NYT: F.B.I. Says 24 Are Arrested in Credit Card Theft Plan

http://www.nytimes.com/2012/06/27/business/fbi-says-24-people-are-arrested-in-credit-card-theft.html

June 26, 2012

F.B.I. Says 24 Are Arrested in Credit Card Theft Plan

By NELSON D. SCHWARTZ

For hackers in search of information like credit card numbers and software to spy on computers, the site called Carder Profit appeared to be a veritable eBay for thieves.

Instead, it was a creation of the Federal Bureau of Investigation.

On Tuesday, after a two-year undercover operation, authorities in 13 countries arrested two dozen people who are accused of fraud involving computer crime.

Federal officials said Operation Card Shop, as the sting is being called, was unusually broad and represented a significant step in combating credit card fraud, which has grown notably more sophisticated recently.

"These guys represent the complete ecosystem of Internet fraud," said one senior law enforcement official who requested anonymity because of the confidentiality of the investigation. "We drew them out of the shadows with the Web site as bait."

Hackers have become increasingly successful recently in obtaining credit card information and other personal data, sharing it on secure Web sites, often on overseas servers. Last year, hackers in Eastern Europe obtained the names, account numbers, e-mail addresses and transaction histories of more than 200,000 Citibank customers.

The online forum, one law enforcement official said, was "like a restricted eBay," open only to people who had a reputation and who had been vouched for by someone on the site. Besides the financial data, hacking tips, malware, spyware and access to stolen goods, like iPads and iPhones, were also possible on the site, the official said.

Federal officials maintained that the sting operation prevented potential losses of more than $200 million. Credit card providers were notified of more than 400,000 compromised credit and debit cards, the officials said.

Many of the 11 individuals arrested in the United States offered specialized skills and products on the sting site. One, who used the screen name xVisceral, offered remote access tools known as RATS that would spy on computers and Web cameras; the programs sold for $50 a copy.

Another, Mir Islam, known as JoshTheGod, sold stolen credit card information and had data on 50,000 credit card accounts, according to the United States attorney for the Southern District. He was arrested after buying cards from an undercover agent and trying to use one at an A.T.M. on Eighth Avenue in Midtown Manhattan.

Mr. Islam is accused of helping to operate additional forums, UGNazi.com and Carders.org, both of which were seized by the F.B.I. A lawyer for Mr. Islam declined to comment.

Other people arrested offered to ship stolen merchandise and arrange drop services so items like sunglasses, air purifiers and synthetic marijuana could be picked up.

Two individuals were arrested in New York, nine elsewhere in the United States and 13 in a dozen other countries, according to an F.B.I. spokeswoman.

In addition to arresting purveyors of stolen credit card information, authorities also aimed to trap people who created fake credit cards. The information included credit card numbers, addresses, Social Security numbers, mothers' maiden names and details of bank accounts.

Some people who bought software and other items on the sting site purchased products from retailers like Apple and Walmart.

"The coordinated law enforcement actions taken by an unprecedented number of countries around the world today demonstrate that hackers and fraudsters cannot count on being able to prowl the Internet in anonymity and with impunity, even across national boundaries," said Preet Bharara, United States attorney for the Southern District of New York.

In addition to luring hackers onto the site, federal authorities also monitored the discussion threads that sprang up, as specialized hackers sold their wares. The site was created in June 2010 and shut last month.

"From New York to Norway and Japan to Australia, Operation Card Shop targeted sophisticated, highly organized cybercriminals involved in buying and selling stolen identities, exploited credit cards, counterfeit documents and sophisticated hacking tools," Janice K. Fedarcyk, assistant director for the F.B.I., said in a statement.

She said the arrests would cause "significant disruption to the underground economy."

The overall number of arrests had been reported earlier as 26.

Credit card fraud has exploded in recent years, with increasingly sophisticated hackers teaming up with criminal organizations overseas. In the case of Operation Card Shop, the arrests took place in nations like Britain, Bosnia, Bulgaria, Norway and Germany. Search warrants and interviews were obtained in Australia, Canada, Macedonia and Denmark.

"They didn't just take down one kid and a Web site," said Dave Marcus, director of advanced research and threat intelligence at McAfee, a major provider of computer security software. "They took down a very organized group of people."

While the international reach of the operation was notable, the number of stolen cards pales in comparison with some earlier breaches. This year, Global Payments, an Atlanta-based transaction processor, reported a breach affecting 1.5 million credit cards. And in 2008, the underground market for the data was flooded with more than 360 million stolen personal records, mainly credit and debit files.

William K. Rashbaum contributed reporting.