Search This Blog

Showing posts with label FSB. Show all posts

Russian Security Services Track Down Colossal Credit Card Fraud Ring


Russian Security Services (RSB) has tracked down and charged an international credit card fraud ring arresting 25 accused. The carding kingpin is suspected to be linked with dozens of carding shops and with some of the most significant data breaches plaguing the Western World. FSB, the Russian Federal System, issued a statement this week stating they arrested 25 individuals accused of circulating illegal means of payment tied with around 90 websites that sold stolen credit cards. Though the FSB did not release a list of names, a blog LiveJournal by cybersecurity blogger Andrey Sporov leaked the details of the raid and exposed that the infamous hacker Alexey Stroganov, who goes by the hacker names "Flint" and "Flint24" was also among the arrested.


According to Intel 471, a cyber intelligence firm Stroganov is with some of the major cyber threats since 2001. Stroganov and his associate Gerasim Silivanon (a.k.a. "Gaborik ") were also sentenced to six years of imprisonment in Russia in 2006 but were out in two years. "Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene," reads an analysis by Intel 471. "You can draw your conclusions [about why he was released early]," Sporaw wrote, hinting at the use of unfair means to get out of jail early. Flint is one of the big players of the stolen credit card market, working as a wholesaler of credit card data with cyber crooks who bought these cards from him in bulk - 100,000 pieces at once.

Various cyber forums say that Stroganov and his guys were caught because they broke "the golden rule" of hackers from Soviet countries- never target your country people or bank. Flint's "Trust Your Client" These carding sites had a standard scheme they supported to earn trust and loyalty from those who bought these stolen cards. This system allowed their customers to get instant refunds on bad cards without proving that the tickets were canceled by the bank before they could be used. So, these sites installed money-back insurance called "checkers," which can be used by their customers to check the cards (accessible only for a few minutes of buying the tickets) by giving extra money, few cents per card. But slowly, it was claimed that these checkers gave inaccurate results to benefit the card shops.

So, Flint and his gang came up with a policy "Trust your client," through which if the customer claimed that the card was fraudulent, they would get a refund no question asked but only within six hours of buying the ticket. But they probably had their checkers too for checking bad cards.

The Federal Security Service (FSB) of the Russian Federation purchased equipment for hacking smart devices - Hacker group Digital Revolution


Hacker group Digital Revolution published documents according to which the FSB ordered the creation of the Fronton program for organizing cyberattacks using the Internet of things devices.

According to the technical documentation published by hackers, there are three versions of the program — Fronton, Fronton-3D and Fronton-18. They allow infecting smart devices (from digital assistants to smart homes), integrate them into a network and “crash” the servers responsible for the stability of large Internet services and the Internet in entire countries.

It's interesting to note that the Moscow company 0day (LLC 0DT) could have participated in the development of the programs. Previously, the company also carried out orders of the Ministry of Internal Affairs.

According to the published documents, the Internet of things is "less secure, unlike mobile devices and servers." This is due to the fact that many users use smart devices instantly, without changing factory usernames and passwords.

FSB contractors cite the experience of Mirai, the largest network of infected IoT devices, which had 600,000 bots. In 2016, it disabled the DNS servers of the American company Dyn, which made PayPal, Twitter, Netflix and about 70 other services unavailable for some time. At the same time, the organizers of the attack did not use computers, but printers, children's monitors and IoT routers.
Hackers noted that Fronton can be used for "spying on the whole world". The BBC suggests that, most likely, the main targets of cyberattacks may be digital cameras.

The documents note that 95% of the botnet should consist of IP cameras and digital video recorders. Search server must find targets for hacking, which can be connected via a virtual private network or the Tor browser. Documentation also emphasizes that "the use of the Russian language and the connected Cyrillic alphabet is excluded". It is suggested to hack devices using a dictionary of typical passwords from the Internet of things devices.

In December 2018, Digital Revolution said that it hacked the server of the Kvant Scientific Research Institute, owned by the FSB, and found documents on the system of automatic monitoring of social networks for protest moods. In the summer of 2019, hackers said that they broke into the servers of the Moscow IT company Sitek, which carried out projects for Russian special services and agencies.

Hacker from Novovoronezh was convicted of a cyber attack on the library

A resident of Novovoronezh received a year of imprisonment for a cyber attack on the Kurgan Regional Universal Scientific Library. The crime was solved by employees of the FSB of the Voronezh region.

According to the Press Service of the Voronezh Prosecutor's Office, in February 2018, 24-year-old Mikhail Nazarov installed malicious software on his PC with which allowed him to destroy, block, modify or copy the information and to bypass its protection. The guy found the Internet resource of the Government of the Kurgan region, namely the Library and committed a series of cyber attacks. Why the young man chose this resource is not specified.

However, hacker came to the attention of the FSB, whose officers seized cyber attacks and detained the attacker. Law enforcement authorities opened a criminal case under the article “Creating, using and distributing malicious computer programs”. The maximum penalty under this article is 4 years of imprisonment.

The Court found the young man guilty and sentenced him to one year in prison conditionally. Nazarov received a shorter sentence since he admitted his guilt.

We will remind that earlier the Court of the Voronezh region has sentenced a 30-year-old local resident to one and a half years of imprisonment and 10 thousand roubles a fine for hacker attacks on State sites of Siberia and the Far East. Moreover, the hacker managed to hack the websites of commercial organizations. The man used the hacked services for personal mercenary purposes, including mining.

The Head of the FSB appealed for the creation of international rules on the Internet


The Head of the FSB of Russia Alexander Bortnikov stated the need to create international rules on the Internet. In particular, to make encrypted messages in mobile applications open to intelligence agencies.

If the international community can come to a consensus on this issue, the terrorists will actually lose the list of opportunities, such as propaganda, recruitment, financing, communication, management, said Bortnikov at an International Conference on Countering Terrorism on 18 April 2019 in St. Petersburg.

He noted that the use of cryptography in services for communication prevents the effective fight against terror. According to him, Russia has developed a concept for the creation of "the system of the deposit of encryption keys generated by mobile applications, which will be open for control” to solve this problem. Bortnikov proposed to the world community to realize this idea together and to provide intelligence agencies with legal access to important encrypted information of the terrorists.

In addition, Bortnikov noted that at the moment there are more than 10 thousand sites of existing international terrorist structures and thousands of accounts in social networks. The information is published in more than 40 languages, but the leading positions are occupied by Arabic, English and Russian languages.

Bortnikov added that the ability to hide data in IP-telephony and foreign e-mail servers leads to an increase in the spread of false reports of terrorist attacks, as well as the sale of weapons and explosives.

According to one of the amendments to the law on Autonomous RUnet (http://www.ehackingnews.com/2019/02/the-kremlin-told-about-hacker-attacks.html), IT-companies were obliged to use Russian cryptography for all traffic in the Russian segment. It is assumed that the Government will determine the issuance and use of codes and encryption.

In addition, in April 2018 Russia tried to block the Telegram messenger for refusing to provide the FSB with the encryption key of the negotiations of suspected terrorists (http://www.ehackingnews.com/2018/04/russian-court-orders-to-block-telegram.html).