In a Friday release, the FBI detailed the hacker's role in the racket.
In November 2008, Sergei Tsurikov and co-conspirators obtained unauthorised access to the computer network of RBS WorldPay, now known as WorldPay, the agency said. At the time, RBS served as the U.S. payment processing division of The Royal Bank of Scotland Group.
By compromising the data encryption that the company used to secure payroll debit cards, the hacking group raised limits on targeted accounts, and used its network of cashers to withdraw more than £5.6 million (US$ 9 million) from around 2,100 ATMs worldwide using counterfeit payroll debit cards, the release said.
“A leader of one of the most sophisticated cyber-crime rings in the world has been brought to justice and sentenced,” said United States Attorney Sally Quillian Yates in a statement. “In just one day in 2008, an American credit card processor was hacked in perhaps one of the most sophisticated and organised computer fraud attacks ever conducted. Almost exactly one year later, the leaders of this attack were charged. This prosecution was successful because of the efforts of the victim, and unprecedented cooperation from various law enforcement agencies worldwide.”
In addition to his 11 year sentence, Tsurikov must follow the time served with three years of supervised release. He has also been ordered to pay restitution totalling £5.25 million (US$ 8.4 million), according to the FBI.
Back in August 2010, Tsurikov was extradited to the U.S. to face hacking charges related to the WorldPay hack. In September 2012, Tsurikov pleaded guilty to conspiracy to commit wire fraud and computer intrusion.
This article first appeared on SCMagazine.com.