You should be familiar with the TJX case by now (TJX Largest Breach of Customer Data in U.S. History) and we’ve been following it here for a couple of years.
We reported back in August last year that the TJX Credit Card Hackers were Busted and now one of the 11 guys involved has been slammed with one of the longest ever cybercrime sentences. He wasn’t directly involved in the TJX hack but he does seem to be one of the ‘enablers’ trading the stolen details and aiding in money laundering. He he said to have a made a massive $11 million from this!
Yastremskiy – or ‘Maksik’ as he was sometimes identified – was one of 11 people eventually arrested at the request of the US Department of Justice, with the Ukrainian reportedly being apprehended in undignified fashion outside a Turkish nightclub in 2008.
Yastremskiy’s part in the crime was allegedly to have purchased credit card numbers stolen during the huge crime, providing the gang with an economic hub for its activities. Other members of the gang hailed from Estonia, Belarus, China, and several parts of the US itself, underlining the global nature of modern electronic crime.
Although not the perpetrator of the hack itself, Yastremskiy would have been essential to its success. He is reported to have been suspected of being behind other crimes not related to the TJX Maxx affair.
Apparently on top of the crazy life sentence (life sentence is usually considered as 25 years) he got fined $23,000 as well – but that’s peanuts compared to the 11 mills he’s made. I think it’s a pretty harsh sentence, but the guy was flaunting it…not very wise really. And he was committing some pretty serious offline fraud with the money laundering, he was bound to get screwed with the US on his tail.
He was actually charged in August when we reported it for trafficking in stolen credit card information harvested from a string of retail firms including TJX, OfficeMax, Barnes & Noble, Forever 21, DSW, and Marshall’s, amongst others.
The TJX hack will go down as the first major disclosed commercial hack in history, after US-based hackers were able to ‘wardrive’ their way into a poorly-protected Wi-Fi system used for point-of-sale traffic. Forty-five million customer credit cards were said to have been exposed, leaving parent company. TJX Maxx, owning up to potential liabilities of at least $118 million.
Security vendors queued up to declare their satisfaction at the sentence. “Yastremskiy will certainly have plenty of time to ponder whether his hacking activities were worthwhile,” commented Graham Cluley of Sophos.
“The length of this jail time should also make others engaged in cybercrime think again,” he said. “It may seem like the chances of being caught are small, but there are more and more convictions happening all the time, and the authorities are getting better than ever at co-operating at an international level to catch the bad guys.”
US authorities have filed extradition papers but he still stood trial in Turkey for separate offences, if he ever makes it to the US it’s a good guess that he can cut a sweet deal by being a star witness for the prosecution and getting a reduced sentence in a much more comfortable white-collar US prison.
What do you guys think about the sentence, too harsh?
Source: Network World
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- Spanish ‘Super’ Hacker Jailed for 2 Years over DoS attack
- Webcam Hacker Jailed for 4 Years for Spying on Teenager
- TJX (T.J. Maxx and Marshall’s) Largest Breach of Customer Data in U.S. History
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,135,972 views
- Hack Tools/Exploits - 579,444 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 413,245 views