Infraud Cybercrime Site: Dozens Arrested

Uploaded on 2018-02-09 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Thirty-six people have been charged for their alleged involvement in running a cybercrime service responsible for more than $530m (£381m) of losses. The Infraud Organisation is said to have dealt in stolen credit cards and passwords and engaged in bank fraud and ID theft.
 
As of March 2017, its dark-web-based service's discussion forum is said to have had 10,901 registered members. 
The US Department of Justice said 13 of the suspects were now in custody. They include UK-based Anthony Nnamdi Okeakpu, who is alleged to have joined in December 2010 and have used the nickname "moneymafia".
 
Other defendants include Svyatoslav Bondarenko, a Ukranian accused of having created Infraud in October 2010.
Five apprehended defendants were based in the US while others came from France, Canada, Pakistan, Russia Egypt, Italy and Macedonia among other countries.
 
"As alleged in the indictment, Infraud operated like a business to facilitate cyber-fraud on a global scale," said acting assistant attorney general John Cronan of the Justice Department's Criminal Division.
"Its members allegedly caused more than $530m in actual losses to consumers, businesses, and financial institutions alike - and it is alleged that the losses they intended to cause amounted to more than $2.2bn."
 
Affected businesses were said to have included HSBC bank and PayPal.
 
The US authorities said they were now attempting to extradite eight of the suspects being held overseas.
 
Automated Sales
The indictment says that Infraud's administrators had aimed to run the "premier online destination for the purchase and sale of stolen property" and had used the slogan "In Fraud We Trust" to promote it.
Its activities are alleged to have included:
  • the sale and purchase of stolen dates of birth, addresses, passwords, social security numbers, payment card details and other personally identifying information
  • the ability to advertise other sites that featured automated stores for stolen property
  • the sharing and sale of malware
  • the provision of forums and chat rooms to discuss illegal activities
At one point in 2011, one of the accused is said to have indicated he had 795,000 UK logins to HSBC bank available for sale.
Two years later, another is alleged to have advertised 1,300 compromised PayPal account IDs. Other specific accusations include adverts for Visa, Mastercard and American Express credit card numbers. One member is said to have offered to fraudulently book flights, rental cars and seats at US concerts and sporting events at a fraction of their actual price.
 
Members are said to have given feedback ratings to each other to help maintain the quality of contraband sold via the service. Proceeds were said to have been laundered via digital currencies including Bitcoin and the defunct service Liberty Reserve.
 
In an effort to evade arrest, members are alleged to have avoided sharing their real identities with each other, and instead used nicknames including "Mae Tony", "Poony" and "Hulk".
 
"The criminals involved in such schemes may think they can escape detection by hiding behind their computer screens here and overseas," said Derek Benner, of Homeland Security Investigations.
"But as this case shows, cyber-space is not a refuge from justice."
 
BBC
 
You Might Also Read: 
 
Cybercrime: £130bn Stolen From Consumers In 2017:
 
British Banks Are Hiding Cyber Attacks:
 
 
 
 
« Business Cybersecurity Strategy
Cybersecurity Salaries 7% Up In 2018 »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

IPVanish

IPVanish

IPVanish has its roots in over 15 years of network management, IP services, and content delivery services. Now we're bringing these finely honed skills to VPN.

NPCore

NPCore

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

National Center for Manufacturing Sciences (NCMS) - USA

National Center for Manufacturing Sciences (NCMS) - USA

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

Dellfer

Dellfer

Dellfer secures connected cars and other IOT devices through Intrinsic protection, enabling the most sophisticated cybersecurity attacks to be seen instantly and remediated with precision.

VS Security Products

VS Security Products

VS Security Products design, manufacture and sell the most extensive range of degaussers and data destroyers on the market, suitable for all types of magnetic media.

ADL Process

ADL Process

ADL Process offer secure data destruction, certified product destruction and responsible electronics recycling services to businesses and institutions.

US Venture Partners (USVP)

US Venture Partners (USVP)

USVP is a leading Silicon Valley venture capital firm focusing on early-stage start-ups that transform cybersecurity, enterprise software, consumer mobile and e-commerce, and healthcare.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

InfusionPoints

InfusionPoints

InfusionPoints is your independent trusted partner dedicated to assisting you in building your secure and compliant business solutions.

RIIG Technology

RIIG Technology

Our mission is to empower organizations with high-quality, verifiable data and advanced intelligence solutions, ensuring robust security and effective risk management.

Soteria Communications

Soteria Communications

Soteria Communications supports clients to prepare for and manage crises, with a focus on cyber incidents.