Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Major International Hacker Pleads Guilty for Massive Attack on U.S. Retail and Banking Networks
US DOJ.gov/opa - Press Release ^ | December 29, 2009 | n/a

Posted on 12/30/2009 4:22:04 PM PST by Cindy

Note: The following text is a quote:

FOR IMMEDIATE RELEASE

Tuesday, December 29, 2009

Major International Hacker Pleads Guilty for Massive Attack on U.S. Retail and Banking Networks

WASHINGTON- Albert Gonzalez, 28, of Miami, pleaded guilty today to conspiring to hack into computer networks supporting major American retail and financial organizations, and to steal data relating to tens of millions of credit and debit cards, announced Assistant Attorney General of the Criminal Division Lanny A. Breuer, U.S. Attorney for the District of New Jersey Paul J. Fishman, U.S. Attorney for the District of Massachusetts Carmen Milagros Ortiz and Director of the U.S. Secret Service Mark Sullivan.

Gonzalez, aka "segvec," "soupnazi" and "j4guar17," pleaded guilty to two counts of conspiracy to gain unauthorized access to the payment card networks operated by, among others, Heartland Payment Systems, a New Jersey-based card processor; 7-Eleven, a Texas-based nationwide convenience store chain; and Hannaford Brothers Co. Inc., a Maine-based supermarket chain. The plea was entered in federal court in Boston before U.S. District Court Judge Douglas P. Woodlock. The case is one of the largest data breaches ever investigated and prosecuted in the United States.

According to information contained in the plea agreement, Gonzalez leased or otherwise controlled several servers, or "hacking platforms," and gave access to these servers to other hackers, knowing that they would use them to store malicious software, or "malware," and launch attacks against corporate victims. Malware used against several of the corporate victims was also found on a server controlled by Gonzalez. Gonzalez tested malware by running multiple anti-virus programs in an attempt to ascertain if the programs detected the malware. According to information in the plea agreement, it was foreseeable to Gonzalez that his co-conspirators would use malware to steal tens of millions of credit and debit card numbers, affecting more than 250 financial institutions. Gonzalez was indicted in New Jersey in August 2009 for this criminal conduct.

Based on the terms of the plea agreement, Gonzalez will not seek a prison term under 17 years and the government will not seek a prison term of more than 25 years. Gonzalez pleaded guilty in September 2009 in Boston to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft relating to hacks into numerous major U.S. retailers including TJX Companies, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority. Gonzalez was indicted for those offenses in August 2008 in the District of Massachusetts. Gonzalez also pleaded guilty in September 2009 in Boston to one count of conspiracy to commit wire fraud relating to hacks into the Dave & Buster’s restaurant chain, which were the subject of a May 2008 indictment in the Eastern District of New York.

As part of the plea agreement with the government, the New Jersey case was transferred to the District of Massachusetts for plea and sentencing. According to the terms of the New Jersey plea agreement, the parties agree that Gonzalez’ sentence in the New Jersey case should run concurrently with the sentence imposed in the Boston and New York cases. Gonzalez remains in federal custody. Sentencing in the Boston and New York cases is currently scheduled for March 18, 2010, in Boston. Sentencing in the New Jersey case is scheduled for March 19, 2010.

"The Department of Justice will not allow computer hackers to rob consumers of their privacy and erode the public’s confidence in the security of the marketplace," said Assistant Attorney General Breuer. "Criminals like Albert Gonzalez who operate in the shadows will be caught, exposed and held to account. Indeed, with timely reporting of data breaches and high-tech investigations, even the most sophisticated hacking rings can be uncovered and dismantled, as our prosecutors and agents demonstrated in this case."

"Commercial hackers like Gonzalez believe they are immune from detection and prosecution as they lurk in the shadows of the Internet," said U.S. Attorney Fishman of the District of New Jersey. "But time and again they are caught, prosecuted and sentenced to lengthy federal prison terms. Other hackers should sit up and take notice."

"The conviction of Mr. Gonzalez, and the unraveling of one of the most complex and large scale identity theft cases in history, should serve as a reminder to hacker organizations, that the Department of Justice will vigorously investigate and prosecute cybercrimes, regardless of their sophistication and global reach. Mr. Gonzalez’s conviction is the result of unprecedented coordination across agency and geographical lines, and I want to commend the investigators and prosecutors who have worked tirelessly to bring this case to fruition," said U.S. Attorney Ortiz of the District of Massachusetts.

"Today’s plea proves that although cyber criminals can threaten our nation’s financial sector, the Secret Service and its many partners around the world will pursue and prosecute them," said U.S. Secret Service Director Sullivan. "Time and again, cooperation and advanced methodologies have allowed us to focus our resources in order to detect and prevent these types of crimes, wherever they originate."

The New Jersey case is being prosecuted by Assistant U.S. Attorneys Erez Liebermann and Seth Kosto of the District of New Jersey, Assistant U.S. Attorneys Stephen Heymann and Donald Cabell of the District of Massachusetts, and Senior Counsel Kimberly Kiefer Peretti of the Criminal Division’s Computer Crime and Intellectual Property Section. All of these cases are being investigated by the U.S. Secret Service.


TOPICS: Crime/Corruption; Extended News; Front Page News; News/Current Events
KEYWORDS: albertgonzalez; egvec; gonzalez; hacker; hacking; j4guar17; segvec; soupnazi

1 posted on 12/30/2009 4:22:06 PM PST by Cindy
[ Post Reply | Private Reply | View Replies]

To: All

Previously...

http://www.freerepublic.com/focus/f-news/2318133/posts

“Alleged International Hacker Indicted for Massive Attack on U.S. Retail and Banking Networks”
US DOJ.gov/opa - Press Release ^ | August 17, 2009 | n/a
Posted on August 17, 2009 1:06:22 PM PDT by Cindy


2 posted on 12/30/2009 4:25:05 PM PST by Cindy
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

after 9/11 the government was looking to hire crackers. i guess that’s changed.


3 posted on 12/30/2009 4:32:52 PM PST by robomatik (III %)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Cindy

Any clue what his DU username was...??


4 posted on 12/30/2009 4:34:36 PM PST by Bean Counter (Stout Hearts....)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

They left out the fact that Cumba was working for the feds and a USSS informant. :)


5 posted on 12/30/2009 5:01:42 PM PST by happinesswithoutpeace (Nobody move, Nobody get hurt)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

*PING*


6 posted on 12/30/2009 7:49:12 PM PST by grey_whiskers (The opinions are solely those of the author and are subject to change without notice.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cindy

These guys wreak incredible damage and cost many tens of millions in lost productivity. It’s far beyond vandalism, it’s vicious international crime. I want these guys to do massive time.


7 posted on 12/31/2009 7:29:08 AM PST by Attention Surplus Disorder (Voters who thought their ship came in with 0bama are on their own Titanic.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All

Note: The following text is a quote:

http://www.justice.gov/opa/pr/2010/March/10-crm-329.html

FOR IMMEDIATE RELEASE
Friday, March 26, 2010
Leader of Hacking Ring Sentenced for Massive Identity Thefts from Payment Processor and U.S. Retail Networks

WASHINGTON – The leader of the largest hacking and identity theft ring ever prosecuted by the U.S. government has been sentenced to 20 years and one day in prison for his role in a series of hacks into a major payment processor and several retail networks, announced Assistant Attorney General for the Criminal Division Lanny A. Breuer; U.S. Attorney for the District of Massachusetts Carmen Milagros Ortiz; U.S. Attorney for the Eastern District of New York Benton J. Campbell; U.S. Attorney for the District of New Jersey Paul J. Fishman; and Director of the U.S. Secret Service Mark Sullivan.

On March 25, 2010, Albert Gonzalez, 28, of Miami, was sentenced by U.S. District Court Judge Patti B. Saris in U.S. District Court in Boston to 20 years in prison for conspiracy, computer fraud wire fraud, access device fraud and aggravated identity theft related to hacks into numerous major U.S. retailers, including the TJX Companies, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble and Sports Authority.

Thursday’s sentence also addresses the charges brought in the Eastern District of New York and transferred to Boston for plea and sentence. The New York indictment charged Gonzalez with, among other things, conspiracy to commit wire fraud relating to his breach of the electronic payment systems of the Dave and Buster’s restaurant chain. Gonzalez was also ordered to serve three years of supervised release following his prison term and to pay a fine of $25,000.

Today, Gonzalez was sentenced by U.S. District Court Judge Douglas P. Woodlock to 20 years and one day in prison for two counts of conspiracy relating to his efforts to assist others in gaining access to the payment card networks of Heartland Payment Systems, a New Jersey-based card processor; 7-Eleven, a Texas-based nationwide convenience store chain; and Hannaford Brothers Co. Inc., a Maine-based supermarket chain. Gonzalez was also ordered to serve three years of supervised release following his prison term. The prison term and the term of supervised release will run concurrently with the sentence imposed yesterday against Gonzalez. Gonzalez was ordered to pay a fine of $25,000 in addition to the fine imposed yesterday. The charges in this case were originally brought in the District of New Jersey. Restitution in all three cases will be determined by the court at a later date.

“Every day, as cyber criminals try to steal the debit and credit card numbers of unsuspecting American consumers, federal agents and prosecutors are there to catch them,” said Assistant Attorney General Lanny A. Breuer. “These sentences – some of the longest ever imposed for hacking crimes – send a powerful message to hackers around the globe that U.S. law enforcement will not allow them to breach American computer networks and payment systems, or illegally obtain identities.”

“Investigations of this magnitude – the largest of its kind in the country - remind us that as technology rapidly advances, so do our vulnerabilities. While electronic payments are simply a way of life, we must be mindful that with the stroke of the keyboard, criminal enterprises can strike from anywhere in the world,” said U.S. Attorney Carmen M. Ortiz. “I want to assure consumers that we continue to use all available resources to detect and investigate computer hacking crimes, no matter where in the world they are committed.”

“Computer hackers and identity thieves pose serious risks to our commercial, personal and financial security,” stated U.S. Attorney for the Eastern District of New York Benton J. Campbell. “Today’s sentence should serve as a warning to would-be hackers everywhere, including those who commit their crimes from abroad – you will be found, prosecuted and convicted.”

“These sentences reflect the tremendous harm Mr. Gonzalez caused millions of innocent Americans,” said U.S. Attorney Paul J. Fishman of the District of New Jersey. “They go a long way to deterring like-minded criminals who mistakenly believe they can escape arrest and prosecution by committing their crimes online and hiding behind a computer screen. This investigation demonstrates the ongoing commitment of the Department of Justice to ensure the safety and security of online commercial transactions.”

“Technology has virtually erased geographic boundaries and changed the way we do business,” said U.S. Secret Service Director Mark Sullivan. “As we have seen with this case, even with the increasing complexity of network intrusions, it remains difficult for criminals to remain anonymous. The Secret Service continues to seek new and innovative ways to combat emerging cyber threats. Our success in this case and similar investigations is a result of our close work with our worldwide network of law enforcement partners.”

According to court documents related to his conviction in the Massachusetts and New York cases, Gonzalez and his co-conspirators broke into retail credit card payment systems through a series of sophisticated techniques, including “wardriving” and installation of sniffer programs to capture credit and debit card numbers used at the victim retail stores. Wardriving involves driving around in a car with a laptop computer looking for unsecure wireless computer networks of retailers. Using these techniques, Gonzalez and his co-defendants were able to steal more than 40 million credit and debit card numbers from victim retailers. According to court documents, Gonzalez and his co-conspirators sold the numbers to others for their fraudulent use and engaged in ATM fraud by encoding the data on the magnetic stripe of blank cards and withdrawing thousands of dollars at a time from ATMs.

Gonzalez and his co-conspirators concealed and laundered their fraud proceeds by using anonymous Internet-based currencies both within the United States and abroad, and by channeling funds through bank accounts in Eastern Europe. Gonzalez’s co-conspirators were located throughout the United States, Estonia and the Ukraine. In the New Jersey case, Gonzalez provided malware to other hackers that allowed them to circumvent anti-virus programs and firewalls, and gain access to the victim companies’ networks. Gonzalez admitted in court documents that it was foreseeable that, based upon his assistance, his co-conspirators would be able to steal tens of millions of credit and debit card numbers, affecting more than 250 financial institutions.

To date, six co-conspirators have pleaded guilty in the United States. One co-conspirator, an Estonian national, was apprehended at the United States’ request by German authorities while he was travelling in Germany. He was subsequently extradited to the United States, where he pleaded guilty to his role in the hacking and identity theft scheme. Another co-conspirator was arrested and convicted in Turkey on related identity theft charges, and was sentenced to 30 years in prison.

The Boston case was prosecuted by Assistant U.S. Attorneys Stephen Heymann and Donald Cabell of the District of Massachusetts. The New York case was prosecuted by Assistant U.S. Attorney William Campos of the Eastern District of New York and by Senior Counsel Kimberly Kiefer Peretti and Trial Counsel Evan Williams of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS). The New Jersey case was prosecuted by Assistant U.S. Attorneys Erez Liebermann and Seth Kosto for the District of New Jersey, Assistant U.S. Attorney Stephen Heymann for the District of Massachusetts and by Senior Counsel Kimberly Kiefer Peretti of CCIPS. All of these cases were investigated by the U.S. Secret Service.


8 posted on 03/29/2010 1:49:25 AM PDT by Cindy
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson