FBI: Fraud Scheme Hit 2 U.S. Banks

Citi, PNC, as Well as NASDAQ, Were Victims
FBI: Fraud Scheme Hit 2 U.S. Banks

In addition to last week's indictments issued by the U.S. Attorney in New Jersey for a fraud scheme that compromised more than 160 million payment cards, a related indictment accuses two Russians of network attacks that targeted NASDAQ, Citibank and PNC Bank to compromise data, accounts and payment cards. Some 800,000 bank accounts were affected, authorities say.

See Also: Gartner Market Guide for DFIR Retainer Services

Aleksandr Kalinin, one of the defendants in this second indictment issued by the Manhattan U.S. Attorney for the Southern District of New York, also is charged with hacking NASDAQ. The New York indictments stemmed from an FBI investigation.

Kalinin also was among those indicted in New Jersey as part of an international card fraud scheme investigated by the Secret Service that involved compromised card data from numerous global companies, including payments processors Global Payments Inc. and Heartland Payment Systems and others (see Card Fraud Scheme: The Breached Victims).

According to the Manhattan indictment, from November 2008 through October 2010, Kalinin allegedly hacked computer servers used by NASDAQ to conduct business operations. During the attack, Kalinin is believed to have installed malware on certain NASDAQ servers that allowed him and others to steal, delete and change data.

The infected servers did not include the trading platform used by NASDAQ customers to buy and sell securities, authorities say.

"As today's allegations make clear, cyber-criminals are determined to prey not only on individual bank accounts, but on the financial system itself," said Manhattan U.S. Attorney Preet Bharara.

Bank Attacks

The Manhattan indictment also names another Russian, Nikolay Nasenkov, who allegedly played a role in the attacks against Citi and PNC.

According to the FBI investigation, Nasenkov, along with Kalinin, allegedly stole bank account details from Citi and PNC after hacking network computers and then stole millions of dollars from thousands of individual accounts.

In addition to bank account numbers, authorities claim the two defendants also intercepted customer identification numbers embossed on the front of ATM/debit cards, card verification values and PINs. With that information, Nasenkov and Kalinin, along with co-conspirators, allegedly created so-called white cards that were then used to fraudulently withdraw funds from compromised accounts at ATMs in the United States, Estonia, Canada, the United Kingdom, Russia and Turkey.

In January 2006, PINs for hundreds of PNC accounts were compromised through an attack against PNC's online banking website, according to the indictment. Nasenkov allegedly then supplied that stolen account information, including PINs, to co-conspirators who used the stolen information to encode blank ATM cards and withdraw approximately $1.3 million from victims' accounts.

Federal authorities claim that in 2007, Kalinin attacked a computer network that processed ATM transactions for Citibank and other financial institutions. The malware used in the attack allegedly recorded data as it passed over the network and exported it to an outside computer.

With the malware, Kalinin allegedly stole bank account information for about 500,000 bank accounts, including about 100,000 Citibank accounts. The stolen account information is believed to have been used to create white cards that were used to fraudulently withdraw approximately $2.9 million from compromised Citi customer accounts.

Then, in 2008, Nasenkov is accused of attacking Citi's online banking site - an attack that allegedly resulted in the theft of account information for more than 300,000 accounts. That stolen account information is believed to have been used to create white cards that were used to fraudulently withdraw approximately $3.6 million from Citi's compromised accounts.

As part of the investigation conducted by the FBI, Kalinin has been charged with one count of computer hacking in connection with the NASDAQ hack, which carries a maximum sentence of 10 years.

For the bank schemes, both Kalinin and Nasenkov face multiple charges, including conspiracy to commit bank fraud, bank fraud, conspiracy to commit access device fraud, aggravated identity theft and conspiracy to commit computer intrusion.

Nasenkov also faces additional charges for conspiracy to commit money laundering and computer intrusion to further fraud.

If convicted on all charges, Kalinin and Nasenkov face maximum prison terms that could exceed 100 years.


About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.