On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string “Rescator,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. Ten years later, KrebsOnSecurity has uncovered new clues about the real-life identity of Rescator.
Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “Spam Nation,” was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest Russian darknet market. But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia’s state security services and the cybercriminal underground.
For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.
A Russian court has handed down lengthy prison terms for two men convicted on treason charges for allegedly sharing information about Russian cybercriminals with U.S. law enforcement officials. The men — a former Russian cyber intelligence official and an executive at Russian security firm Kaspersky Lab — were reportedly prosecuted for their part in an investigation into Pavel Vrublevsky, a convicted cybercriminal who ran one of the world’s biggest spam networks and was a major focus of my 2014 book, Spam Nation.
A chief criticism I heard from readers of my book, Spam Nation: The Inside Story of Organized Cybercrime, was that it dealt primarily with petty crooks involved in petty crimes, while ignoring more substantive security issues like government surveillance and cyber war. But now it appears that the chief antagonist of Spam Nation is at the dead center of an international scandal involving the hacking of U.S. state electoral boards in Arizona and Illinois, the sacking of Russia’s top cybercrime investigators, and the slow but steady leak of unflattering data on some of Russia’s most powerful politicians.
An Estonian man who ran an organized cybercrime ring that infected more than 4 million PCs in over 100 countries with moneymaking malware has pleaded guilty in New York to wire fraud and computer intrusion charges.
It’s been a while since a new category debuted on this blog, and it occurred to me that I didn’t have a catch-all designation for random ne’er-do-well news. Alas, the inaugural entry for Ne’er-Do-Well News looks at three recent unrelated developments: The availability of remote access iPhone apps written by a programmer perhaps best known for developing crimeware; the return to prison of a young hacker who earned notoriety after simultaneously hacking Paris Hilton’s cell phone and data broker LexisNexis; and the release of Pavel Vrublevsky from a Russian prison more than a year before his sentence was to expire.
Pavel Vrublevsky, the owner of Russian payments firm ChronoPay and the subject of an upcoming book by this author, was sentenced to two-and-half years in a Russian penal colony this week after being found guilty of hiring botmasters to attack a rival… Read More »
Pavel Vrublevsky, the owner of Russian payments firm ChronoPay and the subject of an upcoming book by this author, was arrested today in Moscow for witness intimidation in his ongoing trial for allegedly hiring hackers to attack against Assist, a top ChronoPay competitor.
The co-founder and owner of ChronoPay, one of Russia’s largest e-payment providers, is suing Russian security firm Kaspersky Lab, alleging that the latter published defamatory blog posts about him in connection with his ongoing cybercrime trial.