Double cheating. How the FBI used the Ukrainian hacker Maxim Popov

Original author: Kevin Poulsen
  • Transfer


On a cold day on January 18, 2001, Maxim Igorevich Popov, a 20-year-old Ukrainian guy, nervously pushed the doors of the American embassy in London. He could be mistaken for a student exchange program participant who came to get a visa, but Maxim was actually a hacker, a member of an Eastern European hacker group that attacked American commercial companies, earning extortion and fraud. The rushing wave of such attacks looked like a harbinger of a new stage of the Cold War between the United States and organized hacker groups in the countries of the former Soviet bloc. Maxim Popov with a children's face, glasses and a short haircut, was going to be the first defector in this war.

This was preceded by four months of telephone calls and two preliminary visits to the embassy. Now Popov has met with an assistant FBI legal attache to present a passport and approve final agreements. After completing the formalities, he soon wandered through the winter cold of Grosvenor Square into a hotel room, which he was rented by the embassy. He opened his laptop, as well as the hotel minibar, and read new mail, emptying small bottles of whiskey, until he passed out. The next day, January 19, 2001, Popov, accompanied by FBI agents, arrived at the airport and boarded a TWA flight to the United States.

Maxim was nervous, but it was a joyful excitement. He left his parents, institute and everything that was familiar, but in the USA he will become more than just an obedient son and a student. Popov was wanted and participated in an international conspiracy, as a character in one of the cyberpunk novels that he loved so much. He will provide services to the government for a fair fee, using his knowledge in the field of information security, and then launch an online startup to make a fortune and become rich. These were the plans.

But when the plane landed, it became clear that the contract worked a little differently. Friendly FBI agents in the past threw Maxim into the isolation ward, and an hour later returned with the federal prosecutor, lawyer, and the terms of the deal, which were not discussed: Popov will become their informant, will work seven days a week to lure accomplices trapped by the FBI. If he refuses, he will go to jail.

Maxim was completely discouraged. He realized that he was circled around his finger. The guy was placed under FBI security around the clock in a safe house in Fer Lakes, Virginia, and ordered to chat with his friends in Russian-language chat rooms, while the bureau was recording everything. But Maxim had his own trump cards in his sleeve. He only pretended to cooperate, and he used colloquial words incomprehensible to the Americans to warn his comrades that the US government had taken him into custody. When the agents finally received the translated logs after three months, they became furious. Maxim was immediately taken out of the safe house to the cell of a small local prison, about to indict past cybercrimes. The Ukrainian behaved provocatively: “Go to w% pu,” he said. “You don't know what you're dealing with.” But the guy was scared. Prosecutors from all over the country lined up to participate in the process. It seemed that nothing could save from the bleak future of prison cells and endless American courts.

Ernest “EJ” Hilbert, an agent from the provincial FBI office in Santa Ana, California, thought otherwise. He knew better than anyone that the government needed Popov.

Gilbert realized that the United States was at a crucial stage in the development of computer crime. During the 90s, hacking was a sport for entertainment. But in the 2000s, the first shocks of an impending earthquake came from Eastern Europe. There were signs everywhere if you knew where to look: changes in the types of hacked websites, the volume of spam and phishing attacks, a spike in credit card fraud after many years of constant decline. Hacking turned into a professional and profitable business.

In 2001, Ukrainian and Russian hackers launched the CarderPlanet websitethat gave the underground community an additional dangerous advantage: scalability. CarderPlanet worked as a global marketplace for buying and selling credit card numbers, passwords, hijacked bank accounts, and sensitive data. The site posted paid ads, there was an eBay-style rating system, a well-organized forum. For the first time, a beginner carder could find all the necessary materials to work on a single site. Thousands of new users registered.

Gilbert concluded that he could hack this system. But first, he needed to split the angry Ukrainian hacker, who had once fooled the FBI.



Maxim Popov grew up in the 1000-year-old city of Zhytomyr, two hours drive west of Kiev at a time when Ukraine was taking its first steps after the collapse of the Soviet Union. He mastered computers early, having received his first education at a school on the clumsy clones of Ukrainian-made IBM XT called Search-1. On his 15th birthday, his father bought him a home computer and modem, and Maxim first went online.

Brought up on cyberpunk science fiction and the 1995 film “Hackers,” Maxim Popov knew two things from the very beginning. Firstly, he will become an illegal hacker. Secondly, he will earn money on this. Maxim found many like-minded people in Russian-language forums. In the late 90s, the former Soviet republics were literally teeming with smart young programmers, who at the same time did not have special career prospects. Carders and hackers launched their own dot-com gold rush on Suva, stealing credit cards from American online stores.

Popov was not as technically savvy as many of his colleagues, but he had a talent for manipulating people and good knowledge of English. He began to earn cash from stolen credit cards, using almost flawless English to confirm fraud orders by phone in American stores. The business went well for about a year, but stores gradually began to be suspicious of delivery addresses from Eastern Europe, so the scheme went bad.

At the same time, local bandits found out about Maxim’s big earnings and started visiting him, extorting money. Popov realized that he himself could apply the scheme of extortion in a more elegant form. He and his friends hacked into computers of one company, copied the user database, and then Popov himself contacted the company and offered the services of an “information security consultant” so that the hacking would be kept secret and the database not published - with corresponding payment for his services.

In July 2000, they hacked E-Money, the now-defunct electronic payment system from Washington, and stole 38,000 customers' credit card information. From the Western Union website, they obtained another 16,000 user records, with names, addresses, passwords, and bank cards. Popov made contact with companies and offered hacking protection and the destruction of stolen data for a small fee for consulting services in the amount of $ 50,000 to $ 500,000.

However, the tactics brought an unpleasant result. E-Money delayed negotiations, secretly contacting the FBI, and Western Union publicly announced the hack, depriving the hacker of the hope of receiving money. His efforts did not lead to anything, and the pressure of neighboring groups grew. Popov felt trapped, remaining in Zhitomir, surrounded by middle-aged fraudsters and threatened with violence. He began to reflect on a bold step: go over to the side of the American police. Maxim thought that he could run away from Ukraine and impersonate a repaired hacker and computer security expert in a country of open opportunities.

He ended up locked up in a St. Louis prison near the Western Union office. At least until Agent Gilbert came for him.

A family man of strict rules, as if from the screen of TV shows of the 50s, Gilbert looked exactly what a federal agent should look like, with a serious look and neat combed dark hair. At the age of 29, he gave up his career as a school history teacher in order to fulfill his old dream and put on the FBI badge. From the first case, he was assigned to engage in cybercrime: he figured out an experienced Ural hacker who got into the computers of a commercial company in Anaheim, California, and then helped organize a trap to lure this hacker into Seattle, where the FBI could arrest him. Gilbert understood hackers. As a boy from the suburbs of San Diego, he indulged in innocent hacking himself, taking the nickname Idolin - an ancient term meaning a ghost or spirit .

Gilbert knew that Russian-speaking and experienced fraudster Popov was able to infiltrate places where the FBI had ordered entry through underground chats and forums, establishing links with community members and supplying the bureau with much-needed evidence and operational information. The trick was to start cautiously courting Popov, stroking his vanity and showing respect for his hacking skills.

Gilbert discussed the plan with the Los Angeles attorney, who was conducting a case against Maxim Popov, and soon the two met with a Ukrainian hacker and his lawyers in the office of the St. Louis Attorney. They explained the terms of the deal. Popov will serve the case in Missouri, and the government will consolidate the rest of the case and transfer it to Southern California, where the hacker will work out all the charges, becoming an undercover agent for the FBI.

This time, Maxim was not required to make friends. His goals were chosen by strangers to whom the hacker did not have sympathy. Gilbert called it intelligence gathering, as in James Bond movies. “I really respect your skills,” he said. Popov signed a plea bargain and accepted a government proposal in March 2002. Gilbert had a mule.



Popov could not give up the chance to demonstrate his skills. Before he got off the Con Air flight to California, he was already sitting at a computer designed to study law in the Santa Ana Prison library. He discovered that the machine was connected to the prison’s local area network, and in a few keystrokes Maxim sent “defiling comments and remarks,” as was later indicated in the disciplinary report, to printers in all offices. The guards laid him face on the floor, but Popov did not regret what he had done. In prison, even the smallest hack became a breath of fresh air.

The long-awaited relief came in August when Gilbert and another agent took the hacker out of the cell on his first working day. During the procedure, which became a daily routine, the arrested's legs and arms were chained while he was being taken out to the car. After a short trip, they opened the back door of the office building and took Maxim into a small room furnished with office furniture, with several Windows computers confiscated during the anti-piracy raid. Gilbert fastened the handcuffs to a table opposite the computer and the Cyrillic keyboard. Maxim was ecstatic. Compared to the prison, the gray office room seemed like a presidential apartment. Here he could do anything.

The operation was called Ant City. Returning online, Popov took on a new identity, began to hang out in underground chats and publish messages on CarderPlanet, posing as an outstanding Ukrainian scammer who constantly needs credit cards. His first major target was one of the tops in the CarderPlanet secret hierarchy: a mysterious Ukrainian hacker known only by his nickname Script. Popov contacted him in early September, and two began to correspond directly with ICQ. Two weeks later, Popov agreed to buy stolen credit cards for $ 400. By sending electronic information to a customer in California, Script became a criminal in US jurisdiction. Subsequently, the evidence will lead to the detention of the hacker by the American police, although he will be released after six months [now isdeputy of the Verkhovna Rada of Ukraine - approx. per.].

Such “test purchases” of stolen cards were a key element of Gilbert’s strategy: scattering a little money for Popov was an easy way to establish contacts, and after receiving the cards, Gilbert could find out the source of the leak through credit companies. Popov continued to conclude deals and collect intelligence.

Sometimes they worked for several hours, and sometimes they worked 10 hours a day. Regardless of the success of the hacker, every day ended the same way: Gilbert returned home to his family, and Popov - to the dirty prison cell. But once on Thanksgiving, a federal agent made an unexpected surprise to his ward. When Popov arrived at work, he saw a projector on the table aimed at the wall. Gilbert pressed a couple of buttons on his laptop - and the opening credits of The Lord of the Rings: The Fellowship of the Ring, which had just been released on DVD, appeared on the screen.

For lunch, Gilbert brought real holiday food: stuffed turkey with cranberry syrup and sweet potatoes, and even pumpkin pie. Maxim was moved, because Gilbert decided to spend part of the weekend with him, and not with his own family.


Agent Gilbert was so pleased with Popov’s success that he bought Thanksgiving dinner and brought a projector with the movie The Lord of the Rings.

Rumors about Ant City’s operation spread to the Bureau, and over time, Gilbert began to receive requests from other FBI units to investigate specific hacks. The largest happened in February 2003: 8 million customer bank cards were stolen from the processing company Data Processing International. Popov started asking about DPI in the forums, and one of his acquaintances, a 21-year-old Russian student under the nickname RES, said that he knew three hackers who carried out this hack.

Popov boldly declared that he wanted to buy all 8 million cards for $ 200,000, but first he wanted to get a small sample. This sample would allow Gilbert to determine that the maps were indeed obtained from DPI computers. But RES only laughed at the suggestion. Popov’s relatively modest past purchases did not indicate that he has two hundred thousand dollars.

Gilbert came up with a solution. Maxim was dressed in street clothes and, accompanied by FBI agents, was taken to the nearest bank, which agreed to cooperate, for safety. Bank employees removed $ 200,000 in banknotes from the vault into the office building and laid them out on a table. Gilbert removed Maxim’s handcuffs and recorded a short video of him shuffling a bundle of cash.

“Look, I'm showing bablos,” Popov said in Russian. - Real money, your mother, without garbage. I will put them on my account. ” He took a bill out of the pack and brought it close to the camera: “All the fucking watermarks, all the shit here. I show you point blank. ”He dismissively threw the bill on the table. - So call the lads and let the pancake decide the matter! ”

The video satisfied the Russians. Identifying RES was even easier. Popov mentioned that part of the money was earned by working at Hermes-Plast, a company that manufactures plastic cards. Assuming that the Russian hacker himself will try to get a job in this company, he gave a link to their website and the email address of the alleged boss Anatoly Feldman.

RES sent a resume to Feldman on the same day, along with a scanned copy of his national passport of the Russian Federation.

Of course, Germest-Plast was a fictitious company organized by Gilbert and Popov. Now the FBI knew the real name RES, its date of birth and address. Such a surprisingly simple trick worked again and again. One thing Popov always knew about Eastern European hackers: they always need work.



After 8 months of work at the bureau, on April 8, 2003, Maxim Popov was taken out of Santa Ana prison and escorted to court for sentencing. At the request of the U.S. government, federal judge David Carter sentenced him to pay a sentence of three years of judicial review. The judge immediately ordered that all records of this sentence be sealed.

28 months after he boarded a plane to the USA, Maxim Popov was finally at large - in the middle of California County Orange County, 13 kilometers from Disneyland and on the other side of the planet from his native Zhytomyr. His immigration status was unclear. Maxim did not have a green card or social security number, so he could not get a legal job in America or a driver’s license. Gilbert made sure that the FBI rented an apartment near the beach and paid a thousand dollars a monthly “scholarship” for participating in Operation Ant City. But Popov was never able to get used to the routine of living in suburban heat in the middle of freeways and shopping centers. One of July days, he was standing at a bus stop near the probation office, when a local resident approached him, he was drunk, he was aggressive and cursed. Maxim Popov hit him lightly, but the local resident lost consciousness and was flat on the sidewalk. In a panic, Maxim called the FBI, already imagining that he would be sent back to prison. He firmly decided for himself: if he could get out of this, he would return home.

Judge Carter gave Popov permission to visit Ukraine, subject to a mandatory return to California on August 18, where he must live the rest of his three-year term under judicial supervision. Gilbert took him to the airport and said goodbye, knowing for sure that he would never see him again.

Operation Ant City has ended. According to Gilbert, during this time about 400,000 stolen credit cards were revealed on the black market, and more than 700 companies were warned that they were hacked by hackers from Eastern Europe. Charges were brought against ten suspects, including against Script, but no one was extradited.



Gilbert maintained contact with Popov after his return to his homeland. He founded his business, opened a company called Cybercrime Monitoring Systems (Cycmos). As Popov himself describes it, a company monitors underground markets and sells intelligence to companies against which an attack is being prepared or has already been committed. Gilbert confirmed that it is. Apparently, Maxim Popov began to apply in his business the skills acquired during Operation Ant City. He also sent Gilbert a constant stream of tips and information on his old friendship.

On New Year's Eve 2004, Gilbert’s cell phone rang: “Hey, you know what? - Popov said in his even, pleasant accent, “There is something new here.” He explained that it was a big hack. And, which is characteristic, this time the victim was not some company, but the FBI itself.

Popov was following a hacker group that specialized in working with the X.25 network protocol of the pre-Internet era, which was used in the 70s and 80s in the first packet-switched public networks. By 2004, the X.25 protocol was outdated, like Betamax with respect to VHS, but older networks still supported it for backward compatibility in thousands of corporations and government agencies around the world.

Russian hackers rummaged through these ancient networks, and one day they came across something interesting. They were introduced into the computer network of the AT&T data center in New Jersey, where, under the contract, mail servers of a number of US government agencies were installed. One of them was the FBI, which gave Russians access to correspondence of all agents with fbi .gov mailing addresses .

Gilbert hung up and immediately called his boss. He was soon on a plane to Washington to lead the investigation. Gilbert got the FBI to allocate $ 10,000 to pay for Cycmos, which would get any material stolen from the FBI’s servers and identify any of the hackers who participated in the operation. Popov handed over two documents, according to him, received from the FBI mailboxes: an 11-page dossier to one of the CarderPlanet administrators under the nickname King Arthur , as well as spreadsheets with a list of cybercriminal targets of the FBI and the Secret Service, separated by jurisdiction.

The list of goals was six months ago and labeled “Law Enforcement Sensitive” and “Do not transmit over the Internet”. For the community, it was potentially a gold mine, because the documents contained nicknames - and in some cases real names - more than 100 hackers caught in the sight of the US government, with superficial marks like "priority goal" or "currently cooperating with the government." The White House was informed of the leak, which raised rates even higher. Gilbert asked Popov to get more information.

Maxim began to dig. He showed Gilbert an underground chat where he could find the leader of a hacker group specializing in X.25. Soon, Gilbert himself spoke with Leonid Sokolov, a student at St. Petersburg University. In a conversation, he confirmed the hacking of the AT&T data center and the theft of documents. Gilbert got what he wanted. This was the biggest deal of his career.


“Bablos is real !,” ​​said Popov in a video shot for a Russian hacker. - So call the lads and let the pancake decide the matter! ”

But not without unpleasant incidents. On February 10, 2005, Gilbert was summoned to the FBI headquarters. Five bosses sat in the conference room, and an angry federal prosecutor cursed over the speakerphone.

It turned out that several corporations became victims of the X.25 hacker group, and Maxim Popov turned to them, offering his help. One of the victims was the Boston-based EMC with multi-billion dollar turnover, and hackers stole the source code of the popular VMware virtualization software from it. If the source code goes public, hackers from all over the world can research it for vulnerabilities. VMware is used to isolate virtual machines on a single server, so in the worst case scenario, an attacker can use a bug in the program and exit the isolated environment of one virtual machine, gaining access to the server and all other virtual machines.

Using his standard business pseudonym, Denis Pinhaus, Popov contacted EMC and warned them of a hack. For the right price, he promised to prevent the publication of the source in the public domain and help in the technical investigation of the hack. As before, Popov told EMC the name and contact information of an FBI agent who can confirm his reliability: Ernest Gilbert.

Obviously, the EMC considered that there was an attempt to extort, and reported to the Boston prosecutor. The statement hit the table of Stephen Heymann, the tough prosecutor. He specialized in computer hacking, and later became notorious for the persecution of Internet activist Aaron Schwartz, who eventually led to suicide .

Now, Hayman, over the speakerphone, demanded an answer: who is Pinhouse? Gilbert explained that Pinhouse was an FBI asset that was helping with an urgent investigation. “I need this guy now,” he said. Hayman did not hesitate. He insisted that the Ukrainian should be charged and extradited. He demanded that Gilbert give his real name.

Gilbert refused. Hayman had the right to open a criminal case against Pinhouse under his pseudonym and request from the FBI through official channels information about his real name. But he won’t get it from Gilbert.

Such a refusal was unacceptable to the prosecutor from Boston, the city where the dirtiest scandal with the FBI was still remembered. The prosecutor sent a former FBI agent to prison, who for decades covered up a murderer and one of the gangster leaders in South Boston for working as an informant. “This is another Whitey Bulger case !” The prosecutor growled.

The boss ordered Gilbert to leave the room. Gilbert went to his computer and sent a message to Popov to stay away from EMC: “Drop it, okay? - Gilbert recalls the text. - It is important. Everyone is studying this situation. You need to quit. "

Gilbert is back to AT&T. Sokolov was indicted at a private meeting in New Jersey, and a Red Notice secret order was issued to Interpol to arrest him as soon as he left Russia and entered the country that signed the extradition treaty with the United States. Popov received a fee and an official letter of appreciation from the FBI, which he could post on his website: “We express our gratitude for the assistance provided.”

The whole thing remained hidden in the dark depths of the history of the FBI. The only public mention of the FBI.gov hack was an article in Newsweek in 2005, and the bureau downplayed the incident, stating that no important information had been stolen.

The argument with the Boston prosecutor was almost erased from Gilbert's memory. But four months later, the bureau unexpectedly received an order to interrupt all contacts with Popov and transfer over 600 pages of logs for 18 months of online correspondence. Soon after, he was transferred from the Cybercrime Unit to the Counter-Terrorism Unit.

Gilbert plunged into a new task, but over time he noticed something strange. He was removed from any encouragement, and the agents he had known for decades stopped talking to him. In August 2006, he applied for the position of chief in the Los Angeles division. When the vacancy information reached headquarters, Gilbert was unexpectedly deleted from the list of candidates and told not to reapply. “What the hell is going on?” Gilbert asked his boss. Then he found out what was known to everyone around him: an investigation was underway against him. For the past year, the Department of the Ministry of Justice’s Office of the Inspector General has been prosecuting suspected fraud and conspiracy against the government, as well as leaking confidential information from law enforcement agencies,

Gilbert was devastated. He always dreamed of working at the FBI, but the investigation may omit the barrier to raise him up the career ladder, and he has two children at home and a third on the way. He began to slowly look for employment opportunities in the private sector, and in February 2007 he went into the chief’s office, handed over his weapons, ID and resigned. That same outstanding investigation ultimately put an end to his eight-year career with the FBI.

Gilbert did well at the new workplace as a consultant when Popov called him again, completely unexpectedly. More than six years have passed since their last conversation, and this time Popov had no business proposal and no valuable information. Only gratitude.

“He called to thank me for the way I treated him, and for his time in prison, and how it was all done,” Gilbert told me at lunch in the Orange County family restaurant in early 2013. “Now he came home and changed his life, he now has a family, and he owes me everything he has - these are his words.”

A call from Popov only stirred up in Gilbert that vague feeling that the government had treated him unfairly. Even after his dismissal, the Inspector General’s office continued to investigate him, and once even sent agents to Gilbert’s workplace for interrogation. In the end, it was not until 2009 that the investigation was terminated when the Ministry of Justice formally refused to bring charges.

In a conversation with me, Maxim Popov first said the same thing as Gilbert. But over time, additional subtext appeared. Popov harbored a personal grudge against EMC for that story. The fact is that by the time he called Gilbert, he had already settled the deal with EMC.

It turned out that at the same time as a complaint to the prosecutor, EMC secretly made a deal with Popov in 2005, he says, and paid him $ 30,000 immediately, and also promised another $ 40,000 in four installments in four years, provided that the stolen VMware code does not go public access. He completed his part of the transaction. The code was never published, and the fact that the most valuable assets of the corporation are in the hands of foreign hackers remained unknown to the shareholders and customers of the company.

Four years later, he contacted EMC for the company to pay him the balance of the total amount of $ 70,000, but the company refused to pay, he says (representatives of EMC declined to comment). By then, EMC had VMware as a separate business. For Popov, it looked as if they wanted to pretend that nothing had happened.


Gilbert went into the chief’s office, handed over his weapons, ID and resigned - his eight-year career at the FBI was over.

Explicit disrespect touched Maxim and he wanted to take revenge. Popov created a new identity - Hardcore Charlie , a hacktivist from the Anonymous movement. On April 23, 2012, almost eight years after the theft, the first 520 lines of VMware source code appeared in the public domain.

Despite the age of the source, information about the leak made a noise in the computer world and raised the ears of employees in VMware's offices in Palo Alto. The 2004 hack has long since evaporated from corporate memory, and part of the stolen kernel code is still used in the latest version of the product. Security Director Iain Mulholland, a former British Army officer, launched a powerful operation to minimize damage and hired all the auditors he could reach to search for vulnerabilities in the kernel code. The company released the first of many security updates that patched holes found within 10 days. By the time Popov posted a larger code snippet in November 2012, all critical vulnerabilities were fixed.

Such actions are not very similar to those of a regular information security consultant. When I put a little pressure on Maxim, he finally recognized the obvious: hacking EMC and the FBI mail servers was not a simple attack by a random hacker.

“Technically, we did it,” Maxim told me in a telephone conversation late at night.

Sokolov, the St. Petersburg student against whom the FBI charged and wanted by Interpol, worked from the very beginning with Popov, squeezing money after the X.25 hacking. “He is the best of the best,” said Popov. When they entered the AT&T data center, Popov came to the conclusion that the telecommunications giant would easily pay $ 150,000 to find out the details of the hack and protect its government contracts. Only when AT&T refused the deal did Popov call Gilbert and talk about the hack, hoping the FBI would pay for the information.

Having concluded a deal with Gilbert, Popov persuaded Sokolov to chat with an agent in order to “solve” the crime. Popov says Gilbert himself was not a member of the conspiracy. “I think he suspected something, in fact,” Popov said. “But then it was not so obvious.”

I can’t confirm whether Gilbert suspected something or not, because by the time Popov recognized, Gilbert himself had stopped communicating with me, because the announcement of this story with the operation of Ant City could damage his new career as director of computer security and data protection at PricewaterhouseCoopers, the largest consulting and audit company.

For his part, Popov, who is now 35 years old, seems both impudent and weary. He does not regret hacking the FBI. But his audacity goes a little dumb when I ask what role his duplicity played in ruining Gilbert’s career with the FBI.

Popov still remembers Thanksgiving 2002, Turkey and The Lord of the Rings.
“He was my only friend,” Popov says of Gilbert. “I still love him, even if he is somewhat estranged from me because of my new affairs.” I am still a blackhat, and always have been. But who cares? I still love him. ”



In the years since Ant City’s operation, the underground community in Eastern Europe has come a long way and grown to enormous proportions. Hacks of Target and Home Depot led to the leakage of nearly 100 million debit and credit cards in 2013 and 2014. ZeuS, a banking Trojan made in Russia, contributed to the theft of online banking to its highest level in 10 years. Worms and botnets, ransomware that encrypt files and require ransom for bitcoins, even a complex scheme of insider trading with a loss of $ 100 million - all this is connected with hackers from the former Soviet republics. As usual, scalability is everything. A Russian hacker does not hack into a bank to steal some money. He creates a software package that automates hacking banks, and sells it in clandestine forums for $ 3,000 per copy. His clients - real thieves - hire spammers to spread malware and money mules to launder money. Each has its own specialization. Everyone receives a reward.

Gilbert’s work with Popov was the first attempt to split the world, although in many respects it was just a new method of traditional law enforcement tactics. When a federal agency encounters a powerful criminal machine, it invariably tries to sabotage its work from within. And to do this, the agency must become a working component in the very criminal mechanism that it hopes to destroy. Such tactics always threaten fragile balance, and Ant City operation was not the last example when it brings the opposite effect. Shortly after her, in another case, Secret Service informant Albert Gonzalezentered into a secret conspiracy with Russian hackers, which resulted in the leakage of 160 million credit cards and caused hundreds of millions of dollars of damage - before he was caught and sentenced to 20 years in prison in 2010. Federal Attorney, Assistant Attorney Hayman, requested 25 years.

Some operations culminate in arrests and presentations of awards, others in silence and confusion. The only thing that remains unchanged is the underground of Eastern Europe, which grinds any obstacles, like any machine, tirelessly and indifferently, mainly just in search of a paid job.

Also popular now: