Skip to main content

DOJ Indicts Eight in $9 Million Fraud Ring

The DOJ yesterday announced that Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and a person known only as "Hacker 3;" had been indicted by a federal grand jury in Atlanta, Ga., on charges of hacking into a computer network operated by the Atlanta-based credit card processing company RBS WorldPay, which is part of the Royal Bank of Scotland.

Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, each of Tallinn, Estonia, were also indicted for access device fraud.

The group is said to have hacked into RBS WorldPay's system, compromising the data encryption used by the bank to protect customer data on payroll debit cards. They then raised the limits on all compromised accounts before providing a network of "cashers" with 44 fake payroll debit cards. These cashers went on to withdraw more than $9 million from 2,100 ATMS in more than 280 cities worldwide in less than 12 hours. The list of cities included cities in the US, Russia, the Ukraine, Estonia, Italy, Hong Kong, Japan and Canada.

The DOJ said in a statement that Tsurikov, Pleshchuk, Covelin and "Hacker 3" each face a maximum sentence of up to 20 years in prison for conspiracy to commit wire fraud and each wire fraud count; up to five years in prison for conspiracy to commit computer fraud; up to five or 10 years in prison for each count of computer fraud; a two-year mandatory minimum sentence for aggravated identity theft; and fines up to $3.5 million dollars. The charges against Grudijev, the Tsois and Jevgenov carry a maximum of up to 15 years in prison for each count and a fine of up to $250,000. The indictment also seeks criminal forfeiture of $9.4 million from the defendants.

Read the complete statement here.

  • Jenoin
    @homrqt
    This one appears to have been successful... If you are asking how often $9M is charged to payroll debit cards and the companies that own them don't notice, I would guess it is very very rare.
    Reply
  • False_Dmitry_II
    I disagree. I've heard of plenty of ways where the person who did something similar-esque would have gotten away with it easily, if they hadn't done something incredibly stupid.

    One that easily comes to mind, the company had no clue at all. The FBI showed up to arrest the guy one day. Told the company what he did, and they caught him cause he was spending money left and right that he shouldn't have had. Stuff like cash for a house and whatnot.

    By definition noone notices successful ventures. Sort of like how you don't want to hire a famous hitman, because that means he's terrible.
    Reply
  • buwish
    Busted. One would think that no matter how or what you do in regard to hacking a bank system, you're going to leave an electronic trail that someone has the ability to track.
    Reply
  • kingnoobe
    People that do things like this or so smart yet so freaking stupid. You should be prepared to disappear ASAP when you pull something this big off. Not stand around twiddling your thumbs cause you think you pulled a fast one.
    Reply
  • w4ffles
    You pirate some songs or movies and you get a heftier punishment. Anyone else see what's wrong?
    Reply
  • mitchmeister03
    My question is, are all of these people in the country now? They were removing tons of cash from all over the world... and came back to the US? Confused.
    Reply
  • anamaniac
    20 years for hacking routers...
    Reply
  • city_zen
    Good luck extraditing them ...
    Reply
  • amnotanoobie
    w4fflesYou pirate some songs or movies and you get a heftier punishment. Anyone else see what's wrong?Murderers get less than the hacker or the pirate.
    Reply