Infamous hacker tracked to Latvia

Published: 27 January 2000 y., Thursday
Known on the Internet as Maxus, the hacker broke into the on-line customer database of the popular music retailer CD Universe and stole 300,000 credit card numbers that he began selling after unsuccessful attempts to bribe the company. Investigators posing online as potential buyers tracked Maxus to a bank account at Riga_s Hansabanka, where they say Maxus made electronic deposits in an account under the name of Maxim Ivancov. "Obviously we didn't do the buy but we got the account number," said John Vranesevich, founder of the U.S.-based Internet security company Antionline. Hansabanka officials were unaware of the case early this week. Vranesevich tracked Maxus_ "right-hand man" Yevgeny Fedorov, known online as Diagnoz, to St. Petersburg, Russia. "We think he (Maxus) is over there somewhere too," said Vranesevich, whose company has been cooperating with the FBI on the case. An agent from the FBI office in Tallinn who was in Belarus last week investigating the case offered no comment and would not confirm that Maxus deposited his proceeds in a Hansabank account. Maxus drew international attention last week after he e-mailed a message along with some names, addresses and credit card numbers of CD Universe customers to The New York Times, which verified their authenticity. "I am 19 and I am from Russia," the message reportedly read. In December Maxus alerted CD Universe to the security breach by fax and demanded $100,000. "Pay me and I fix it," he wrote. The company kept the blackmail plot secret and began negotiating with Maxus, Vranesevich said, but dragged its feet too long. CD Universe alerted customers only after a story in The New York Times report. Though he had gained substantial notoriety among hackers that target credit cards, known on-line as "carders", Maxus broke into the site simply to make money. Based on the information supplied to credit card number buyers, Vranesevich believes Maxus broke into the retailer's customer data base.Along with the credit card number, Maxus also supplied names, addresses, CD Universe account numbers, passwords and user codes. He allegedly copied 300,000 customer profiles and, after reportedly using some of the numbers to obtain cash, began posting them on the website Maxus Credit Card Pipeline on December 25. "If you press the button you will get a real credit card directly from the biggest online shop," the website reads. "No kidding." The site has since been shut down, but not before Maxus established a customer base.He did not give the credit cards away, said Vranesevich, but sold them to a string of smaller distributors or used them himself. Some numbers he sold wholesale to a ring of partners in blocks of 1,000 at $1 each, guaranteeing that no one would receive the same numbers. The credit cards were charged and the money was electronically deposited into Maxus_ bank account. Tracking a hacker who has something to sell is like undercover police officers working their way up a narcotics ring. Antionline developed a group of "informants", replete with fake names and differing on-line personalities, and went shopping on Maxus_ site.Vranesevich said he persuaded Maxus to give him his bank account number so he could wire transfer money to buy cards. He traced the number to an account in Hansabank that Maxus monitored through the bank_s online banking feature. Vranesevich estimates that Maxus sold as many as 100,000 credit card numbers.
Šaltinis: The Baltic Times
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.

Facebook Comments

New comment


Captcha

Associated articles

NASA to merge media archives

Space officials want proposals for a NASA archiving system that would create a one-stop multimedia source for the public more »

Google Focuses Local Ad Targeting

Search giant Google will offer its advertisers the chance to more tightly target the geographical areas where their ads will be seen more »

'Linspiration' Hits Lindows

Lindows executives have rolled out a new moniker for its desktop Linux software and the name is...Linspire more »

Spam reaches new high in March

More than one million junk emails sent on one day alone more »

Internet nonprofit meets with U.N.

U.S. company controls domain names; security, governing discussed more »

ITT fashion spring “CeBIT 2004”

18th world’s largest information technologies’ and telecommunications’ exhibition “CeBIT 2004”, which takes place in Hanover (Germany) annually, has already ended. more »

Foreign fraud hits U.S. e-commerce firms hard

Top offending countries: Yugoslavia, Nigeria, Romania more »

'Buffalo Spammer' convicted

A man accused of using EarthLink Inc. e-mail accounts to release a flood of unsolicited commercial ("spam") e-mail on the Internet has been convicted on charges of identity theft and falsifying business records more »

Google Gets E-Mail

Search player Google is getting into the e-mail game more »

New eMail Tales in Microsoft's Minn. Case

Microsoft officials sought to dissuade Intel from investing in handwriting software startup GO Corporation in 1990, according to the latest round of e-mail evidence more »