[ISN] In Gonzalez Hacking Case, a High-Stakes Fight Over a Ukrainian’s Laptop

From: InfoSec News <alerts_at_private>
Date: Fri, 21 Aug 2009 04:32:17 -0500 (CDT)
http://www.wired.com/threatlevel/2009/08/gonzalez-evidence/

By Kim Zetter
Threat Level
Wired.com
August 20, 2009

When Turkish police arrested Maksym "Maksik" Yastremskiy - a Ukrainian 
wholesaler of stolen identity data - in July 2007, they didn't just 
collar one of the most-wanted cybercriminals in the world. They also got 
a trove of evidence about Yastremskiy's buyers and suppliers, all locked 
in an encrypted vault on his laptop computer.

Now federal prosecutors are hoping to introduce a copy of Yastremskiy's 
files in its case against accused hacker Albert "Segvec" Gonzalez. Chat 
logs and other information on the disk allegedly show that Gonzalez was 
Yastremskiy's major supplier of credit and debit card numbers.

But Gonzalez's attorney is fighting to keep the data, and similar 
information seized from a server in Latvia, far away from the New York 
court room where Gonzalez is scheduled to stand trial next month on the 
first of three federal indictments. The argument unfolding over the 
disks illustrates the challenges and controversies of using electronic 
evidence gathered in foreign jurisdictions, and sheds more light on the 
unusual methods used to investigate what authorities have called the 
largest identity theft case in U.S. history.

Gonzalez and his co-conspirators staged high-profile breaches at TJX, 
Heartland Payment Systems, Dave & Buster's and other retailers and 
payment processors.

One notable revelation in the government's own filings (.pdf) is that 
Yastremskiy's arrest did not mark the first time the Secret Service 
gained access to his computer files. On June 14, 2006 the Secret Service 
worked with local authorities to conduct a "sneak-and-peek" search of 
Yastremskiy's laptop while he was traveling through Dubai, in the United 
Arab Emirates. The agency secretly obtained a copy of the man’s hard 
drive in the search.

[...]


________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org
Received on Fri Aug 21 2009 - 02:32:17 PDT

This archive was generated by hypermail 2.2.0 : Fri Aug 21 2009 - 02:44:42 PDT