An investigation coordinated by the U.S. Secret Service netted 28 people suspected of operating an international cybercrime clearinghouse. Authorities made 21 arrests in the United States; seven others were arrested in six different countries.
The suspects allegedly operated a sophisticated identity-theft marketplace that trafficked in counterfeit credit cards and false identification documents. The Secret Service said in a press release that financial institutions estimated their losses at more than $4.3 million from the theft of 1.7 million credit cards.
Hacking Yields Personal Data
The agency targeted a Web site, shadowcrew.com, hosted outside the United States, that acted as a kind of one-stop shop for stolen information and false documents. Much of the personal and financial information was stolen by hacking into computers.
The members, who were vetted in an attempt to keep out law enforcement, communicated through private forums and chat rooms, where they offered raw information or counterfeit documents for sale and posted hacking methods and other illicit information. Counterfeit Euros and passports were also found during one of the arrests.
About 4,000 users had access to the private sections of the site, which interacted with sites called Carderplanet and Darkprofits.
Brian Nagel, assistant director, Office of Investigations, U.S. Secret Services, told TechNewsWorld that the agency targeted a few users to begin with, but has two terabytes of information to sort through and will be making arrests for months to come.
“We feel very confident that the ones we targeted were the most serious players in this organization,” Nagel said. “We had to limit the number we were going after, but there are also more players of equal standing that we are [still] going to go after.”
The Secret Service used wiretaps, an undercover informant and their own hackers to gain access to the private portions of the site.
Warning to Cyberthieves
The Secret Service has taken over the shadowcrew Web site. The home page now bears the banner of the Secret Service and reads “Several arrests have recently been made … with many more to follow…. You Are No Longer Anonymous!! [T]he secret service is investigating your criminal activity. Contact your local United States Secret Service field office … before we contact you!!” The “Mission:Impossible” theme song now plays in the background on the site.
“Operation Firewall,” as the probe was called, began in July 2003 with a look into “access device fraud.” An access device can be anything from credit cards and their account numbers to debit cards and their personal identification numbers (PINs), ATM cards and their PINs, computer passwords, long-distance access codes, and the computer chips in cellular phones that assign billing — in other words, anything that leads to the access of financial information.
Working Together
The U.K. National Hi-Tech Crimes Unit, the Royal Canadian Mounted Police and Europol were among the agencies in on the investigation. American Express, Discover, Mastercard and Visa were also involved.
Nagel stressed that cooperation among the agencies and credit card companies was key. About 90 percent of the arrests were made within an hour of each other to prevent the word from spreading and giving suspects time to encrypt or destroy information.