RSA 2008 - Day Last: Underground Online Crime

RSA2008 Well, I'm sorry for the delay in posting, but I didn't get home until after 10:30PM on Friday night, but American Airlines did get me home and given the issues with the MD-80s recently, I'm just happy to have made it. Even got bumped to First Class which is always nice.

I had the chance to attend only 2 sessions before I had to jet off to SFO to catch my flight, but the sessions were pretty good ones and one's that I think just about any of your reading this would enjoy, or at least find somewhat interesting.

The Bad Guys

The first session I sat in on was titled "Organized Online Criminal Enterprises: Profile of Who, Where and How" given by Dmitri Alperovitch, a Director with Secure Computing Analysis. He really covered a lot of information and details as to who is actually committing the online identity theft, stealing credit card info ("carders"), etc. Typically as an IT security guy, I tend to focus on the HOW, not so much the WHO, like my friends in the FBI. Today, I learned how a 24-year old kid form the Ukraine named Dmitry Golubov (aka "Script") had setup a hugely operation known as, which had tons of forums and served as a fence for those looking to buy or sell stolen credit cards. Now this kid ended up getting caught, but after some local politicians took his side, saying how he was a "pawn of the system" or some crap, he was able to get off without conviction. Here's a post on an old Listserv that Script posted to advertise his work:


- My name is Script, I'm a founder of and i can provide you with excellent credit cards with cvv2 code and without it

Minimum deal is a USD $200.00.

- USD $200.00 - there are 300 credit cards without cvv2 code ( visa + mc ) - USA (included credit card number, exp. day. cardholder billing address,zip,state).

- USD $200.00 - there are 50cc with cvv2 code ( visa +mc) USA (included credit card number, exp. day. cardholder billing address & CVV code from the back side of the card).

Also i can provide cards with SSN+DOB. COST 40$ per one. Minimal deal 200$ - Also i can provide Europe credit cards, France,Germany +UK and many other contries around the globe. r

- All credit cards with good exp day and it's work also so good. I'm accept payments through Western Union, E-Gold, WebMoney,direct deposit,cash in bag.

Now here's the real kick in the pants.....this same kid is now running for office in the Ukraine, and if he gets elected, he becomes completely immune from any type of prosecution!! His platform is to "eliminate corruption from government". Nice, huh?

You can even check out the great whitepaper that Kaspersky Labs put together this year that shows some of this stuff in great detail. The picture below is from a site that sells botnets for hire.


We also learned about Roman Vega (aka "Boa" of Boa Factory infamy) who ran one of the biggest CC theft operations. We learned about Maxim Yastremsky (aka "Maksik") who is one of the guys involved in the whole TJX debacle. We even talked about the 3 guys, one of which was Younes Tsouli (aka "Irhabi 007") that used stolen identities and money to subsidize a terror cell for Al-Qaeda....proof that this isn't always about the's also about human life. Good reminder when we're burning cycles to do our jobs. Keep up the good work everyone...what you do matters.