Investigators posing online as potential buyers tracked Maxus to a
bank account at Riga's Hansabanka, where they say Maxus made
electronic deposits in an account under the name of Maxim Ivancov.
"Obviously we didn't do the buy but we got the account number," said
John Vranesevich, founder of the U.S.-based Internet security company
Antionline.
Hansabanka officials were unaware of the case early this week.
Vranesevich tracked Maxus' "right-hand man" Yevgeny Fedorov, known
online as Diagnoz, to St. Petersburg, Russia.
"We think he (Maxus) is over there somewhere too," said Vranesevich,
whose company has been cooperating with the FBI on the case.
An agent from the FBI office in Tallinn who was in Belarus last week
investigating the case offered no comment and would not confirm that
Maxus deposited his proceeds in a Hansabank account.
Maxus drew international attention last week after he e-mailed a
message along with some names, addresses and credit card numbers of
CD Universe customers to The New York Times, which verified their
authenticity.
"I am 19 and I am from Russia," the message reportedly read.
In December Maxus alerted CD Universe to the security breach by fax
and demanded $100,000.
"Pay me and I fix it," he wrote.
The company kept the blackmail plot secret and began negotiating with
Maxus, Vranesevich said, but dragged its feet too long.
CD Universe alerted customers only after a story in The New York Times report.
"They were irresponsibly silent," said Vranesevich.
Though he had gained substantial notoriety among hackers that target
credit cards, known on-line as "carders", Maxus broke into the site
simply to make money.
Based on the information supplied to credit card number buyers,
Vranesevich believes Maxus broke into the retailer's customer data
base.
Along with the credit card number, Maxus also supplied names,
addresses, CD Universe account numbers, passwords and user codes.
He allegedly copied 300,000 customer profiles and, after reportedly
using some of the numbers to obtain cash, began posting them on the
website Maxus Credit Card Pipeline on December 25.
"If you press the button you will get a real credit card directly
from the biggest online shop," the website reads. "No kidding."
The site has since been shut down, but not before Maxus established a
customer base.
He did not give the credit cards away, said Vranesevich, but sold
them to a string of smaller distributors or used them himself.
Some numbers he sold wholesale to a ring of partners in blocks of
1,000 at $1 each, guaranteeing that no one would receive the same
numbers.
Those who couldn't afford the $1,000 fee up-front would sell the
numbers for as much as $10 each then pay a kick-back to Maxus,
Vranesevich said.
The end buyers use the cards for everything from access to
pornography and online gambling sites to buying then pawning computer
and electronic equipment.
Maxus' most lucrative and elaborate scheme, Vranesevich said, was to
pose as an online merchant and, using the online purchasing software
CyberCash, make fake purchases in his "store".
The credit cards were charged and the money was electronically
deposited into Maxus' bank account.
Tracking a hacker who has something to sell is like undercover police
officers working their way up a narcotics ring. Antionline developed
a group of "informants", replete with fake names and differing
on-line personalities, and went shopping on Maxus' site.
Vranesevich said he persuaded Maxus to give him his bank account
number so he could wire transfer money to buy cards.
He traced the number to an account in Hansabank that Maxus monitored
through the bank's online banking feature.
Vranesevich estimates that Maxus sold as many as 100,000 credit card numbers.
But if it hasn't already, the entire scam will quickly run out of
steam as credit cards are cancelled.
"Time is his enemy," said Vranesevich.
According to most credit card agreements, real credit card owners are
normally only responsible for up to $50 in fraudulent purchases.
But that does not forgive Maxus' crime, said Vranesevich.
"For somebody who doesn't make a lot of money, fifty dollars could be
half a day's work," he said. "Who wants to work half a day for
nothing?"
Maxus is part of the growing culture of hackers, who have broken into
sites that include the White House and U.S. Senate sites in the
United States to multi-national corporations in Europe.
Visa International reported earlier this week that its Web site was
"sniffed" by hackers last weekend.
Visa has since said that its security system is 100 percent effective
against unauthorized entry.
Often companies are blackmailed by hackers who threaten to expose a
security hole or make critical information public.
Countries like the United States and Great Britain have assembled law
enforcement units to pursue cyber crooks.
But others, like the former USSR and Eastern Europe, are trying to
catch up with enforcement and laws.
Authorities say that no hacker whose deeds have been made public has
been as successful as Maxus.
"One of the fears is that they won't be able to catch him because of
a lack of cooperation from authorities there," Vranesevich said.
But Tallinn-based FBI agent William Moschella, who has been on Maxus'
trail, said if he is found he will be prosecuted.
"We have extradition treaties and mutual legal aid agreements," he
said. "Theft is theft anywhere in the world."
Now that the cards are likely worthless, Vranesevich said the FBI
will handle the case like any other money laundering or fraud case.
"He's got to move that money sometime," he said. "He has to spend it
at some point."
Please enter your username and password.
2024 © The Baltic Times /Cookies Policy
