Hacker Dossier: Albert Gonzalez. 20 years in prison and 170 million stolen credit cards

Albert Gonzalez (1981) is an American computer hacker and computer criminal who is accused of the combined theft of credit card information and the subsequent resale of more than 170 million cards and bank numbers from 2005 to 2007 - the largest fraud of its kind in history.

Gonzalez and his accomplices used SQL injection to deploy backdoors to several enterprise systems to launch packet sniffer (in particular, ARP spoofing ), which allowed him to steal data from internal corporate networks.

During his binge, he was said to have lowered $ 75,000 to a birthday party and complained that he had to count $ 340,000 by hand because his currency machine had broken.

Gonzalez received three federal charges:

• In May 2008, in New York in the Dave & Busters case (the trial was held in September 2009)
• In May 2008 in the state of Massachusetts in the case of TJ Maxx (the trial took place in early 2010)
• August 2009 in New Jersey in connection with Heartland Payment.

On March 25, 2010, Gonzalez was sentenced to 20 years in federal prison.

Gonzalez and his team were featured in episode 5 of the season of the CNBC series American Greed called Hackers: Operation Get Rich Or Die Tryin.

The publication is supported by Edison , a company that develops geolocation games with orcs and demons and CRM systems to coordinate the work of branches .

Early life

Gonzalez's parents, who immigrated to the United States from Cuba in the 1970s, bought Albert the first computer when he was 8 years old.

He went to Miami, Florida High School, where he was described as the “troubled” leader of computer nerds. In 2000, he moved to New York, where he lived for three months before moving to Kearney, New Jersey.


Gonzalez in 2001 at DefCon in Las Vegas

Shadow shadow

While at Kearney, he was accused of being the mastermind of a hacker group called ShadowCrew that sold 1.5 million stolen credit cards and ATM numbers for sale. Although considered the mastermind of the fraudulent scheme (working on the site under the nickname "CumbaJohnny"), he was not charged.

According to the indictment, 4,000 people registered on shadowcrew.com. After registering, they could buy stolen account numbers or fake documents at an auction or read textbooks and How-To that describe the use of cryptography in the magnetic stripes of credit cards, debit cards and bank cards so that their numbers can be used.

Site moderators punished members who did not comply with the site rules, and also returned money if stolen card numbers were invalid.

In addition to card numbers, many other identity theft items were sold at auction, including fake passports, driver’s licenses, social security cards, credit cards, debit cards, birth certificates, college student certificates, and health insurance cards.

One member sold 18 million email accounts with matching usernames, passwords, birthdates, and other personal information. Most of the accused were participants who actually sold illegal things. Users who owned or moderated the site were accused in absentia, including those who tried to register the Shadowcrew.cc domain name.

The secret service dubbed its investigation “Operation Firewall” and believed that $ 4.3 million had been stolen by that time. because Shadowcrew shared her information with other groups: Carderplanet and Darkprofits.

The investigation was carried out by units from the USA, Bulgaria, Belarus, Canada, Poland, Sweden, the Netherlands and Ukraine. Gonzalez was initially charged with holding 15 fake credit and debit cards in Newark, New Jersey, although he escaped imprisonment by providing evidence for the United States Secret Service against his accomplices. 19 members of ShadowCrew have been charged. Gonzalez then returned to Miami.

TJX Companies

Collaborating with the authorities, he said that he planned to hack TJX companies from which 45.6 million credit and debit cards were stolen in 2007 in 18 months in 2007. In 2005, 40 million entries in CardSystems Solutions were hacked . Gonzalez with ten accomplices searched for vulnerabilities in wireless networks along Route 1 in Miami. They hacked cards at BJ's Wholesale Club, DSW, Office Max, Boston Market, Barnes & Noble, Sports Authority, and TJ Maxx.

The accusers of Gonzalez called him by nicknames: "cumbajohny", "soupnazi", "segvec", "kingchilli" and "stanozlolz."

Hacking was a nuisance for TJ Maxx, who discovered the hack in December 2006. The company initially believed that the hacking began in May 2006, but further investigation revealed that it all started in July 2005.

One of Gonzalez's alleged accomplices, Stephen Watt, was 7 feet tall, and is known in the hacker world as “Unix Terrorist” and “Jim Jones.” Watt worked at Morgan Stanley in New York and wrote an interceptor program.

Arrest

Gonzalez was arrested May 7, 2008 on charges of breaking into the Dave & Buster corporate network in Islandia, New York. The incident occurred in September 2007, when around 5,000 card numbers were stolen. Fraudulent transactions totaling $ 600,000 were recorded on 675 cards.

Authorities began to suspect something after the conspirators continued to return to the restaurant to hack into the network again in order to restart the attack, since it would not restart if the computers were turned off.

Gonzalez was arrested in room 1508 at the National Hotel in Miami Beach, Florida. In related arrests, authorities seized $ 1.6 million in cash (including $ 1.1 million in plastic bags in a drum buried in his parents' backyard), his laptops, and a Glock pistol.

Officials said that Gonzalez lived in a modest house in Miami.

He stayed in the capital's Brooklyn Detention Center when he was charged with assaults on Heartland.

Partners

In the same case, several more people from the United States were going with Gonzalez. They were charged and convicted as follows:


Stephen Watt has been charged with providing a data theft tool in case of identity theft. Stephen Watt was sentenced to two years in prison and 3 years under the supervision of authorities. By order of the court, he was also required to pay $ 171.5 million in restitution.
Read more: Caught in the System, Ex-Hacker Is Stalked by His Past


Damon Patrick Toey pleaded guilty to fraud, credit card fraud and identity theft under aggravating circumstances and received five years in prison.
Read more: Coder Journeys From Wall Street to Prison


Christopher Scott pleaded guilty to conspiracy, unauthorized access to computer systems, fraud with access devices and identity theft. He was sentenced to seven years.
Read more: TJX Accomplice Sentenced to 7 Years in Prison

Payment systems Heartland

In August 2009, Gonzalez was indicted in Newark, NJ for hacking Heartland Payment Systems , Citibank 7-Eleven ATMs and Hannaford Brothers computer systems . Heartland took over the bulk of the attack, which stole 130 million card numbers. 4.6 million numbers were stolen from Hannaford. Two other retailers were not disclosed in the indictment. However, Gonzalez's lawyer told StorefrontBacktalk that two of the retailers were JC Penney and Target Corporation. Heartland said it lost $ 12.6 million in the attack, including legal costs. Gonzalez allegedly called Operation Get Rich Or Die Tryin.

According to the indictment, the attack of Gonzalez and two unknown hackers “in or near Russia” together with the “PT” conspirator from Miami began on December 26, 2007 at Heartland Payment Systems, in August 2007 at 7-Eleven, and Hannaford Brothers in November 2007 years, as well as two other unidentified companies. Gonzalez and his associates targeted large companies and studied their terminals, and then launched an attack from Internet-connected computers in New Jersey, Illinois, the Netherlands, Ukraine.

They carried out their attacks via the Internet, using many nicknames in chat rooms, stored data related to their attacks on several hacker platforms, disabled programs that register incoming and outgoing traffic and disguised themselves through the use of a “proxy”.

The indictment states that hackers tested their program on 20 anti-virus programs.

Ron Palomino Jr., a Gonzalez attorney, is accused of blogging on the New York Times for having fueled a squabble between US attorneys in New York, Massachusetts and New Jersey. Palomino noted that Gonzalez was in talks with New York and Massachusetts over a plea bargain in connection with the TJ Maxx case, when New Jersey announced its conviction. Palomino revealed the PT conspirator as Damon Patrick Toey, who pleaded guilty to the TJ Maxx case. Palomino said Toey, and not Gonzalez, was the leader of the Heartland affair. Palomino also said: “Mr. Toey has been cooperating with us from day one. He stayed in Gonzalez’s apartment. This whole idea of ​​creation belonged to Toey ... It was his brainchild. Not Albert Gonzalez. I know that he did not participate in all the chains that were hacked from New Jersey. "

Palomino said one of the unnamed Russian hackers in the Heartland case was Maxim “Maksik” Yastremsky , who was also charged with TJ Maxx, but is currently serving 30 years in a Turkish prison on charges of breaking Turkish banks in a case unrelated to Gonzalez. According to investigators, Yastremsky and Gonzalez exchanged 600 messages, and that Gonzalez paid him $ 400,000 via e-gold.


Yastremsky was detained in July 2007 in Turkey on charges of breaking into 12 banks in Turkey. The Secret Service investigation was used to form a case against Gonzalez, including secretly browsing Yastremskiy's laptop in Dubai in 2006 and reviewing the disk image of a Latvian computer rented from Cronos IT and allegedly used in the attack.

After being charged, Hearland said they did not have information on how many credit card numbers were stolen and did not have information on how the US government reached the figure of 130 million numbers.

Deal with the authorities

On August 28, 2009, Gonzalez's lawyer filed a lawsuit with the U.S. District Court for Massachusetts in Boston stating that Gonzalez pleaded guilty to all 19 U.S. charges in the Albert Gonzalez case, 08-CR-10223 (TJ Maxx case). According to reports, this plea bargain will “solve” the problems with the case in New York USA against Yastremskiy, 08-CR-00160 in the United States District Court for the Eastern District of New York (Dave and Busters case).

On March 25, 2010, U.S. District Judge Patti Saris sentenced Gonzalez to 20 years in prison for hacking and stealing information from TJX, Office Max, a chain of restaurants Dave and Busters, Barnes & Noble and several other companies. The next day, District Judge Douglas P. Woodlock sentenced him to 20 years in the Heartland payment system case. The sentences were to be executed simultaneously, which means that Gonzalez will serve a sentence of a total of 20 years for both cases. The verdict included confiscation of property: cash ($ 1.65 million dollars), a Miami condominium, a 2006 blue BMW 330i, IBM and Toshiba computers, a Glock 27 pistol, a Nokia phone, a Tiffany diamond ring, and three Rolex watches.

On March 25, 2011, Gonzalez filed a petition for clemency with the US District Court in Boston. He claimed that during the time he committed his crimes, he assisted the United States Secret Service in locating international cybercriminals and stated that his lawyers could not tell him that he could use the “state. body. " The Secret Service declined to comment on Gonzalez’s petition, which is still pending.

Gonzalez is currently serving a 20-year sentence in the United States Penitentiary Correctional Facility in Leavenworth. Gonzalez's prison term expires in 2025.

Write comments on the translation in PM or comments, I will be grateful and try to quickly improve the text.