The U.S. Justice Department announced one of its largest-ever takedowns of a global cyber crime ring on Wednesday, saying it had indicted 36 people accused of trafficking in stolen identities and causing more than $530 million in losses to consumers.
The cyber crime network, operating as an online discussion forum known as ‘Infraud’, ran a sophisticated scheme that facilitated the purchase and sale of Social Security numbers, birthdays and passwords that had been stolen from around the world, the department said.
The group worked under the slogan “In Fraud We Trust” and was created in 2010 by Svyatoslav Bondarenko, a 34-year-old Ukrainian, according to the indictment.
In launching it, the indictment alleges he referred to online forum as a comfortable and safe place to bring together professional people for who carding and hacking become a lifestyle.
He created a hierarchy within the organization, and vetted proposed advertising on the site for stolen wares. He also banned members from buying or selling stolen devices or other items that belonged to Russian victims, according to the indictment.
In addition to facilitating the sale of stolen information, the network also provided an escrow account people could use to launder their proceeds using digital currencies including bitcoin, Liberty Reserve, Perfect Money and WebMoney. That service was run by Sergey Medvedev, a cofounder of the Infraud site, according to the indictment.
Of the 36 people indicted, Justice Department officials said that 13 have been arrested in the United States, Australia, the United Kingdom, France, Italy, Kosovo and Serbia.
They face charges that include identity theft, bank fraud, wire fraud and money laundering.
The other defendants remain at large and the investigation is still ongoing, Deputy Assistant Attorney General David Rybicki told reporters on a conference call.
“Today marks a significant step in the battle against transnational cyber crime,” he said.
The indictment said that among the stolen items advertised were 795,000 HSBC bank logins, dozens of PayPal logins and credentials, and credit card numbers. Users could also use the site to advertise malware for sale.
In April 2016, the department alleges, Medvedev took over as the admin and owner of the site, after he posted on a note online saying that Bondarenko had gone missing.