UPDATE: Aug. 12, 2010: The blog item below tells the origins of the credit-card criminal site CarderPlanet.com; it was originally published in May, 2008.
The site became news again this week, when federal authorities announced the arrest of of Vladislav Anatolievich Horohorin, 27, aka “BadB” of Moscow, Russia, one of CarderPlanet’s founders. He was arrested as he boarded a Moscow-bound plane in Nice, France.
“The network created by the founders of CarderPlanet, including Vladislav Horohorin, remains one of the most sophisticated organizations of online financial criminals in the world,” said U.S. Secret Service Assistant Director for Investigations Michael Merritt in an FBI press release. “This network has been repeatedly linked to nearly every major intrusion of financial information reported to the international law enforcement community. This arrest is an illustration of the success that comes from international law enforcement and private sector partnerships and confirms the Secret Service commitment to traversing the globe in pursuit of online criminals.” See full story
Buying and selling stolen credit card numbers, bank account information and identities is as difficult a crime to crack as ever, and because of the increasingly global nature of the virtual fraud business moving operations from one country to another is often done with the simple press of a button or click of a mouse.
This series of posts show why it’s hard to stop and prosecute credit card and identity theft cybercrimes, by focusing on one wildly successful international card fraud ring and its flamboyant alleged leader, Dmitry Ivanovich Golubov.
The secret history of CarderPlanet.com and Dmitry Golubov
Screenshot of CarderPlanet.com
(Click to enlarge)
The FBI worked for years before successfully bringing down CarderPlanet.com — a well known Web site where identity thieves and hackers around the globe gathered to share tricks of their illegal trade.
The site launched May 2001, registered with a fake technical contact claiming to be in Ho Chi Minh City, Vietnam. The site grew rapidly, and went viral in certain virtual criminal communities as the go-to place for buying, selling and trading secrets about how to make money from stolen credit card numbers and identities.
According to the FBI, the site’s ringleader went by the alias “Script,” and, conspiring with other online criminals, Script brazenly collected and distributed computer viruses intended to steal personal information from unsuspecting computer users. This quickly made him, and CarderPlanet.com, popular and trusted among other cyber criminals.
More brazen, still, Script launched an advertising campaign for the CarderPlanet.com Web community. This made the site as accessible as it was useful for fraudsters profiteering off stolen account numbers.
CarderPlanet.com operated in plain sight of international law enforcement authorities (and pretty much anyone with an Internet connection searching for key terms.) The multimillion-dollar price tag it inflicted on United States financial institutions made the site of particular interest to U.S. FBI, Secret Service and Postal Inspection Service authorities.
Discussions on the site’s forums were conducted primarily in Russian, but it also had forums for English-speaking users. Hundreds of scam artists joined the forum, and tracking who was responsible for the site’s upkeep was a process of elimination for authorities trailing carders. Interpol and U.S. authorities joined forces on the hunt, and by culling through the registered users on the site and comparing criminal history records with information from EBay, Microsoft and other huge players in the computer industry, they mocked up a who’s who of the Internet’s most infamous crooks. They still had little hard evidence for the identity of “Script,” and their who’s who list was essentially a bunch of aliases with proxy Internet locations that turned up vacant if authorities went for a physical search.
U.S. authorities made several arrests in cooperation with the Russian and Ukrainian governments in 2004, including the arrest of multiple individuals who were caught red-handed selling or traveling with counterfeit credit cards and stolen identities. Several of the individuals arrested named Dmitry Ivanovich Golubov as Script.
It took about a year to convince Ukrainian authorities to arrest Golubov. They raided four of his addresses, which the alleged part-time student at Mechnikov University in Odessa, Ukraine, had used for business.
In July 2005, they finally made an arrest. While raiding his apartment in Odessa they found three computer hard drives and other electronics equipment that had been cooked in a wok, as well as a “raskat,” the Russian name for a remote electromagnetic pulse generator that removes all digital information from electronic storage devices, such as computers.
Four months later, in December 2005, two Ukrainian politicians came to Golubov’s aid, convincing a Ukrainian judge to release Golubov on the grounds that they had no substantial evidence that he was, indeed, Script or that he had any illegal equipment or stolen information in his possession.
Here’s the real twist: Upon his release from jail, Golubov announced he was going into politics by starting a political party called the Internet Party of the Ukraine. He also began a public relations campaign explaining his case to the blogosphere. He claims to have been the victim of identity theft and is petitioning the Ukrainian government to return the possessions they took from his apartment — including the raskat device and three computers he claims were not connected to the Internet.
Next up: Notes from the underground: The next generation of carders