The hacker has been sentenced for other computer crimes as well.
A Russian computer criminal has pleaded guilty to helping to perpetrate an ATM fraud scheme in hundreds of cities worldwide.
On 8 September, Roman Valerevich Seleznev, 32, submitted a guilty plea in connection with a hacking attack that targeted RBS Worldpay, a payment processing company.
The hack occurred back in November 2008 when Estonian national Sergei Tšurikov and more than a dozen other individuals gained unauthorized access to the computer network of a Worldpay office that then serviced the Royal Bank of Scotland Group PLC in Atlanta, Georgia. After breaking the encryption algorithm that the payment processing company used to protect customers’ data on payroll debit cards, the attackers got to work by making a withdrawal run at ATMs worldwide. The U.S. Attorney’s Office for the Northern District of Georgia provides additional details about this step:
“Once the encryption on the card processing system was compromised, the hacking ring raised the account limits on compromised accounts to amounts exceeding $1,000,000. The hackers then provided a network of cashers, equipped with 44 counterfeit payroll debit cards, withdrew more than $9 million from over 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The $9 million loss occurred within a span of less than 12 hours. In addition, the hacking crew obtained access to files containing 45.5 million pre-paid payroll and gift card numbers.”