Federal authorities said the “highly sophisticated international hacking ring” compromised RBS WorldPay’s computers' data encryption system, which was supposed to protect information connected to payroll debit cards that companies use to pay employees via ATM withdrawals.
Hackers allegedly raised the account limit and provided “cashers” with 44 counterfeit payroll debit cards that they used to withdraw more than $9 million in just 12 hours. The money was withdrawn from more than 2,100 ATMs in 280 cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada.
The “cashers” kept 30 to 50 percent of what they withdrew and sent the rest to the Eastern Eurpeans via WebMoney accounts and Western Union, federal authorities said. Pleshchuk and Tsurikov allegedly could monitor the money movement as it was happening.
And once all the withdrawals were made, prosecutors said, the hackers then tried to hide evidence of their work by destroying data stored on the card-processing network.
The indictment says Tsurikov also gave the fraudulently obtained debit card account numbers and the personal identification numbers to Grudijev. Grudijev in turn gave the information to the others in the ring and they withdrew about $289,000 from ATMs in Tallinn. Charges are also pending in Estonia.
If convicted in the United States, some of the suspects could be sentenced to as much as 20 years in prison.
“Through the diligent efforts of the victim company and multiple law enforcement agencies within the United States and around the world, the leaders of a technically advanced computer hacking group were identified and indicted in Atlanta, sending a clear message to cyber criminals across the globe,” said Gregory Jones, the FBI special agent in charge in Atlanta.