27
Jan 20

Russian Cybercrime Boss Burkov Pleads Guilty

Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.

Aleksei Burkov, seated second from right, attends a hearing in Jerusalem in 2015. Andrei Shirokov / Tass via Getty Images.

Burkov, 29, admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts, and to being the founder and administrator of DirectConnection — a closely guarded underground community that attracted some of the world’s most-wanted Russian hackers. He pleaded guilty last week in a Virginia court to access device fraud and conspiracy to commit computer intrusion, identity theft, wire fraud and money laundering.

As KrebsOnSecurity noted in a November 2019 profile of Burkov’s hacker nickname ‘k0pa,’ “a deep dive into the various pseudonyms allegedly used by Burkov suggests this individual may be one of the most connected and skilled malicious hackers ever apprehended by U.S. authorities, and that the Russian government is probably concerned that he simply knows too much.”

Membership in the DirectConnection fraud forum was heavily restricted. New members had to be native Russian speakers, provide a $5,000 deposit, and be vouched for by three existing crime forum members. Also, members needed to have a special encryption certificate installed in their Web browser before the forum’s login page would even load.

DirectConnection was something of a Who’s Who of major cybercriminals, and many of its most well-known members have likewise been extradited to and prosecuted by the United States. Those include Sergey “Fly” Vovnenko, who was sentenced to 41 months in prison for operating a botnet and stealing login and payment card data. Vovnenko also served as administrator of his own cybercrime forum, which he used in 2013 to carry out a plan to have Yours Truly framed for heroin possession.

As noted in last year’s profile of Burkov, an early and important member of DirectConnection was a hacker who went by the moniker “aqua” and ran the banking sub-forum on Burkov’s site. In December 2019, the FBI offered a $5 million bounty leading to the arrest and conviction of aqua, who’s been identified as Maksim Viktorovich Yakubets. The Justice Department says Yakubets/aqua ran a transnational cybercrime organization called “Evil Corp.” that stole roughly $100 million from victims.

In this 2011 screenshot of DirectConnection, we can see the nickname of “aqua,” who ran the “banking” sub-forum on DirectConecttion. Aqua, a.k.a. Maksim V. Yakubets of Russia, now has a $5 million bounty on his head from the FBI.

According to a statement of facts in Burkov’s case, the author of the infamous SpyEye banking trojanAleksandr “Gribodemon” Panin — was personally vouched for by Burkov. Panin was sentenced in 2016 to more than nine years in prison.

Other top DirectConnection members include convicted credit card fraudsters Vladislav “Badb” Horohorin and Sergey “zo0mer” Kozerev, as well as the infamous spammer and botnet master Peter “Severa” Levashov.

Burkov was arrested in 2015 on an international warrant while he was visiting Israel, and over the ensuing four years the Russian government aggressively sought to keep him from being extradited to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned a young Israeli woman on trumped-up drug charges in a bid to trade prisoners.

As the news outlet Haaretz reported in October, Naama Issachar was arrested while changing planes in Russia on her way home from a yoga course in India. Russian police said they found approximately 10 grams of marijuana in Issachar’s bag. Issachar denied smuggling drugs, saying she had not sought to enter Russia during her layover and had no access to her luggage during her brief stay in the Russian airport.

Haaretz noted that the Russian government pressed Israel to exchange Burkov for Issachar. When Israel’s supreme court cleared the way for Burkov’s extradition to the United States, Issachar was found guilty of drug smuggling and sentenced to 7.5 years in jail.

But according to a story today in The Times of Israel, the Kremlin has signaled that Russian President Vladimir Putin may make a decision “in the near future,” on a possible pardon for Issachar, whose mother reportedly met with Putin while the Russian leader was visiting Israel last week.

Burkov currently is scheduled to be sentenced on May 8. He faces a maximum sentence of 15 years in prison.

Update, Jan. 29, 10:26 p.m. ET: Putin pardoned Issachar. The BBC has more details.

Tags: , , , , , , , , , ,

27 comments

  1. The Sunshine State

    These miscreants are a couple steps above the level of a child molester, and that’s pretty low

  2. Yes the LONG arm of the law is finally reaching out to the evil doers! Brian’s work has done more than anyone single person to shine the light on the scurrying rats heading for their holes.

    Another lesson to be learned is, don’t travel to Russia – if you do, you might turn into a pawn for the Putin gang.

  3. He will be ok if the Russian’s simply think he “knows too much”. However, if he has Hillary’s “lost” 33,000 emails, then RIP.

  4. Note to Bad Guys: Do not leave Russia or North Korea or whatever country is protecting you. Never a good idea to be total scum and then go on vacation to a place that makes nice with the U.S.A.

    • I see no good reason for offering advice that would help scum evade capture

      • The funny part is that they know they shouldn’t but they think they won’t be caught. It’s like speeding. You know you shouldn’t but soon or later you get caught.

  5. Bit of a mistake here, Brian – according to your own story Panin received 9.5 years (https://krebsonsecurity.com/2016/04/spyeye-makers-get-24-years-in-prison/). You have conflated the sentencing time of Panin and Bendelladj.

    So this is incorrect:

    “According to a statement of facts in Burkov’s case, the author of the infamous SpyEye banking trojan — Aleksandr “Gribodemon” Panin — was personally vouched for by Burkov. Panin was sentenced in 2016 to 24 years in prison.”

  6. Brian, if Aleksei Burkov, is an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, how come Russia has extradited him and several others to the U.S. as your article states?

    Do you have evidence that he is of supreme importance to Russia?

  7. I really don’t understand these people. If you’re from a western country, then why, why do you have to go or even have a lay over in Russia? And also if you’re a Russian crook, why do you have to leave Russia? Stay there and will never get caught.

    • Its simple. 1000$ for a ticket with no layover, or $500 for a ticket with a layover youve taken many times prior without issue. And she wasnt from a “western” country, she was from Israel.

    • As for the second part of your question, hardly any of the big time cybercrooks who live in Russian want to remain there 365 days of the year. They like to spend their money and travel to interesting places. I’m sure many of them realize there’s a chance that could backfire, but in general underestimate that chance.

  8. I wonder if Putin will take the advice of the parole board, especially seeing that all the members agreed with the decision:

    “A Russian parole commission has recommended that Naama Issachar, an American-Israeli woman jailed in Russia for drug smuggling, be granted a pardon.

    The commission on Monday voted unanimously to approve the official request by Issachar, who signed the formal request a day earlier, Israel’s Kan public broadcaster reported.”

  9. Carding is dead!
    There is carding forums but They are scam forums.
    Too many rippers too.
    Need to Jump on Different business

    • Like a normal job, with real vacation days, never having to look over your shoulder, not having to think about killing people you work with to keep them from snitching, being able to relax. Might not be such a bad move.

  10. I wonder How they got caught!!!

  11. Brian, Putin just pardoned Naama Isschar:
    https://www.bbc.com/news/world-europe-51301827

    “Russian President Vladimir Putin has pardoned a dual US-Israeli national who was arrested on charges of drug trafficking last year.”

  12. I used to support lower sentences in exchange for cooperation, but I believe the value of such cooperation by hackers is extremely temporal. It doesn’t take long for rats to find new cover. At least Burkov’s “connections” further highlighted this story in the press.

Leave a comment