Tuesday, August 05, 2008

TJX Reminder: "We Will Arrest You, and We Will Send You To Jail"

As we've been watching the news since the TJX bust, there have been several times where I thought we would hear that charges for that break-in would finally come. Well, it seems today is the day! Albert Gonzalez of Miami, who is known by his hacker handle "Segvec", was charged along with two other Miami residents in Boston today, while eight others were charged in Los Angeles.

With several hundred million dollars in theft, Attorney General Michael Mukasey did a press release about the indictments. According to Mukasey's speech:

hey targeted at least nine major retail corporations, including the TJX Corporation, whose stores include Marshalls and TJ Maxx; BJ's Wholesale Club; Barnes and Noble; Sports Authority; Boston Market; Office Max; Dave and Busters restaurants; DSW shoe stores; and Forever 21.

Mukasey continued, describing today's actions as a key part in the strategy of the Identity Theft Task Force, co-chaired by Mukasey and the chairman of the Federal Trade Commission, William Kovacic:

And the cooperation among investigators and prosecutors throughout the United States and around the world that led to these indictments shows the promise of close coordination in tackling these problems. Cases like this send a clear message to those who might be tempted to abuse our computer networks to steal information and harm law-abiding people and businesses: If you do, we will track you down wherever you are in the world, we will arrest you, and we will send you to jail.

The Department of Justice Press Release goes into som emore details, naming the additional co-conspirators:

Three From Miami were charged in Boston today:

Albert Gonzalez, AKA Segvec
Christopher Scott
Damon Patrick Toey

In San Diego charges were unsealed against:

From the Ukraine:
Maksym Yastremskiy, AKA Maksik
Dzmitry Burak
Sergey Storchak (no, I don't believe this is the Deputy Minister of Finance in Russia, of the same name, who is already in prison for embezzlement...)

From the Ukraine:
Aleksander Suvorov, AKA Jonny Hell

From China:
Hung-Ming Chiu (邱黄明)
Zhi Zhi Wang (王治治)

From ????:
the unknown hacker named Delpiero (isn't that an Italian soccer player's name?)

From Belarus:
Sergey Pavolvich

The indictments in San Diego are the result of an on-going three year undercover operation run by the Secret Service.

We last discussed Albert Gonzalez in this blog posting from May 12th, under the title TJX and Dave & Busters. Gonzalez was actually working as a "Confidential Informant" for the US Secret Service when they became aware of his involvement in this case. He had come to the attention of the Service when they arrested him in 2003 for Access Device Fraud. He was re-arrested for Wire Fraud on May 8th, according to documents from the US District Court in Miami, Floriday.

Maksym Yastremskiy has been jailed longer than any of the others, having been arrested at a nightclub in Kemer, Turkey with his girlfriend, and found to be in possession of "at least 1 million" credit card credentials, many of which have been found to be TJX data. That story broke (if you speak Turkish), all the way back in August of 2007 with these two articles:

Milliyet.com.tr - August 2nd


Sabah.com.tr - August 3rd

We first talked about that in this blog with the story TJX: From Florida to the Ukraine?, where we discussed the Miami crew who were turning TJX cards into WalMart Gift Cards before laundering them via eBay sales of luxury items bought in Sam's Clubs.

The next to get arrested was probably Jonny Hell, whose arrest back on March 3, 2008 was recently depicted in this Der Spiegel story from June 30th.

Jonny Hell, in Der Spiegel . . .

If you'll forgive my bad translation, the story says something like:

The two American agents, dark suits and service-brands of the Secret service, stood motionless beside the snake of the flight-traveler at the Frankfurt airport. They waited until Aleksandr Suvorov and his friend Vika were next, arriving at terminal 1 Singapore Airlines for three weeks of recuperation in Bali for the love-pair. As Suvorov pushed his Estonian passport over the counter-bar, eyewitnesses remember, there the Special Agents Paul B. and Timothy G. stepped forward, pulled out their ID cards, and revealed it to him. "You are arrested". It was March 3rd, shortly before 22 o'clock . . .

Since then, he has waited for his delivery to the USA. He is regarded as a top international hacker, that steals sensitive data in a big style by means of Trojan horses, and then resells it. The young Estonian, who supposedly hides behind the hacker-pseudonym "Jonny Hell", belongs to "one of the biggest world-wide circles dealing in stolen credit card numbers".

If anyone has more information on these hackers and their other exploits, please send them in!

Gary Warner

No comments:

Post a Comment

Trying a new setting. After turning on comments, I got about 20-30 comments per day that were all link spam. Sorry to require login, but the spam was too much.