Latest in Hack

Image credit:

Russian hacker behind massive data breach pleads guilty

Mariella Moon, @mariella_moon
September 15, 2015
Share
Tweet
Share

Sponsored Links

Vladimir Drinkman has pled guilty and admitted his involvement in what the Justice Department calls "the largest such scheme ever prosecuted in the United States." He and the four other defendants in the case are accused of breaking into corporate computers -- including those owned by NASDAQ, 7-Eleven, JCP, JetBlue, Dow Jones, Visa Jordan, Diners Singapore and Ingenicard -- and stealing over 160 million credit card numbers from as far back as 2003. The hack ultimately caused losses amounting to $300 million, not including the damage caused to people whose identities have been stolen. Drinkman was caught during a trip to Amsterdam in 2012 and was sent to the United States to stand trial. He originally pled not guilty earlier this year but has obviously changed his tune in front of Chief Judge Jerome Simandle in a New Jersey district court.

According to the Department of Justice, the hacker group would monitor the victims' computer systems for months and then use the SQL database vulnerabilities they spot to infiltrate their networks. In most cases, they'd even leave a back door open in case they need to get into the network again later on. They would then use the security hole to slip in "sniffers," malware that collect and pilfer customer data, such as SS numbers and other identifying info in addition to credit card details, from the computers. Finally, they'd save those details to computers around the globe and then sell them to shady online entrepreneurs who then sell them on forums, in turn.

Drinkman and his colleagues were reportedly very careful and talked through encrypted channels to avoid detection during the course of the hacks, even using security software to add a layer of protection. They also altered the victims' network settings to prevent the computers from logging their actions. Those measures obviously failed Drinkman, though, and he now faces up to 30 years in prison. He might get a lesser term for pleading guilty, but we won't know for sure until he's sentenced on January 15th, 2016.

[Image credit: AFP/Getty Images]

In this article: hack, law, security
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

LG's rollable OLED TV goes on sale for $87,000

LG's rollable OLED TV goes on sale for $87,000

View
AOC's 'Among Us' Twitch stream peaked at over 435,000 viewers

AOC's 'Among Us' Twitch stream peaked at over 435,000 viewers

View
GMC's 1000HP Hummer EV is an 'all-electric supertruck'

GMC's 1000HP Hummer EV is an 'all-electric supertruck'

View
Cyberpunk 2077's dialogue was lip-synced by AI

Cyberpunk 2077's dialogue was lip-synced by AI

View
iPhone 12 and 12 Pro review: Apple enters the 5G era

iPhone 12 and 12 Pro review: Apple enters the 5G era

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr