http://www.wired.com/news/technology/0,72605-0.html By Kim Zetter Jan, 31, 2007 Dmitry Ivanovich Golubov, a 22-year-old Ukrainian who went by the nickname "Script," was considered one of the godfathers of Eastern European carding rings. As one of the leaders of CarderPlanet, authorities say Golubov facilitated the theft and international trading of millions of credit and debit card numbers that resulted in multimillion-dollar losses to banks and merchants over several years. So when Ukrainian police finally nabbed Golubov [1] in the summer of 2005 it was a coup, representing the culmination of dogged investigative work by U.S. Postal Inspector Greg Crabb and other law enforcement officials in the United States. "Golubov was such a high-profile target," Crabb told Wired News. "The Secret Service, FBI and myself were working Golubov in different districts over the United States trying to get some inroads into where he was coming from." But achieving the arrest wasn't easy. While U.S. authorities collared numerous small-time crooks in the United States who used the stolen card numbers that Golubov's ring distributed, efforts to nab Golubov himself proved futile for three years, due to indifference from Ukrainian authorities. Crabb says he made three trips to Ukraine to plead his case, but got little response. Then the Orange Revolution swept the country in late 2004 and suddenly "the Ministry of Interior was willing to listen to our concerns about Golubov," Crabb says. In mid-July 2005, Crabb flew to meet with ministry officials, "and two weeks later (we) went out and popped (Golubov)." But Golubov didn't remain in jail for long. About six months after his arrest, two Ukrainian politicians convinced a judge to release him on bond. Prosecutors are still moving forward with the case, but Crabb suspects Golubov could flee before trial. "When you can call in some favors and get some politician in the Ukraine (to) vouch for your upstandedness, there's not much the U.S. can do after that," Crabb says. "We're just (hoping) that the legal system in the Ukraine delivers what we hope." It's one of the enduring frustrations of chasing carders overseas: In addition to the difficulties inherent in trying to ferret out the real person behind an online criminal's nickname, countries where cybercrime thrives, such as in Eastern Europe and Asia, often lack sufficient laws, budgets, skills and even the will to pursue such criminals. The FBI has established liaison agents in dozens of U.S. embassies around the world to help facilitate cooperation with foreign crime-fighting agencies. But sometimes the obstacle is foreign law-enforcement agents themselves. Crabb says the criminal cohorts of one top carder he tracked turned out to be Ukrainian law-enforcement agents, among them a former captain of the Ukrainian state service in Kiev. "It's a different world in the Ukraine," Crabb says. "Corruption is a problem." At times, it's easier to avoid local obstacles altogether, such as with the arrest of a 28-year-old Ukrainian who was nabbed in a Bangkok ice cream parlor in 2003 while on vacation with his wife. Crabb spent a year intercepting more than 20,000 e-mail messages the suspect exchanged with cohorts and waited for the suspect to leave his native soil. Arresting a suspect is only half the battle, however. Then come extradition proceedings and cyberforensic trails. "The volume of (forensic) evidence that exists in these cases is obscene," Crabb says. "They take forever to introduce all this evidence in court." In the cat-and-mouse game of tracking carders, the U.S. Postal Inspection Service might seem like an odd player, since financial crimes generally fall within the purview of the Secret Service and FBI. But the USPIS often becomes involved if the crime includes mail fraud -- such as shipping stolen goods or credit cards through the mail or FedEx or changing the billing address of a victim's financial account. Crabb focuses on tracking and arresting Eastern Europeans because they're "much more organized and malicious" than U.S. carders who, more often than not, simply work as cashers for the Russians. "You can take (the cashers) out any day of the week," Crabb says, "but you're not going to stop the problem if you don't take out the operations where the card data is getting compromised, and that's primarily out of Eastern Europe." The highest-profile carder he tracked, however, was an American named Douglas Havard, who went by the nick "Fargo" and who fled drug-selling charges in Texas before settling in the United Kingdom. There he ran a lucrative cashing operation for a legendary Russian carder called "King Arthur" with a Scottish accomplice. Crabb became involved in the case after a casher for Havard was arrested in Texas while trying to board a plane carrying thousands of dollars in $20 bills. "I called Department of Justice because I knew Secret Service and FBI had investigations into King Arthur," Crabb says. "We worked (the Texas suspect) to get back to Fargo, and we worked with the National Hi-Tech Crime Unit in the U.K. to take out Fargo." King Arthur, however, eluded them. Crabb says that after several years chasing these crimes, authorities are much more attuned to what the criminals are doing today and have been greatly aided by increasing cooperation among businesses and law enforcement agencies. But that isn't always enough. Sometimes, he says, the criminals "are just smarter than us." [1] http://mosnews.com/news/2005/07/21/ukronlinefraud.shtml _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Feb 01 2007 - 03:57:59 PST