Decoding the credit card hacking ring

Posted: Thursday, Aug 14, 2008 at 2225 hrs IST
Updated: Thursday, Aug 14, 2008 at 2225 hrs IST

Font Size

Feedback

Discuss

: began falling victim to ‘war-drivers’—drive-by hackers who searched for holes in the security of wireless networks.

According to last week’s indictments, those hackers were Gonzalez and two Miami accomplices, Christopher Scott, 25, and Damon Patrick Toey, 23.

Investigators say the conspirators began their largest heist in July 2005, when they identified a vulnerable network at a Marshall’s department store in Miami and used it to place a so-called sniffer programme on the computers of the chain’s parent company, TJX, in Framingham, Mass. The programme pulled out data like credit card numbers from the network traffic.

Fifteen months later, the company, which also owns TJ Maxx stores, admitted that up to 45 million credit and debit card numbers had been exposed in the prolonged attack. It has already cost TJX more than $130 million in settlement claims with banks and afflicted customers.

The Secret Service—which is charged with combating financial fraud in addition to protecting public officials—had until that point focused its attention on the resellers of stolen card numbers. In October 2004, the agency concluded Operation Firewall, an 18-month investigation into members of the Shadowcrew website, where blocks of purloined card numbers, known as dumps, were bought and sold. Twenty-eight people were arrested, and a hub of the shady underworld of ‘carders’—typically unemployed, technically sophisticated and highly arrogant young men—was shut down.

Assisting with that investigation was Albert Gonzalez, a Cuban-American from Miami who had been arrested in 2003 on credit card fraud charges in New Jersey and agreed to cooperate with authorities to avoid jail time.

According to the Secret Service, Gonzalez helped agents surreptitiously access the Shadowcrew site and pose as interested buyers of stolen information.

“In order to infiltrate those organisations you have to be established,” Magaw said. “You cannot just get on criminal boards and start dealing with high-level players. He provided us with that ability to do that on Shadowcrew.”

—NY Times / Brad Stone...

Post Comments

Comments: (Limit 3,000 characters)

Name		Message
Email ID
Subject

TERMS OF USE:
The views, opinions and comments posted are your, and are not endorsed by this website. You shall be solely responsible for the comment posted here. The website reserves the right to delete, reject, or otherwise remove any views, opinions and comments posted or part thereof. You shall ensure that the comment is not inflammatory, abusive, derogatory, defamatory &/or obscene, or contain pornographic matter and/or does not constitute hate mail, or violate privacy of any person (s) or breach confidentiality or otherwise is illegal, immoral or contrary to public policy. Nor should it contain anything infringing copyright &/or intellectual property rights of any person(s).

I agree to the terms of use.