Russia arrests WorldPay hackers after FBI plea
Feared FSB nabs three men
By John E Dunn | Techworld | Published: 11:27, 22 March 2010
Three men accused of being involved an audacious attack on US ATM machines in 2008 have been arrested by the feared Russian Security Service (FSB) in an event that is being interpreted as marking a sea change in Russian policy towards cybercrime.
The Financial Times reports that the FSB arrested the alleged Russian mastermind of the attack, Viktor Pleshchuk, and two alleged accomplices, Sergei Tsurikov and Oleg Covelin, all believed by the FBI to be involved in the high-profile $9 million (£6 million) raid on a US-based ATM system run by RBS WorldPay, a subsidiary of the Royal Bank of Scotland.
The attack is said to have allowed the attackers to use cloned payroll cards to steal the money from 2,100 cash machines across the US in a 12-hour period in November 2008 after the gang cracked the encryption used to protect cards from tampering.
Related Articles on Techworld
The immediate fate of the men is unclear but the most likely course of action for the authorities is that they will be tried in Russia. If found guilty, the lack of an extradition treaty between the US and Russia means none will face jail time in the US.
The attack was one of the largest hacks of a payment processor in the US that year and came, ironically, only months after the same provider announced it had fixed a cross-site scripting flaw on its website that could have allowed attackers to steal logins from users of its online site.
The involvement of the FSB might not sound significant, but the FSB is not entirely like its nearest US equivalent, the FBI, or in the UK, Scotland Yard. Better know to people in the West under its Cold War moniker, the KGB (and before that as the NKVD), the FSB is still seen as a powerful agent of Russian state power and - the allegation has been made - above the law.
What is less clear is why the FSB acted in this instance after years of inertia in the face of Russian cybercrime, how the FBI and FSB communicated with one another, nor why the FSB was involved at all. A more conventional route would have been to involve the Russian Ministry of Internal Affairs (MVD).
