{"id":7426,"date":"2017-04-24T10:17:44","date_gmt":"2017-04-24T18:17:44","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/04\/24\/news-1217\/"},"modified":"2017-04-24T10:17:44","modified_gmt":"2017-04-24T18:17:44","slug":"news-1217","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/04\/24\/news-1217\/","title":{"rendered":"The Backstory Behind Carder Kingpin Roman Seleznev’s Record 27 Year Prison Sentence"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Mon, 24 Apr 2017 16:37:23 +0000<\/strong><\/p>\n

Roman Seleznev<\/strong>,\u00a0a 32-year-old Russian cybercriminal and prolific credit card thief, was sentenced Friday to 27 years in federal prison. That is a record punishment for hacking violations in the United States and by all accounts one designed to send a message to criminal hackers everywhere. But a close review of the case suggests that Seleznev’s record sentence was severe in large part because the evidence against him was substantial\u00a0and yet he declined to cooperate with prosecutors prior to his trial.<\/p>\n

\"Maldives_(orthographic_projection).svg\"<\/p>\n

The Maldives is a South Asian island country, located in the Indian Ocean, situated in the Arabian Sea. Source: Wikipedia.<\/p>\n<\/div>\n

The son of an influential Russian politician, Seleznev made international headlines in 2014 after he was captured<\/a> while vacationing in The Maldives<\/a>, a popular vacation spot for Russians and one that many Russian cybercriminals<\/a> previously considered<\/a> to be\u00a0out of reach for\u00a0western law enforcement agencies.<\/p>\n

However, U.S. authorities were able to negotiate a secret deal with the Maldivian government to apprehend Seleznev. Following his capture, Seleznev was whisked away to Guam briefly before being transported to Washington state to stand trial for computer hacking charges.<\/p>\n

The\u00a0U.S. Justice Department says the laptop found with him when he was arrested contained more than 1.7 million stolen credit card numbers, and that evidence presented at trial showed that Seleznev earned tens of millions of dollars defrauding more than 3,400 financial institutions.<\/p>\n

Investigators also reportedly found a smoking gun: a password cheat sheet<\/a> that linked Seleznev to a decade’s worth of criminal hacking.<\/p>\n

Seleznev was initially identified as a major cybercriminal by U.S. government investigators in 2011, when prosecutors in Nevada named him as part of a conspiracy involving\u00a0more than three dozen\u00a0popular merchants on\u00a0carder[dot]su<\/strong>, a bustling fraud forum where he and other\u00a0members openly marketed various cybercrime-oriented services.<\/p>\n

Known by the hacker handle “nCux,” Seleznev operated multiple online shops that sold stolen credit and debit card data. According to Seleznev\u2019s indictment in the Nevada case<\/a>, he was part of a group that hacked into restaurants between 2009 and 2011 and planted malicious software to steal card data from store point-of-sale devices.<\/p>\n

In Seattle\u00a0on Aug. 25, 2016<\/a>, Seleznev was convicted\u00a0of 10 counts of wire fraud, eight counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices and two counts of aggravated identity theft.<\/p>\n

\u201cSimply put, Roman Seleznev has harmed more victims and caused more financial loss than perhaps any other defendant that has appeared before the court,\u201d federal prosecutors charged\u00a0in\u00a0their sentencing memorandum.<\/span> \u201cThis prosecution is unprecedented.\u201d<\/p>\n

Seleznev’s lawyer Igor Litvak<\/strong> called his client’s sentence “draconian,” saying\u00a0that Seleznev was gravely injured in a 2011 terrorist attack in Morocco, has Hepatitis B and is not well physically.<\/p>\n

Litvak noted that his client also faces two more prosecutions — in Georgia and Nevada,\u00a0and that his client is likely to be shipped off to Nevada soon.<\/p>\n

“It’s unprecedented, yes, but it’s also a draconian sentence for a person who\u00a0is very gravely ill,” Litvak said in an interview with KrebsOnSecurity. “He’s not going to live that long. He’s going to die in jail. I’m certain of that.”
<\/span><\/p>\n

ANALYSIS<\/h4>\n

As for the severity of his sentence, Seleznev did himself no favors by rededicating himself to his carding empire after having been clearly marked by U.S. investigators in the 2011 indictment as a key figure in an online\u00a0organized crime ring.<\/p>\n

Many of the documents related to Seleznev’s prosecution and conviction in Washington state last week remain sealed, as he still faces federal criminal hacking charges in Nevada and Georgia. But former black hat Russian hacker<\/a> turned political and cybersecurity blogger Andrey “Sporaw” Sporov<\/strong> published snippets<\/a> from documents apparently related to Seleznev’s prosecution indicating that investigators with the\u00a0U.S. Secret Service and FBI<\/strong>\u00a0met with the Russian Federal Security Service<\/strong> (FSB) in 2009 to discuss Seleznev’s activities,\u00a0presenting “substantial” evidence that Seleznev was a bigtime cybercrook.<\/p>\n

\"The<\/a><\/p>\n

2pac[dot]cc credit card shop that Seleznov operated, among others.<\/p>\n<\/div>\n

Seleznev’s online alter ego nCux reportedly\u00a0got word of the meeting, and was soon after seen deleting his identities on hacker forums and saying he was closing up shop:<\/p>\n

\n

“As U.S. Probation noted, the information that U.S. law enforcement was investigating Seleznev ‘clearly got back to Mr. Seleznev,’” reads the document. “Indeed, Seleznev had his own contacts inside the FSB. In chat messages between Seleznev and an associate from 2008, Seleznev stated that he had obtained protection through the law enforcement contacts in the computer crime squad of the FSB. Later, in 2010, Seleznev told another associate that the FSB knew his identity and was working with the FBI.”.<\/p>\n<\/blockquote>\n

But nCux didn’t go away, he merely reinvented himself as “Bulba,”<\/a> operating a number of carding sites including track2[dot]name, bulba[dot]cc, and 2Pac[dot]cc. These sites sold tens of thousands of “dumps,” data that thieves encode onto new plastic cards and use to buy high-priced electronics and gift cards from big box retailers. Seleznev’s sites specialized in selling tens of thousands of dumps at a time to criminal groups and street gangs operating throughout the United States<\/p>\n

\"A<\/a><\/p>\n

A private mesasge between card merchant “Bulba” and an interested buyer on the fraud bazaar carder[dot]pro.<\/p>\n<\/div>\n

Seleznev reportedly used this money to live an extravagant lifestyle, buying up properties in Bali, Indonesia. Photographs seized from Seleznev show his associates with large bundles of cash, at luxurious resorts, and posing for photographs next to flashy sports\u00a0cars. Just before his capture, Seleznev reportedly spent over $20,000 to stay in a resort in the Maldives and boasting of having rented the most expensive accommodations there.<\/p>\n

Sporov’s documents describe Seleznev’s years to evade law enforcement officials following his then-sealed indictment in Nevada:<\/p>\n

\n

“Seleznev remained at large for over three years. During this period, Seleznev carefully evaded apprehension, employing practices like buying last-minute plane tickets to avoid giving authorities advance notice of his travel plans. Seleznev obtained an account with the U.S. Court\u2019s PACER system, which he monitored for criminal indictments naming him or his nicknames. He avoided travel to countries that had entered into extradition treaties with the United States. Indeed, when Seleznev was finally confronted by U.S. agents in the Maldives, his first words were to question whether the United States had an extradition treaty with the Maldives.”<\/p>\n<\/blockquote>\n

The defendant also apparently burned through multiple lawyers, almost all of whom appear to have advised him to seek a plea deal with the U.S. government:<\/p>\n

\n

“Seleznev repeatedly attempted to manipulate and protract these proceedings, resulting in a cumulative delay of 26 months, and six sets of counsel, between his capture and trial….Transcripts of jail calls previously submitted to the Court reveal that, in the days leading up to the hearing, Seleznev and his father resolved to delay the hearing so that they could work on a secret strategy they elliptically referred to as ‘Uncle Andrey\u2019s option.’ To manufacture the delay, Seleznev\u2019s father suggested that Seleznev either ‘get sick’ or ‘completely stop the communication with the lawyers.’”<\/p>\n<\/blockquote>\n

Seleznev is the son of Valery Seleznev<\/strong>, a prominent member of the Russian Duma (Russia’s parliament) and is considered an ally of President Vladimir Putin<\/strong>. As the Seattle Times wrote<\/a> at Seleznev’s conviction in 2016, “federal prosecutors accused Seleznev and his father of plotting to tamper with witnesses and possibly discussing an escape<\/a> from the Federal Detention Center in SeaTac. The assertions were based on recorded conversations, according to the government.”<\/p>\n

\"Seleznev<\/p>\n

Seleznev posing with a sports car in Red Square. Image: DOJ.<\/p>\n<\/div>\n

Perhaps Mr. Seleznev thought his father’s influence\u00a0and\/or his own apparent connections with Russian law enforcement officials would rescue him. Maybe Seleznev believed\u00a0he could prevail against the U.S. government in court.<\/p>\n

But it seems clear that Seleznev’s\u00a0record 27-year sentence had at least as much to do\u00a0with the impact of his crimes as it did\u00a0the enormity of the charges and evidence against him combined with his refusal to cooperate with investigators.<\/p>\n

Seleznev’s lawyer Igor Litvak<\/strong> said his client declined a plea deal prior to his trial, and by the time Seleznev had changed his mind the trial was over and the government no longer needed the information he could offer. Prosecutors sought to put him\u00a0away for 35 years: They got seven years shy of that request.<\/p>\n

“The prosecution said if he would have cooperated this case would have turned out very differently,” Litvak said.<\/p>\n

The docket for Seleznev’s case is available here<\/a>\u00a0and includes a number of unsealed documents related to this case.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Mon, 24 Apr 2017 16:37:23 +0000<\/strong><\/p>\n

Roman Seleznev, a 32-year-old Russian cybercriminal and prolific credit card thief, was sentenced Friday to 27 years in federal prison. That is a record punishment for hacking violations in the United States and by all accounts one designed to send a message to criminal hackers everywhere. But a close review of the case suggests that Seleznev’s record sentence was severe in large part because the evidence against him was substantial and yet he declined to cooperate with prosecutors prior to his trial. The son of an influential Russian politician, Seleznev made international headlines in 2014 after he was captured while vacationing in The Maldives, a popular vacation spot for Russians and one that many Russian cybercriminals previously considered to be out of reach for western law enforcement agencies. He was whisked away to Guam briefly before being transported to Washington state to stand trial for computer hacking charges.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[12071,6627,11128,12072,12073,10644,12074,12075,12076,179],"class_list":["post-7426","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-bulba","tag-fbi","tag-fsb","tag-igor-litvak","tag-ncux","tag-other","tag-roman-seleznev","tag-secret-service","tag-valery-seleznev","tag-vladimir-putin"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7426","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7426"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7426\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7426"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}