Man gets 50 months in prison hacking U.S.-based financial institutions
Qendrim Dobruna, a member of an international cybercrime syndicate, was sentenced to 50 months’ imprisonment and restitution in the amount of $14 million for his role in hacking into the computer systems of U.S.-based financial institutions, stealing prepaid debit card data, and eliminating withdrawal limits.
The stolen card data was then disseminated worldwide and used in making fraudulent ATM withdrawals in excess of $14 million in a single weekend.
“The defendants and his co-conspirators participated in a massive 21st century heist that stretched around the globe. Using sophisticated methods, the organization reached into the computer systems of American-based corporations and transmitted illegally obtained private financial information to confederates in 18 different countries who stole millions of dollars from hundreds of ATMs in a matter of hours,” stated Acting United States Attorney Currie.
“This operation demonstrates that combining international law enforcement resources sends a strong message to criminals, that there is no such thing as anonymity in the cyber world. Secret Service agents utilize state-of-the-art investigative techniques to identify and pursue cyber criminals around the world. The adverse impact this individual and other transnational organized criminal groups have on our nation’s financial infrastructure is significant and should not be underestimated,” said Secret Service Special Agent in Charge Robert J. Sica.”
Between approximately February 27, 2011 and March 1, 2011, the defendant and his co-conspirators conducted an “Unlimited Operation,” which begins when the cybercrime organization hacks into the computer systems of a credit card processor, compromises prepaid debit card accounts, and essentially eliminates the withdrawal limits and account balances of those accounts. The elimination of withdrawal limits enables the hackers and their co-conspirators to withdraw unlimited amounts of cash until the operation is shut down.
Next, the cybercrime organization cashes in, by distributing the hacked prepaid debit card numbers to trusted associates around the world, who then immediately withdraw cash from ATMs across the globe. At the end of an operation, when the cards are finally shut down, the casher cells launder the proceeds – often investing the operation’s proceeds in luxury goods – and kick back money to the cybercrime organization’s leaders. On February 27, 2011, hackers targeted a credit card processor that processed transactions for prepaid debit cards issued by the American Red Cross for disaster relief victims.
After the hackers penetrated the credit card processor’s computer network, compromised the American Red Cross prepaid card accounts, and manipulated the balances and withdrawal limits, casher cells across the globe operated a coordinated ATM withdrawal campaign. In total, more than 15,000 ATM transactions were conducted in approximately 18 countries around the world using 21 compromised American Red Cross disaster relief prepaid cards, resulting in approximately $14 million in losses to the credit card processor and the American Red Cross.
The defendant, from his apartment in Stuttgart, Germany, participated in the cyber-attack by obtaining account information from the co-conspirators who directly hacked into the U.S.-based financial institution’s database and selling that account information to other co-conspirators over the Internet, including to an individual in Brooklyn, New York.