On Tuesday, following a two-year investigation in which FBI agents posed as hackers on Internet forums, a massive hacker group was learnt to have been busted, and preventing more than $205 million in losses from 411,000 compromised credit and debit cards. 24 suspected hackers have been arrested in a sting operation spanning four continents. Eleven suspected hackers were arrested within US while the rest were arrested in countries spreading from U.K. to Japan.
Manhattan U.S. Attorney Preet Bharara said, “Clever computer criminals operating behind the supposed veil of the Internet are still subject to the long arm of the law.”
Out of the three arrested in the New York area, one person, Mir Islam is known online as “JoshTheGod.” Mir Islam was charged with the trafficking of at least 50,000 stolen credit card numbers. Islam had admitted to helping the new hacker outfit UgNazi, which claimed to have launched a cyberattack against Twitter last week.
Another arrested person, Joshua Hicks, known online as “OxideDox” was charged with device fraud in the criminal complaint that was unsealed on Tuesday. All 24 persons who have been arrested are 18-25 years old.
The FBI operation revolved around a “carding forum” secretly built in June 2010 by law enforcement officials. The forum was an online market for registered users to exchange stolen account numbers.
In a parallel process, the U.S. Federal Trade Commission filed a complaint against Wyndham Worldwide Corp and its subsidiaries, alleging that the hotel operator had failed to secure customer data. Due to the failure of WWC to protect data, hundreds of thousands of payment card credentials were stolen and sent to an Internet address registered in Russia. It also resulted in $10.6 million in fraudulent charges.
The carding forum floated by the FBI to catch stolen credit card details peddlers was named “Carder Profit” and was closed down in May.