A Russian hacker has pleaded guilty to taking part in a huge data breach programme that resulted in the theft of 160 million credit card details from US businesses.
Vladimir Drinkman was part of a team of five hackers that caused financial losses in the region of $300 million.
Using SQL injections to infiltrate company networks, attackers deployed malware to create backdoor openings that allowed continued access to sensitive data. This enabled them to acquire sensitive financial information that could then be sold via online forums. On average, each piece of US credit card data was sold for approximately $10, with European data priced at $50.
It is claimed that Mr Drinkman was joined in his efforts by Alexandr Kalinin, Roman Kotov, Mikhail Rytikov and Dmitriy Smilianets. Each member had their own area of expertise, with Drinkman focusing on network penetration and mining the data itself. He was arrested in the Netherlands back in 2012 and extradited to the US in 2015. Sentencing is expected to occur in January next year.
Following Mr Drinkman’s admission of guilt, US Attorney Paul J. Fishman of the District of New Jersey said that cyberattacks have the potential to cause widespread damage and must be curtailed.
“Defendants like Vladimir Drinkman, who have the skills to break into our computer networks and the inclination to do so, pose a cutting edge threat to our economic well-being, our privacy and our national security,” he said. “The crimes to which he admitted his guilt have a real, practical cost to our privacy and our pocketbooks. Today’s guilty plea is a tribute to the skill and perseverance of the agents and prosecutors who brought him to justice.”