Friday, August 08, 2008

TJX Update: The San Diego Indictments

As promised, here is the update regarding the eight individuals charged in San Diego in connection with "the TJX bust".

There were actually four separate indictments filed, and now that we have the indictments, we'll hopefully be able to learn more about some of these more mysterious criminals.

In the first indictment, the UNITED STATES OF AMERICA v. MAKSYM YASTREMSKIY

the charges are:

18 USC Section 1029(a)(2), and (c)(1)(A)(i) - Trafficking in Unauthorized Access Devices
18 USC Sections 1028(a)(7) and (b)(1)(D) - Identity Theft
18 USC Section 1028A(a)(1) - Aggravated Identity Theft
18 USC Section 1956(h) - Conspiracy to Launder Monetary Instruments
18 USC Section 982 - Criminal Forfeiture

As we saw in the first part of today's post, TJX Update: The Boston Indictments, when Albert Gonzalez and friends didn't know how to turn their stolen credit cards into money, they reached out to Eastern Europe for advice. When they didn't know how to crack their PINs, they reached out to Eastern Europe for advice. When they didn't know how to make sure their sniffer programs would remain undetected, they reached out to Eastern Europe for advice.

Much of that time, they were reaching out to Maksym Yastremskiy.

From May 31, 2005 until May 30, 2006, Yastremskiy, operating in the Southern District of California and elsewhere, sold approximately 155,000 credit card numbers "with intent to defraud", for $98,000 in cash.

Maskym ran a website which was his primary mechanism for selling cards. Prices varied by the bulk, and quantities of cards were advertised on the website (presumably by himself and others) in batches from ten or a dozen, up to several hundred thousand cards or even several million.

The general practice was that Maksym would be contacted by email or chat and the subject of how to make the purchase would be discussed. Unknown buyers would wire a cash payment, usually with Western Union, to Yastremskiy or an accomlpice. Trusted purchasers were allowed to wire directly into Yastremskiy's various bank accounts.
Once the funds transfer was complete, the purchaser would be granted the requested number and type of cards through the website. The indictment gives examples such as "10 Citibank Visa (Gold)" or "20 Royal Bank of Hong Kong Master Card (Platinum)" or "12 Chase Visa (Classic)".

Maksym's charges do not specifically reference Gonzalez from Miami, nor do they name the source of the cards.

Forfeiture claim is made to property derived from many payments, including but not limited to:

$846,762.18 in E-Gold accounts
$ 87,517.36 in Parex Bank account
$3,781,436.36 in an Asia Universal Bank account
$4,862,884.96 in Western Union money transfers
$1,931,047 in US currency




The second indictment is the UNITED STATES OF AMERICA v. ALEKSANDR SUVOROV, aka Lifestyle, aka JohnnyHell, aka Dantist.

The charges brought against Suvorov are:

18 USC Section 1029(b)(2) - Conspiracy to Possess Unauthorized Access Devices and to Traffic Unauthorized Access Devices
18 USC Section 1029(a)(3) and (c)(1)(A)(i) - Possession of Unauthorized Access Devices
18 USC Section 1029(a)(2) and (c)(1)(A)(i) - Trafficking in Unauthorized Access Devices
18 USC Section 1028(a)(7) and (b)(1)(D) - Identity Theft
18 USC Section 1028A(a)(1) - Aggravated Identity Theft
18 USC Sec 2 - Aiding and Abetting

Suvorov's Conspiracy charges name Maksym as his co-conspirator (however Maksym was not charged with Conspiracy in his indictment).

The Overt Acts in the conspiracy are:

On February 10, 2006, Maksym Yastremskiy agreed to sell 160,000 unauthorized credit card account numbers to a purchaser located in San Diego, California.

On February 20, 2006, Sukorov provided Maksym (AKA Maksik) with 160,000 unauthorized credit card account numbers for purpose of re-sale.

On March 17, 2006, in exchange for $10,000 in US Currency, Maksik transferred the first 6,798 of the negotiated 160,000 unauthorized credit cards.

Suvorov received occasional payments from Maksik from May 2, 2005 until May 1, 2006 as the cards were slowly bought and the funds were received back. Over the course of this time, Suvorov received from Maksik approximately $75,000.




In the third indictment, The UNITED STATES OF AMERICA has three Defendants:

SERGEY ALEXANDROVICH PAVLOVICH, aka Panther, aka Diplomaticos, aka PoL1Ce Dog, aka Fallen Angel, aka Panther757

DZMITRY VALERYEVICH BURAK, aka Leon, aka Graph, aka Wolf

SERGEY VALERYEVICH STORCHAK, aka Fidel

The only charge against these three is:

18 USC Section 1029(b)(2) Conspiracy to Traffic Unauthorized Access Devices

This is such a disappointment after the charges against the Boston crowd and the first two here! What are they charged with?

On May 11, 2007 - Sergey Pavlovich negotiated the sale of 90 stolen credit cards to a purchaser in the Southern District of California.

On September 11, 2006 - Dzmitry Valeryevich Burak negotiated the sale of 30 stolen credit cards to a purchaser in the Southern District of California.

On October 10, 2007 - Sergey Valeryevich Storchak agreed to sell 64 stolen credit cards to a purchaser in the Southern District of California.

Ummmm... Big whoop.




In the fourth indictment, the UNITED STATES OF AMERICA also charges three defendants:

HUNG-MING CHIU, aka Slimbady, aka Tomaliki, aka B&Q, aka Betrmb

ZHI ZHI WANG, aka Akihikotobe, aka Attorney

FNU LNU (for those of you who don't speak Chinese OR Indictmentese, that's First Name Unknown Last Name Unknown), aka Delpiero

The charges brought are:

18 USC Section 1029(b)(2) - Conspiracy to Possess Unauthorized Access Devices, to Traffic Counterfeit Access Devices, and to Traffic Unauthorized Access Devices
18 USC Section 1029(a)(2) and (c)(1)(A)(i) - Trafficking in Unauthorized Access Devices
18 USC Section 1029(a)(1) and (c)(1)(A)(i) - Trafficking in Counterfeit Access Devices
18 USC Section 1028A(a)(1) - Aggravated Identity Theft
18 USC Section 2 - Aiding and Abetting

The three defendants are charged with entering into conspiracy with Maksik (Maksym Yastremskiy) and JonnyHell (that's the third way I've seen that spelled in official documents this week!) (Aleksandr Suvorov).

The Overt Acts in their conspiracy include:

On July 30, 2005 - Zhi Zhi Wang sold 100 counterfeit credit card blanks to a purchaser located in the Southern District of California. The order was later filled by Hung-Ming Chiu.

On July 30, 2005 - Zhi Zhi Wang sold 100 counterfeit credit card blanks to a purchaser located in the Southern District of California. The order was subsequently filled by Hung-Ming Chiu.

On September 17, 2005 - Hung-Ming Chiu discussed with Maksym "Maksik" Yastremskiy the creation of a website that could be used to distribute stolen credit card accounts. Maksik agreed that he would be the website's provider of stolen credit card account information.

On September 28, 2007 - FNU LNU, aka Delpiero, sold 100 unauthorized access devices to a purchaser in the Southern District of California.

From September 17, 2004 until September 16, 2005, Hung-Ming sold approximately 162 credit card account numbers that had been stolen or obtained with intent to defraud, for approximately $4,500 in cash.

From September 17, 2005 until September 16, 2006, he did it again, with 172 cards for which he received $5,000.

From April 18, 2007 until April 17, 2008, Delpiero sold about 350 credit card account numbers for about $4,500.

They also sold "real looking" (or counterfeit) blank plastic.



OK, we'll pause here for a moment to reflect on how ludicrous it sounds to have a single press release naming people with $20 Million in forfeiture in the same case with people who only made $4,500. This is the part where we interject that these are real bad guys doing world-wide crime! The problem is that we have to have jurisdiction, in this case in the Southern District of California, for whatever we charge them with. Before you get terribly disillusioned about the nature of these "small fish" based on the indictments, let's investigate the Affidavit of Special Agent Ryan Knisley of the United State Secret Service.



SA Knisley has been a Secret Service Agent since August 7, 2006. What we don't see in the indictments themselves is that "Pavlovich" runs a HUGE Credit card trading service known as "Dumps Market" (www.dumpsmarket.net, at the time of the indictment.)

Burak had screwed up and found himself with a Yahoo! address which was searched by the US Secret Service. As a result of that search, he was found to be trading "BIN lists" (Bank Identification Numbers) and stolen credit card numbers with Storchak.

Storchak's accounts were also searched, and it was found that the credit card numbers traded between these two actually had been used for real dollar losses of $7,000,000!

Other evidence pointed to email accounts at a site called "safe-mail". Commonly held by the criminals to be beyond the stretch of US Law Enforcement. Through the Mutual Legal Assistance Treaty, email accounts at "SAFe-mail", which resides in Israel, were also searched, and the results shared with the USSS. In those mails
more details were revealed indicating that Pavlovich was the source of many of the stolen credit cards.

Pavlovich was running DumpsMarket in Belarus. Who also cooperates with US Law Enforcement. The Belarus law enforcment folks seized Pavlovich's hard drive, made a copy, and sent it to the US Secret Service. Pavlovich's hard drive contained more than 10,000 stolen credit cards, and photographs of himself spending time with Burak and Storchak in various social settings.

So, while the actual charges brought here seem small, we MUST make them stick. This is a $7 Million Bad Guy of the variety who needs to go to jail.

Three Cheers to Southern California for taking what data they could own and deciding to press forward with it!

While it is not specifically laid out in the documents to which I have access, it is my strong belief that the Chinese defendants are in a similar situation. The small numbers in Southern California should not be seen as a measure of their insignificance as criminals, but rather as a sign that when you spread multi-million dollar crime around the entire globe, its hard to find one small set of contiguous ZIP Codes that had many losses.

Again, Three Cheers to the US Secret Service, and the US Attorney of the Southern District of California!

(All Four Indictments, and the Affadavit are included in a single 34 page PDF)

No comments:

Post a Comment

Trying a new setting. After turning on comments, I got about 20-30 comments per day that were all link spam. Sorry to require login, but the spam was too much.