“Stand in the place where you live, now face north, think about direction, wonder why you haven’t before” (Stand by REM)
(Credits: Eternal Remont)
Russia Issues International Travel Advisory to Its Hackers
By Kevin Poulsen
For roughly two decades Russia has been something of a safe haven for professional spammers, hackers, phishers and fraudsters hitting the U.S with cyber scams. Now the Russian government has some advice for its cyber criminal class, and any other citizens who might be wanted by U.S. law enforcement: Don’t leave home.
Yesterday, Russia’s Foreign Ministry issued a public notice advising “citizens to refrain from traveling abroad, especially to countries that have signed agreements with the U.S. on mutual extradition, if there is reasonable suspicion that U.S. law enforcement agencies” have a case pending against them.
“Practice shows that the trials of those who were actually kidnapped and taken to the United States are biased, based on shaky evidence” and are slanted against the Russians, the notice warns.
The notice was triggered in part by the June arrest of alleged Russian hacker Aleksander Panin, who’s charged in the U.S. with a $5 million online banking caper. Panin was picked up in the Dominican Republic on an Interpol Red Notice and shipped off to the U.S. in July. Russia said at the time the extradition was “vicious”, “inappropriate” and “unacceptable.”
Another Russian national, Maxim Chuhareva, was arrested in Costa Rica earlier this year as part of the Secret Service’s crackdown on Liberty Reserve. Chuhareva allegedly designed and maintain the infrastructure of the online payment system, which was used extensively by the carding underground for illicit transactions.
Other cases cited in yesterday’s notice involve drug trafficking and international smuggling of U.S.-made night vision goggles. Defendants have received up to 25 years in prison.
At the root of the controversy is the fact that Moscow doesn’t have an extradition treaty with Washington, but it does have a lot of transnational crime. Since Russia emerged as the wellspring of for-profit computer intrusion in the late 1990s, U.S. law enforcement has had little success getting them prosecuted locally. So it’s tried novel methods to gets its hands on the suspects. In one case, in 2000, the FBI arrested two Russian hackers by setting up a fake technology company called Invita and inviting the cyber crooks to Seattle for a job interview. FBI agents posed as managers at Invita, and at the conclusion of the interview the Russians were arrested.
The Invita sting is the kind of thing that only works once. These days, the U.S. secures an indictment or criminal complaint against a suspect, often under seal, and waits for him to travel to a country that extradites to America. That’s what happened in July, when Vladimir Drinkman of Syktyvkar, Russia, was arrested during a trip to the Netherlands on a U.S. warrant dating to 2009. Drinkman was one of America’s most wanted alleged hackers, tied to Albert Gonzalez and the theft of 160 million credit card numbers from payment processors and retailers like T.J. Maxx. Secure in Russia, he allegedly continued his crime spree well after Gonzalez was sentenced to a harsh 20 years in prison.
Drinkman’s alleged partner, Aleksandr Kalinin of St. Petersberg, did not go on the Netherlands trip, and remains at large. So does Roman Kotov of Moscow, another suspect in the case. Twenty-seven-year-old Alexander Bobnev of Valgograd has been wanted by the FBI in New York since 2007 for allegedly compromising online banking and brokerage accounts in a money mule caper. Roman Zolotarev is wanted in Las Vegas as the lead defendant in Operation Open Market; according to court records, he ran the online crime forum Carder.su that was exposed by a Secret Service undercover investigation.
And the list goes on. The question now is, how many of Russia’s suspected hackers will pay heed to their government’s travel notice? And is cybercrime so lucrative that it’s worth spending the rest of your life in Russia?