A 28-year-old man caught in the act of using hacked ATM codes to loot Citibank accounts last May pleaded guilty this week to a single count of access device fraud, bringing to five the number of defendants who’ve entered guilty pleas in connection with an intrusion into an ATM processing server that led to at least $2 million in fraudulent withdrawals this year.
Aleksandar Aleksiev pleaded guilty to a single count of access device fraud in federal court in Manhattan on Tuesday. Aleksiev was arrested the evening of May 8, after Citibank officials monitoring their network noticed suspicious ATM transactions coming through the five cash machines in the vestibule of a Citibank’s 65th Street Branch in New York’s Upper East Side.
In late 2007, an unknown hacker penetrated a server that processes transactions from Citibank-branded ATMs at 7-Eleven convenience stores, and stole customer account numbers and PINs. According to court records, a Russian mastermind farmed out the stolen data to a small army of U.S. confederates, who made at least $2 million in fraudulent withdrawals, sending 70 percent of the profits back to Russia.
The scheme began unraveling in January, when two alleged cashers — Nue Quni and Luma Bitti — were arrested after a lucky traffic stop caught them with blank cards and a mag-stripe writer in their car. Bitti cooperated in the investigation and led the FBI to two more suspects, Andrey Baranets and Aleksandr Desevoh, who were arrested in New York after meeting with — and attempting to mug — an undercover FBI agent.
Then in late February and early March, the FBI and the U.S. Secret Service arrested two Ukrainian immigrants and two alleged co-conspirators for allegedly using more of the stolen PINs. Yuriy Rakushchynets, Angelina Kitaeva and Ivan Biltse have since pleaded guilty fraud and conspiracy charges, and Rakushchynets and Biltse agreed to forfeit the cash found stashed in their homes at their arrest: $838,000 for Rakushchynets; $912,500 for Biltse. Rakushchynets’s wife has pleaded guilty to obstruction of justice for destroying evidence stashed in the couple’s safe deposit box.
Another man, Ilya Boruch, has been charged with money laundering for allegedly helping transfer some of the proceeds of the heist to Russia through WebMoney, a PayPal-like internet-payment system.
Citibank says customers are not held responsible for fraudulent withdrawals.
Once the hack came to light in January, Citibank began monitoring the compromised accounts. At the time of the May arrest, according to court records, some $180,000 in stolen cash had walked out of ATMs in the Upper East Side in the previous three days, prompting Citibank to put the 65th Street Branch under physical surveillance.
When the bank official staking out the spot got a call alerting him to a theft in progress, he crossed the street to peer through the vestibule glass, and watched as a man in a baseball cap, jeans and a sports coat put a thick envelope into a briefcase and moved from one ATM to the next.
The official flagged down two nearby NYPD officers who’d already been briefed on the fraud, and the cops arrested Aleksiev. With his consent, they searched his bag and found six ATM-deposit envelopes stuffed with nearly $12,000 in cash, and 12 blank mag-stripe cards with stickers on them and a different PIN written on each.
Source : Wired
http://blog.wired.com/27bstroke6/2008/12/cyber-crook-ple.html