Hackers Trio Indicted for Stealing Millions of Credit Cards Numbers
Albert Gonzales, 28, of Miami (US), alongwith his two Russian associates, has been indicted by a federal jury at Newark (US) for supposedly hacking the systems at New Jersey-based card processing company Heartland Payment Systems, 7-Eleven, Hannaford Brothers and two other anonymous US retailers. It is claimed that they have stolen 130 Million credit and debit cards, as per the news published by informationweek.com on August 17, 2009.
According to the documents filed in the court, the trio installed sniffer software on the servers of the companies using SQL injection. This enabled them to intercept the credit card details of the people while it was being processed. Actually, these hackers tested their malware against nearly 20 distinct anti-virus programs to ensure that it would go undetected. They developed the malware so intelligently so as to erase evidence from compromised networks to avoid forensic detection.
Commenting on the level of sophistication used by the trio in this operation, Seth Kosto, Assistant US Attorney, New Jersey office, stated that the testing the malware in advance enabled the hackers to evade the anti-virus software as well as the intelligent programming by which malware cuts the probability of its being detected are enough to show the extent of sophistication, reported wired.com on August 17, 2009.
Further details of the indictment revealed that Gonzalez calling his operation as "Operation Get Rich or Die Tryin" was also assisted by programmer Stephen Watt, 25, working at finance company Morgan Stanley. Watt was responsible for developing a sniffing software called "blabla" that was used by the gang of Gonzalez to drain off credit and debit card numbers from the companies including TJX. He will be facing sentencing in August 2009.
According to the prosecutors involved in the prosecution of Gonzalez, these breaches comprise the biggest case of identity theft and data breach ever prosecuted in the US. Other breaches are still being investigated as the involvement of Gonzalez in even more such intrusions can't be ruled out.
However, as of now, the mastermind Gonzales has not pleaded guilty to charges raised against him.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 29-08-2009