RBS World Pay crackers arrested. Will they be extradited?

    The St. Petersburg FSB conducted an operation to arrest hacker Viktor Pleschuk, who is considered the organizer of one of the most daring hacking hacks in the history of banking business.

    In 2008, he and his accomplices hacked into the RBS World Pay payment system (processing unit of the Royal Bank of Scotland), stole the data on debit cards of bank customers, and gained access to personal data of clients and banking systems, including ATM processing and payroll cards . Somehow, they were even able to reverse engineer PINs, according to Wired.

    On November 8, 2008, approximately $ 9.5 million was withdrawn almost simultaneously with 44 cloned salary cards. Within 12 hours, about 2,100 ATMs in 280 cities, including Atlanta, Chicago, New York, Montreal, Moscow and Hong Kong, were involved in the action. Hundreds of ordinary cashiers (drops) took part in the cashing operation.

    Such a large amount of damage is due to the fact that hackers were able to previously raise the limits for withdrawing money on each card to $ 500,000 through an ATM processing system, so that the "drops" took out all the cash that was there from the ATMs.

    As the investigation showed, the operation was coordinated by four people: Viktor Pleshchuk (28 years old, St. Petersburg), Sergey Tsurikov (25 years old, Tallinn), Oleg Kovelin (28 years old, Chisinau) and another yet unidentified participant. It was Pleshchuk who found a way to reverse engineer encrypted PIN codes.

    The organizers of the action had the opportunity in real time to monitor the withdrawal process through an ATM monitoring system and tracked how much was withdrawn for each card. At the end of the operation, they tried to erase their presence from the RBS system.

    Interestingly, under Russian laws for hacking, Victor faces no more than five years in prison. And Russia does not have an extradition treaty with the United States. In such cases, the American intelligence services either wait for years until the hacker goes on vacation abroad (for example, this is how the Ukrainian hacker Maxim [Maksik] Yastremsky was arrested in Turkey in July 2007 ), or try to negotiate with the Russian authorities.

    According to experts, the FSB and the FBI demonstrated an unsurpassed level of cooperation in the Pleschuk case’s disclosure operation, but the Russian authorities are unlikely to meet the question of extradition. According to the FBI agent Hilbert, quoted by Wired, this is not the first time that Western intelligence agencies have conducted such operations in Russia and Ukraine, but these countries never extradite hackers, but give them minimal terms and will soon be released, sometimes ahead of schedule. Especially if the hacker has sufficient financial reserves to protect his interests.

    By the way, the Estonian authorities arrested Sergei Tsurikov and have already promised to extradite him to the United States.

    Also popular now: