Saturday, January 17, 2009

T.J. Maxx Hacker Sentenced to 30 Years in Prison - - 9 Jan 09

The Ukrainian hacker that participated in what many consider to be the biggest identity theft scam of all times has been sentenced to 30 years in prison, in Turkey. Despite causing losses of millions of dollars worldwide, he went to trial and was arrested for hacking several Turkish banks.

Maksym Yastremskiy, aka “Maksik,” is a 25-years old hacker, born in Ukraine. He has been specializing in selling credit cards and other financial information on the black market. Authorities estimate that his illegal activities during the years have resulted in millions of dollars being lost to fraud.

Maksik was also part of the gang who hacked into the wi-fi networks of several major U.S. retail chains. Eleven persons, of multiple nationalities, have been charged for conspiring to the attack that compromised over 40 million credit and debit cards. The hackers exploited weaknesses in the WEP technology, used by the stores to encrypt electronic payment data transmitted over their wireless network.

The identity thieves instrumented drive-by attacks, and successfully penetrated into the networks of OfficeMax, Barnes & Noble, Boston Market, Sports Authority, Forever 21, DSW, BJ’s Wholesale Club, T.J. Maxx, and Marshall’s. The sniffed credit card information was then sold on the underground market. A few months ago, a network administrator from New York was also charged for assisting the gang of hackers and providing some of the tools they had used.

Yastremskiy was arrested by local authorities back in July 2007, while partying in a night club in Kemer, Turkey. However, he wasn't charged for the incident in the U.S., but for hacking into several local Turkish banks. “Thirty years is, of course, a very severe prison sentence for anyone to receive, and one that should give some people reason to reflect,” Graham Cluley, senior technology consultant for Sophos points out.

The security researcher issues a warning to anyone involved in cyber-crime, outlining the risks of engaging in such activities. “Stop now. The rewards for cyber-crime can sometimes be large, but you are at risk of ruining the rest of your life – and causing years of misery for your family and friends,” he writes. “You may think your chances of being caught are small, but there are more and more convictions happening all the time, and the authorities are getting better than ever at co-operating at an international level,” he adds.

By Lucian Constantin

No comments: