Roman Seleznev is known as the son of Russian parliament member Valery Seleznev. He is also known as ‘Track2' in hacking circles and has now been convicted of 38 counts of fraud and theft by a US federal jury who conducted an eight-day trial in Seattle.
The charges against Seleznev junior relate to his thefts of millions of credit card numbers, which he has subsequently sold online across a network of connected fraudsters and con artists. Seleznev was taken into custody in July 2014 (while in in the Maldives) and his laptop contained more than 1.7 million stolen credit card numbers.
Seleznev was convicted after the court considered 10 counts of wire fraud, eight counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorised access devices and two counts of aggravated identity theft.
According to a United States Department of Justice statement, Seleznev hacked into retail Point-of-Sale (PoS) systems and installed malicious software (malware) to steal credit card numbers from various businesses from a server he operated in Russia.
Forced into bankruptcy
“Many of the businesses were small businesses, some of which were restaurants in Western Washington, including the Broadway Grill in Seattle, which was forced into bankruptcy following the cyber-assault,” details the office of public affairs.
Seleznev operated by ‘bundling' the credit card information he gleaned into groups called ‘bases'. These information packages were then sold as downloadable data on various ‘carding' websites to buyers who would then use the credit card numbers for fraudulent purchases, according to the trial evidence.
Carding sites on the dark cloud
In an earlier post on a related topic, famed cyber-crime investigative journalist Brian Krebs has said that ‘carding sites' hosted on the dark cloud network include Uncle Sam, Scrooge McDuck, Mr. Bin, Try2Swipe, Popeye, and Royaldumps.
“[They all] share the same or very similar site designs. All of them say that customers can look up available cards for sale at the site, but that purchasing the cards requires first contacting the proprietor of the shops directly via instant message,” writes Krebs.
Other key sources of fraudulent activity of this kind include ‘Swiped', which has operating since 2008 and has been able to steal data from millions of credit cards of major financial institutions.
“Credit card dumps are stolen with the use of skimming hardware, or by infecting POS terminals with special Trojans (Dexter, BlackPOS, JackPOS, Alina, etc). Credit card text information gets into the wrong hands when e-commerce web resources or infected computers are directly compromised using form grabbers,” explains Ilya Sachkov, CEO and founder of Group-IB in a report written in 2014.
Another ‘usual suspect' in the stolen data market is Alphabay Market. This online source appeared on the dark net operating on the Tor network and was pre-launched in November 2014 and officially launched on December 22, 2014. Alphabay has been linked with reports of stolen Uber accounts, hacks at TalkTalk and the wider market for stolen pharmaceutical drugs.
According to an original report on ArsTechnica, Seleznev will be sentenced December 2nd 2016 and his lawyer has told Reuters that his client faces a mandatory minimum of four years of jail time.