Infraud Cybercrime Site: Dozens Arrested

Thirty-six people have been charged for their alleged involvement in running a cybercrime service responsible for more than $530m (£381m) of losses. The Infraud Organisation is said to have dealt in stolen credit cards and passwords and engaged in bank fraud and ID theft.
 
As of March 2017, its dark-web-based service's discussion forum is said to have had 10,901 registered members. 
The US Department of Justice said 13 of the suspects were now in custody. They include UK-based Anthony Nnamdi Okeakpu, who is alleged to have joined in December 2010 and have used the nickname "moneymafia".
 
Other defendants include Svyatoslav Bondarenko, a Ukranian accused of having created Infraud in October 2010.
Five apprehended defendants were based in the US while others came from France, Canada, Pakistan, Russia Egypt, Italy and Macedonia among other countries.
 
"As alleged in the indictment, Infraud operated like a business to facilitate cyber-fraud on a global scale," said acting assistant attorney general John Cronan of the Justice Department's Criminal Division.
"Its members allegedly caused more than $530m in actual losses to consumers, businesses, and financial institutions alike - and it is alleged that the losses they intended to cause amounted to more than $2.2bn."
 
Affected businesses were said to have included HSBC bank and PayPal.
 
The US authorities said they were now attempting to extradite eight of the suspects being held overseas.
 
Automated Sales
The indictment says that Infraud's administrators had aimed to run the "premier online destination for the purchase and sale of stolen property" and had used the slogan "In Fraud We Trust" to promote it.
Its activities are alleged to have included:
  • the sale and purchase of stolen dates of birth, addresses, passwords, social security numbers, payment card details and other personally identifying information
  • the ability to advertise other sites that featured automated stores for stolen property
  • the sharing and sale of malware
  • the provision of forums and chat rooms to discuss illegal activities
At one point in 2011, one of the accused is said to have indicated he had 795,000 UK logins to HSBC bank available for sale.
Two years later, another is alleged to have advertised 1,300 compromised PayPal account IDs. Other specific accusations include adverts for Visa, Mastercard and American Express credit card numbers. One member is said to have offered to fraudulently book flights, rental cars and seats at US concerts and sporting events at a fraction of their actual price.
 
Members are said to have given feedback ratings to each other to help maintain the quality of contraband sold via the service. Proceeds were said to have been laundered via digital currencies including Bitcoin and the defunct service Liberty Reserve.
 
In an effort to evade arrest, members are alleged to have avoided sharing their real identities with each other, and instead used nicknames including "Mae Tony", "Poony" and "Hulk".
 
"The criminals involved in such schemes may think they can escape detection by hiding behind their computer screens here and overseas," said Derek Benner, of Homeland Security Investigations.
"But as this case shows, cyber-space is not a refuge from justice."
 
BBC
 
You Might Also Read: 
 
Cybercrime: £130bn Stolen From Consumers In 2017:
 
British Banks Are Hiding Cyber Attacks:
 
 
 
 
« Business Cybersecurity Strategy
Cybersecurity Salaries 7% Up In 2018 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

Australian Information Security Association (AISA)

Australian Information Security Association (AISA)

AISA champions the development of a robust information security sector by building professional capacity and advancing the cyber security of the public, business and governments in Australia.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Qevlar AI

Qevlar AI

Qevlar AI empowers SOC teams, to eliminate redundant tasks and refocus on what truly matters - making the most of every employee within the SecOps team.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

NewEvol

NewEvol

Don’t React, Evolve! Outsmart threats with real-time AI-powered dynamic defense capability of NewEvol all-in-one cybersecurity platform.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

Reco AI

Reco AI

Reco is an identity-centric SaaS security solution that empowers organizations with full visibility into every app, identity, and their actions to control risk in their SaaS ecosystem.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.