An elusive Russian computer hacker who last month pulled off what may be the world_s biggest online credit card heist has been traced to a bank account in Latvia.

Known on the Internet as Maxus, the hacker broke into the on-line customer database of the popular music retailer CD Universe and stole 300,000 credit card numbers that he began selling after unsuccessful attempts to bribe the company. Investigators posing online as potential buyers tracked Maxus to a bank account at Riga_s Hansabanka, where they say Maxus made electronic deposits in an account under the name of Maxim Ivancov. "Obviously we didn't do the buy but we got the account number," said John Vranesevich, founder of the U.S.-based Internet security company Antionline. Hansabanka officials were unaware of the case early this week. Vranesevich tracked Maxus_ "right-hand man" Yevgeny Fedorov, known online as Diagnoz, to St. Petersburg, Russia. "We think he (Maxus) is over there somewhere too," said Vranesevich, whose company has been cooperating with the FBI on the case. An agent from the FBI office in Tallinn who was in Belarus last week investigating the case offered no comment and would not confirm that Maxus deposited his proceeds in a Hansabank account. Maxus drew international attention last week after he e-mailed a message along with some names, addresses and credit card numbers of CD Universe customers to The New York Times, which verified their authenticity. "I am 19 and I am from Russia," the message reportedly read. In December Maxus alerted CD Universe to the security breach by fax and demanded $100,000. "Pay me and I fix it," he wrote. The company kept the blackmail plot secret and began negotiating with Maxus, Vranesevich said, but dragged its feet too long. CD Universe alerted customers only after a story in The New York Times report. Though he had gained substantial notoriety among hackers that target credit cards, known on-line as "carders", Maxus broke into the site simply to make money. Based on the information supplied to credit card number buyers, Vranesevich believes Maxus broke into the retailer's customer data base.Along with the credit card number, Maxus also supplied names, addresses, CD Universe account numbers, passwords and user codes. He allegedly copied 300,000 customer profiles and, after reportedly using some of the numbers to obtain cash, began posting them on the website Maxus Credit Card Pipeline on December 25. "If you press the button you will get a real credit card directly from the biggest online shop," the website reads. "No kidding." The site has since been shut down, but not before Maxus established a customer base.He did not give the credit cards away, said Vranesevich, but sold them to a string of smaller distributors or used them himself. Some numbers he sold wholesale to a ring of partners in blocks of 1,000 at $1 each, guaranteeing that no one would receive the same numbers. The credit cards were charged and the money was electronically deposited into Maxus_ bank account. Tracking a hacker who has something to sell is like undercover police officers working their way up a narcotics ring. Antionline developed a group of "informants", replete with fake names and differing on-line personalities, and went shopping on Maxus_ site.Vranesevich said he persuaded Maxus to give him his bank account number so he could wire transfer money to buy cards. He traced the number to an account in Hansabank that Maxus monitored through the bank_s online banking feature. Vranesevich estimates that Maxus sold as many as 100,000 credit card numbers.