Infraud Cybercrime Site: Dozens Arrested

Thirty-six people have been charged for their alleged involvement in running a cybercrime service responsible for more than $530m (£381m) of losses. The Infraud Organisation is said to have dealt in stolen credit cards and passwords and engaged in bank fraud and ID theft.
 
As of March 2017, its dark-web-based service's discussion forum is said to have had 10,901 registered members. 
The US Department of Justice said 13 of the suspects were now in custody. They include UK-based Anthony Nnamdi Okeakpu, who is alleged to have joined in December 2010 and have used the nickname "moneymafia".
 
Other defendants include Svyatoslav Bondarenko, a Ukranian accused of having created Infraud in October 2010.
Five apprehended defendants were based in the US while others came from France, Canada, Pakistan, Russia Egypt, Italy and Macedonia among other countries.
 
"As alleged in the indictment, Infraud operated like a business to facilitate cyber-fraud on a global scale," said acting assistant attorney general John Cronan of the Justice Department's Criminal Division.
"Its members allegedly caused more than $530m in actual losses to consumers, businesses, and financial institutions alike - and it is alleged that the losses they intended to cause amounted to more than $2.2bn."
 
Affected businesses were said to have included HSBC bank and PayPal.
 
The US authorities said they were now attempting to extradite eight of the suspects being held overseas.
 
Automated Sales
The indictment says that Infraud's administrators had aimed to run the "premier online destination for the purchase and sale of stolen property" and had used the slogan "In Fraud We Trust" to promote it.
Its activities are alleged to have included:
  • the sale and purchase of stolen dates of birth, addresses, passwords, social security numbers, payment card details and other personally identifying information
  • the ability to advertise other sites that featured automated stores for stolen property
  • the sharing and sale of malware
  • the provision of forums and chat rooms to discuss illegal activities
At one point in 2011, one of the accused is said to have indicated he had 795,000 UK logins to HSBC bank available for sale.
Two years later, another is alleged to have advertised 1,300 compromised PayPal account IDs. Other specific accusations include adverts for Visa, Mastercard and American Express credit card numbers. One member is said to have offered to fraudulently book flights, rental cars and seats at US concerts and sporting events at a fraction of their actual price.
 
Members are said to have given feedback ratings to each other to help maintain the quality of contraband sold via the service. Proceeds were said to have been laundered via digital currencies including Bitcoin and the defunct service Liberty Reserve.
 
In an effort to evade arrest, members are alleged to have avoided sharing their real identities with each other, and instead used nicknames including "Mae Tony", "Poony" and "Hulk".
 
"The criminals involved in such schemes may think they can escape detection by hiding behind their computer screens here and overseas," said Derek Benner, of Homeland Security Investigations.
"But as this case shows, cyber-space is not a refuge from justice."
 
BBC
 
You Might Also Read: 
 
Cybercrime: £130bn Stolen From Consumers In 2017:
 
British Banks Are Hiding Cyber Attacks:
 
 
 
 
« Business Cybersecurity Strategy
Cybersecurity Salaries 7% Up In 2018 »

Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

MN Cyber

MN Cyber

MN Cyber provide cybersecurity training and cyber range services. Professional development and customized training for business.