Hacker Gets Three Years For Hijacking Schwab Brokerage Accounts

[security curmudgeon <jericho () attrition org>]

http://www.darkreading.com/security/privacy/showArticle.jhtml?articleID=224202497

Hacker Gets Three Years For Hijacking Schwab Brokerage Accounts
Russian laundered more than $246,000, sending a portion back to Russia

Apr 09, 2010 | 03:52 PM
By Tim Wilson
DarkReading

A Russian national Wednesday was sentenced to 37 months in prison for 
hacking into victims' brokerage accounts at Charles Schwab, laundering 
more than $246,000 and sending a portion back to co-conspirators in 
Russia.

According to an FBI release, Aleksey Volynskiy also sold approximately 180 
stolen credit card numbers to a cooperating witness and directed that they 
be fabricated into credit cards.

According to the indictment, from approximately September 2006 through 
December 2007 Volynskiy and co-defendant Alexander Bobnev participated in 
a scheme to steal funds from bank and brokerage accounts by hacking into 
those accounts through the Internet, using personal financial information 
obtained through computer viruses and then laundering the stolen proceeds.

To carry out this scheme, Bobnev and co-conspirators in Russia used Trojan 
horses to hack into the personal computers of multiple victims in the 
United States. These Trojan horses were designed to steal personal account 
information from individual victims as they accessed their bank and 
brokerage accounts through the Internet.

After the Trojan horses captured the victims' personal account 
information, Bobnev and other co-conspirators used the information to 
access victims' bank and brokerage accounts, and thereafter made 
unauthorized sales of securities and unauthorized wire transfers out of 
these accounts.

Volynskiy, along with co-conspirators residing in the United States, next 
set up various "drop" accounts to receive the funds stolen from their 
victims' bank and brokerage accounts. Then they sent a portion of the 
stolen funds from the various drop accounts in the United States to 
co-conspirators in Russia through money remitting services, keeping a 
portion of the fraud proceeds for themselves.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php