U.S. and international prosecutors have taken down a criminal ring that they allege was responsible for an ATM scam last year that stole about $9 million from RBS WorldPay. The criminals were able to evade the company’s encryption system used on payroll debit cards and withdraw money from ATMs in 280 cities around the world.
A federal grand jury in Atlanta has indicted eight men in connection with the scheme, including five Estonians, one Russian, one Moldovan and one unidentified man. Prosecutors allege that the men “used sophisticated hacking techniques” to defeat the company’s encryption system. The scam, which hit RBS WorldPay last November, involved an elaborate plan in which the attackers first bypassed the encryption on the debit cards, which RBS WorldPay issues to customers for employee payroll purposes. They then raised the limits on the accounts attached to the cards.
Once that was done, the gang then allegedly “provided a network of ‘cashers’ with 44 counterfeit payroll debit
cards, which were used to withdraw more than $9 million from more than
2,100 ATMs in at least 280 cities worldwide, including cities in the
United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and
Canada. The $9 million loss occurred within a span of less than 12
hours,” the Department of Justice said in a statement on the indictments released Tuesday.
See related story: Anatomy of the RBS WorldPay Hack
Justice officials said the hackers then tried to erase their tracks on the card processing network, but that RBS WorldPay identified the fraudulent activity and reported it quickly.
Five of the defendants, Igor Grudijev, Ronald Tsoi, Evelin Tsoi, Mihhail Jevgenov and Sergei Tsurikov are being held in Estonia. Tsurikov is awaiting extradition to the U.S., while the other four are to be prosecuted in Estonia. The other defendants are Viktor Pleshchuk of St. Petersburg, Russia, Oleg Covelin of Chisinau, Moldova, and a person the prosecutors identified only as “Hacker3.”
“Last November, in just one day, an American credit card processor was
hacked in perhaps the most sophisticated and organized computer fraud
attack ever conducted. Today, almost exactly one year later, the
leaders of this attack have been charged. This investigation has broken
the back of one of the most sophisticated computer hacking rings in the
world. This success would not have been possible without the efforts of
the victim, and unprecedented cooperation from various law enforcement
agencies worldwide,” said Acting U.S. Attorney Sally Quillian Yates of
the Northern District of Georgia, in a statement.