the
resort," said the agent, who was also arrested to maintain cover. "I
did the first thing that came natural -- I just started lying to the
police."
Related: Biggest credit card hacks
During his whole time undercover, the agent said he never
really felt threatened.
"They just seemed like regular individuals, people
that you would see on the street, people that you would see on the
subway," he said. "None of them came off as looking like a mafia
figure or the next big criminal."
Yastremsky is now serving 30 years in a Turkish prison on
charges related to the credit card thefts.
Since 2008 there have been many new instances of credit
card theft -- most recently the 40 million credit cards that were compromised
through a breach at Target.
While it seems like such cases are on the rise, the
Secret Service says that's not necessarily the case.
"It's probably a bias to say they are coming fast
and furious," said Ed Lowery, head of the criminal investigative division
at the Secret Service. "It just so happens we have three that have all
come to light in recent history."
No comments:
Post a Comment