Skip the navigation

Five indicted in massive hacking scheme

Companies reported $300 million in losses from the five-year series of attacks

By Grant Gross
July 25, 2013 12:37 PM ET

IDG News Service - Five men from Russia and Ukraine have been indicted in New Jersey for charges they conspired with each other in a worldwide hacking scheme targeting major corporate networks that compromised more than 160 credit card numbers, the U.S. Department of Justice announced.

The men allegedly attacked the networks of several companies, including Nasdaq, 7-Eleven, JCP, Dow Jones and Hannaford, the DOJ said. Companies reported $300 million in losses from the attacks, the DOJ said in a statement.

Charged in an indictment unsealed Thursday in U.S. District Court for the District of New Jersey were Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia; Alexandr Kalinin, 26, of St. Petersburg, Russia; Roman Kotov, 32, of Moscow; Mikhail Rytikov, 26, of Odessa, Ukraine; and Dmitriy Smilianets, 29, of Moscow.

Drinkman and Kalinin allegedly specialized in penetrating network security and gaining access to the corporate victims' systems, while Kotov allegedly specialized in mining the compromised networks to steal data, the DOJ said.A The defendants hid their activities using anonymous Web-hosting services provided by Rytikov, while Smilianets allegedly sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.

The five compromised networks for nearly five years, between mid-2005 and mid-2012, according to court documents.

""This type of crime is the cutting edge," Paul Fishman, U.S. attorney for the District of New Jersey, said in a statement. A "Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security.A And this case shows, there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day."

Kalinin and Drinkman were previously charged in New Jersey as "Hacker 1" and "Hacker 2" in a 2009 indictment charging Albert Gonzalez, 32, of Miami, in connection with five corporate data breaches, including the breach of Heartland Payment Systems, which at the time was the largest breach ever reported.A Gonzalez is currently serving 20 years in federal prison for those offenses.A

The U.S. Attorney's Office for the Southern District of New York on Thursday announced two additional indictments against Kalinin. One charges him in connection with hacking certain computer servers used by Nasdaq and a second indictment charged Kalinin and another alleged Russian hacker, Nikolay Nasenkov, with an international scheme to steal bank account information by hacking U.S.-based financial institutions.A

Rytikov was previously charged in the Eastern District of Virginia with an unrelated scheme. Kotov and Smilianets have not previously been charged publicly in the U.S.

Drinkman and Smilianets were arrested at the request of the DOJ while traveling in the Netherlands on June 28, 2012.A Smilianets was extradited on Sept. 7, 2012, and remains in federal custody.A Kalinin, Kotov and Rytikov remain at large.

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies